IT Security News Daily Summary 2024-08-19

cropped-itsecuritynews.png

  • SOCI Act 2024: Thales report reveals breaches of critical infrastructure in Australia
  • Data Detection and Response (DDR) Guide

  • According to Microsoft, the Windows BitLocker recovery bug has been fixed

  • Announcing New EDR Capabilities for Webroot Endpoint Protection

  • CISA Adds Jenkins Command Line Interface (CLI) Bug to Its Catalog of Known Exploited Vulnerabilities

  • OpenAI removes Iranian accounts using ChatGPT to write disinformation about US elections

  • test

  • Your Android phone is getting an anti-theft upgrade, thanks to AI. Here’s how it works

  • Too Many Cloud Security Tools? Time to Consolidate

  • MSPs: The Cisco Meraki Approach to Addressing MDU Deployments

  • California Court: Try a Privacy Act, Not Online Censorship

  • NO FORGERIES – A lawyer’s dream, everyone else’s nightmare

  • Multiple bugs in Microsoft macOS apps not patched despite potential risks

  • Extortion group abuses cloud configurations, targets 110,000 domains

  • Mike Lynch and five others missing after yacht sinks off Sicily

  • SAFECOM and NCSWIC Develop Global Positioning System (GPS) for Public Safety Location Services: Use Cases and Best Practices

  • Citizen Service Number Data Breach: What You Need to Know

  • Researchers have discovered new infrastructure linked to the cybercrime group FIN7

  • ‘The War for Port 80’ by Daniel Stori

  • Here’s What Businesses Can Learn From SEC’s $2 Million Ransomware Attack Settlement

  • Zero-Trust Security: The Critical Role of Trust and Human Integrity

  • Stolen, blocked debit cards can be used with digital wallet apps

  • Understanding Secrets Management on Amazon EKS for Regulated Institutions

  • CISA Warns of Active Exploitation of Vulnerability in SolarWinds Web Help Desk

  • FlightAware warns that some customers’ data has been ‘exposed’, including social security numbers

  • Vulnerability overview for the week of August 12, 2024

  • How We Transformed Akamai from a CDN to a Cloud and Security Company

  • AWS cyberattack exposes over 230 million unique cloud environments

  • Lessons Learned from the CrowdStrike Outage: Questions to Ask Vendors

  • National Public Data publishes its own passwords

  • Windows Zero-Day Attack Linked to North Korea’s Lazarus APT

  • FBI, CISA assure public of election ransomware protection

  • $4,998 Bounty Awarded and 100,000 WordPress Sites Protected from Unauthenticated Remote Code Execution Vulnerability in GiveWP WordPress Plugin

  • Data Security Solution for US Federal Customers

  • Hacked GPS tracker exposes customer location data

  • Dodging the Cyber ​​Bullet: Early Signs of a Ransomware Attack

  • Cyber ​​​​Stressed! Top 3 MSP Cybersecurity Challenges (And How to Solve Them)

  • Heimdal and ViroSafe collaborate to strengthen cybersecurity in Scandinavia

  • Mandatory MFA is coming to Microsoft Azure

  • USENIX Security ’23 – Cipherfix: Reducing Ciphertext Side-Channel Attacks in Software

  • The Rise of Manual Techniques in Ransomware Attacks: A Growing Threat

  • New Xeon Sender Tool Enables Large-Scale SMS Spam Attacks

  • “WireServing” Up Credentials: Escalating Privileges in Azure Kubernetes Services

  • AI SPERA and Hackers Central Partner to Expand the Mexican Security Market with ‘Criminal IP ASM’

  • If your BSN has been leaked online, you must freeze your credit: this is how you do it

  • Cyber ​​insurance claims fall as companies refuse to pay ransoms and recover

  • National public data says breach affects 1.3 million people

  • Massive data breach exposes citizen service numbers of 2.9 billion people

  • Major FlightAware data breach exposes pilot and user information

  • Eigen proactively detects and saves data changes in Salesforce

  • Appian helps organizations prepare for current and future AI regulations

  • Microsoft apps for macOS exposed to library injection attacks

  • Announcing AWS KMS Elliptic Curve Diffie-Hellman (ECDH) Support

  • Lazarus Hacker Group Abuses Microsoft Windows Zero-Day

  • Getting to know Katrin Bauer

  • Azure Domains and Google abused to spread disinformation and malware

  • EFF and partners to EU Commissioner: Prioritize user rights, avoid politicized enforcement of DSA rules

  • National public data tells officials ‘only’ 1.3 million people affected by burglary

  • Cybercriminals are abusing popular software searches to spread FakeBat malware

  • New UULoader malware spreads Gh0st RAT and Mimikatz in East Asia

  • API Security: The Cornerstone of AI and LLM Protection

  • Internal and external threat intelligence

  • Crypto firm says hacker locked all employees out of Google products for four days

  • Mad Liberator Gang Uses Fake Windows Update Screen to Hide Data Theft

  • Hack at Oregon Zoo Ticketing Service Affects 118,000

  • How to Automate the Hardest Parts of Employee Offboarding

  • Microsoft Users Rush to Patch Zero-Click TCP/IP RCE Vulnerability

  • Ransomware resilience reduces cyber insurance claims

  • Linux Kernel Vulnerability Lets Attackers Bypass CPU, Gain Read/Write Access

  • Irreversible Microsoft Entra ID authentication bypass poses threat to hybrid IDs

  • The Essential Guide to Evaluating Competitive Identity Verification Solutions

  • Xeon Sender Tool leverages cloud APIs for large-scale SMS phishing attacks

  • How can you check if your BSN has been leaked on the dark web after the NPD breach?

  • OpenAI disables accounts used by Iranian election influence group

  • Court limits injunction on California social media law

  • Millennials’ sense of privacy is uniquely tested in romantic relationships

  • Supply Chain Security Policy

  • CyberGhost vs ExpressVPN (2024): Which VPN is Better?

  • Pentagon plans drone ‘hell’ to defend Taiwan

  • Experts warn of exploit attempt for Ivanti vTM bug

  • BlindEagle flies high in Latin America

  • Industry Movements for the Week of August 19, 2024 – SecurityWeek

  • 100,000 affected by data breach at Jewish Home Lifecare

  • Combining Continuous Pentesting with Attack Surface Management

  • How Multiple Vulnerabilities in Microsoft Apps for macOS Pave the Way for Permission Stealing

  • Tracki – 372,557 hacked accounts

  • Thousands of Oracle NetSuite ecommerce sites expose sensitive customer data

  • Update: Windows Zero-Day vulnerability exploited by Lazarus APT with North Korea links

  • Cybersecurity News: Entra Enforces MFA, New AnyDesk Heist, Google Pixel Vulnerability

  • TikTok says US data not linked to China

  • Texas Instruments Receives $1.6 Billion in Chip Financing from US Government

  • Duke of Sussex speaks out against online misinformation

  • Shares in EV maker Ola rise after motorcycle launch

  • Microsoft Zero-Day CVE-2024-38193 was exploited by Lazarus APT, a virus linked to North Korea

  • Rewrite Hysteria: Increasing Abuse of URL Rewriting in Phishing

  • Mandatory MFA for Azure logins is coming

  • NCSC opens Cyber ​​Resilience Audit Scheme to applicants

  • Improving internal controls: correlation, mapping and risk mitigation

  • 10 Authentication Trends in 2024 and Beyond

  • Fast Forward or Free Fall? Navigating the Rise of AI in Cybersecurity

  • Group-IB Partners with SecurityHQ to Enhance SOC Capabilities

  • AMD has patched the recently disclosed SinkClose CPU vulnerability

  • ProtonVPN Opens Browser Extension Feature to Free Users

  • A Week in Safety (August 12 – August 18)

  • Unicoin Staff Locked Out of G-Suite in Mysterious Attack

  • OpenAI Takes Action Against Iranian Disinformation Campaigns Using ChatGPT: Cyber ​​Security Today for Monday, August 19, 2024

  • Epic Games’ Fortnite returns to smartphones after four years

  • Explore Talent (August 2024) – 8,929,384 hacked accounts

  • The Inefficiency of People Search Removal Tools, a Massive Data Breach Affecting US Citizens

  • Microsoft patches zero-day vulnerability exploited by North Korean Lazarus Group

  • Do you like Donuts? Here’s a Donut Shellcode Provided Via PowerShell/Python, (Mon, 19 Aug)

  • National public data leaks social security numbers of about 2.7 billion people

  • Countries with the highest salaries for cybersecurity experts

  • Researchers have found a new technique to defend against cache-side channel attacks

  • Ransomware Gangs Introduce New EDR Killing Tool

  • National Public Records Admits Leaking Millions of Social Security Numbers

  • Researchers Discover New Infrastructure Linked to FIN7 Cybercrime Group

  • BeaverTail malware attacks Windows users via weaponized games

  • Has Your Social Security Number Been Leaked to the Dark Web? Use This Tool to Find Out

  • Protecting Academic Assets: How Higher Education Can Improve Cybersecurity

  • x64dbg: Open-source binary debugger for Windows

  • To improve your cybersecurity posture, you need to focus on the data

  • Common API Security Issues: From Exposed Secrets to Unauthorized Access

  • ISC Stormcast for Monday, August 19, 2024 https://isc.sans.edu/podcastdetail/9102, (Monday, August 19)

  • Has your SSN been leaked to the dark web? Use this tool to find out

  • RansomHub-related EDR-killing malware spotted in the wild

  • The Mad Liberator ransomware group uses social engineering techniques

  • IT Security News Weekly Summary – Week 33

  • IT Security News Daily Summary 2024-08-18

  • USENIX Security ’23 – NVLeak: Off-Chip Side-Channel Attacks via Non-Volatile Memory Systems

  • How to Freeze Your Credit – and How It Can Help Protect You After a Data Breaches

  • From 2018: DeepMasterPrints: Tricks Fingerprint Recognition Systems with MasterPrints Generated with GANs

  • The Rise of Malvertising: How Scammers Target Google Products with Malicious Search Ads

  • Russian disinformation network struggles to survive repression

  • Pro-Palestine organization takes responsibility for hacking Donald Trump-Elon Musk interview

  • Washington Times Ransomware Attack Leads to Dark Web Data Auction

  • Navigating AI and GenAI: Balancing Opportunities, Risks, and Organizational Readiness

  • National Public Records Breach Exposes Millions: Identity Theft Threat Looms

  • CVE-2024-7646: Ingress-NGINX Annotation Validation Bypass – Deep Dive

  • Achieving Wins for Security Leaders: Strategies and Considerations for Success

  • Newsletter Safety Affairs Round 485 by Pierluigi Paganini – INTERNATIONAL EDITION

  • NEWSLETTER ON MALWARE IN SECURITY CASES – ROUND 7

  • Large-scale extortion campaign targets publicly accessible environment variable (.env) files

  • Weekly Review: MS Office Flaw Could Leak NTLM Hashes, Malicious Chrome and Edge Browser Extensions

Created on 2024-08-19 23:55:08.089693

You May Also Like

More From Author