IT Security News Weekly Summary – Week 39

• IT Security News Daily Summary 2024-09-29

• USENIX NSDI ’24 – The Bedrock of Byzantine Fault Tolerance: A Unified Platform for BFT Protocols Analysis, Implementation, and Experimentation

• Social Media Content Fueling AI: How Platforms Are Using Your Data for Training

• Red team hacker on how she ‘breaks into buildings and pretends to be the bad guy’

• Israel army hacked the communication network of the Beirut Airport control tower

• What is a Zero-Day Attack And How You Can Safeguard Against It?

• Microsoft to start charging for Windows 10 updates next year. Here’s how much

• Wiping a Windows laptop? Here’s the safest way to erase your personal data – for free

• Security Affairs newsletter Round 491 by Pierluigi Paganini – INTERNATIONAL EDITION

• SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 13

• From Burnout to Balance: How AI Supports Cybersecurity Professionals

• Homeland Security Alerts on Increasing Risks for Schools

• Delaware Libraries Hit by Ransomware Attack, Internet Services Disrupted

• Over 300,000! GorillaBot: The New King of DDoS Attacks

• Remote Code Execution Vulnerability Alert of Unix CUPS Print Service (CVE-2024-47076 / CVE-2024-47175 / CVE-2024-47177)

• Progress Software fixed 2 new critical flaws in WhatsUp Gold

• Week in review: Windows Server 2025 gets hotpatching option, PoC for SolarWinds WHD flaw released

• IT Security News Daily Summary 2024-09-28

• USENIX NSDI ’24 – SwiftPaxos: Fast Geo-Replicated State Machines

• Kansas Water Plant Switches to Manual Operations Following Cyberassault

• Protecting Your Business from Cybercriminals on Social Media

• Mozilla Privacy: Tracking Users Without Consent

• Reading Encrypted WhatsApp Messages Through Digital Forensics

• Ethics and Tech: Data Privacy Concerns Around Generative AI

• Irish Data Protection Commission fined Meta €91 million for storing passwords in readable format

• Getting Out in Front of Post-Quantum Threats with Crypto Agility

• The US Could Finally Ban Inane Forced Password Changes

• Crypto Scam App Disguised as WalletConnect Steals $70K in Five-Month Campaign

• Non-Human Identity Management: Addressing the Gaping Hole in the Identity Perimeter

• A cyberattack on Kuwait Health Ministry impacted hospitals in the country

• Critical RCE Vulnerability Found in OpenPLC

• BBTok Targeting Brazil Using the AppDomain Manager Injection Technique

• HPE Patches Three Critical Security Holes in Aruba PAPI

• Microsoft Tightens Cloud Security After Major Breaches

• Cyber Security Today – Week in Review for September 28th, 2024

• Gamaredon’s operations under the microscope – Week in security with Tony Anscombe

• China-linked APT group Salt Typhoon compromised some US ISPs

• Kia Dealer Portal Flaw Could Let Attackers Hack Millions of Cars

• U.S. Charges Three Iranian Nationals for Election Interference and Cybercrimes

• Locked In – The Cybersecurity Event of the Year

• When Innovation Outpaces Financial Services Cybersecurity

• Unlocking Deeper Visibility and Control Over SaaS Risks

• The Kaseya Advantage: 10 Years and $12B in the Making

• VirusTotal AI-Generated Conversations: Threat Intel Made Easy

• The Tor Project and Tails have merged operations

• Why Microsoft’s security initiative and Apple’s cloud privacy matter to enterprises now

• Feds charge 3 Iranians with ‘hack-and-leak’ of Trump 2024 campaign

• IT Security News Daily Summary 2024-09-27

• Recall the Recall recall? Microsoft thinks it can make that Windows feature palatable

• How to Use a Conference Bridge to Run a Smooth Meeting

• Australian Organisations Targeted by Phishing Attacks Disguised as Atlassian

• What you need to know: The biggest cyber threats in 2024

• Iranian hackers charged with hacking Trump campaign to ‘stoke discord’

• New Email Scam Includes Pictures of Your House. Don’t Fall For It.

• Recall that Recall recall? Now Microsoft thinks it can make Windows feature palatable

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• Phishing Attacks on Australian Organisations Disguised as Atlassian

• CUPS vulnerabilities could put Linux systems at risk

• Cyber vandalism on Wi-Fi networks at UK train stations spread an anti-Islam message

• Critical Linux RCE in CUPS ? What We Know and How to Prepare

• The 2024 DSPM Adoption Report

• Growing data security concerns Over Facebook and Instagram Scam

• How to Stay Ahead of Deepfakes and Other Social Engineering Attacks

• Hackers Could Remotely Control Kia Cars by Exploiting License Plates

• First Mobile Crypto Drainer on Google Play Steals $70K from Users

• CrowdStrike Named a Leader in 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• Recognizing the Resilience of the CrowdStrike Community

• How CrowdStrike Hunts, Identifies and Defeats Cloud-Focused Threats

• Millions of Kia vehicles were vulnerable to remote attacks with just a license plate number

• Microsoft announces sweeping changes to controversial Recall feature for Windows 11 Copilot+ PCs

• US government charges three Iranian hackers with Trump campaign hack

• What is Threat Intelligence?

• CISA Warns: Industrial Systems Targeted by Threat Actors Using Unsophisticated Methods

• Torq Secures $70M Series C for HyperSOC

• Enhancing Cybersecurity Post-Breach: A Comprehensive Guide

• Daniel Stori’s Turnoff US: ‘Disney Buys Linux’

• Daniel Stori’s Turnoff.US: ‘’

• Daniel Stori’s Turnoff.US: ‘Disney Buys Linux’

• “Hacking” an Election is Harder Than You Think – But Security is Still a Priority

• Progress Software Releases Patches for 6 Flaws in WhatsUp Gold – Patch Now

• Too Good To Be True? For True Value, Look Beyond Vendors? Sales Claims

• Delivering Proactive Protection Against Critical Threats to NVIDIA-powered AI Systems

• Government Nationalises One Of UK’s Last Semiconductor Factories

• Malicious App On Google Play Steals Cryptocurrency From Android Users

• Hackers Attacking AI Agents To Hijacking Customer Sessions

• LummaC2 Stealer Leverages Customized Control Flow Indirection For Execution

• Hackers Abuse HTML Smuggling Technique To Deliver Sophisticated Phishing Page

• Is Spring AI Strong Enough for AI?

• The best VPN for Mac in 2024: Expert tested and reviewed

• The best VPN for streaming in 2024: Expert tested and reviewed

• Join Cisco at Enlit Europe 2024

• CUPS flaws allow remote code execution on Linux systems under certain conditions

• Innovator Spotlight: Zilla Security

• Innovator Spotlight: Guardio

• USENIX NSDI ’24 – Alea-BFT: Practical Asynchronous Byzantine Fault Tolerance

• Car Dealership Auto Canada Confirms Cyberattack, Alleged Data Leak

• AI-Generated Malware Discovered in the Wild

• Fortinet Cybersecurity Breach Exposes Sensitive Customer Data

• MoneyGram Faces Service Disruption Amid Cybersecurity Threat

• New Mallox Ransomware Linux Variant Built on Leaked Kryptina Source Code

• Ireland’s DPC Hits Meta with €91 Million Penalty for GDPR Violation

• Governments Urge Improved Security and Resilience for Undersea Cables

• Intel Rejects ARM Approach To Purchase Product Unit – Report

• Access control is going mobile — Is this the way forward?

• Worried about that critical RCE Linux bug? Here’s why you can relax

• What is a cloud access security broker (CASB)?

• 23 Top Open Source Penetration Testing Tools

• Critical Vulnerabilities Discovered in Automated Tank Gauge Systems From Multiple Vendors

• Ransomware gang using stolen Microsoft Entra ID creds to bust into the cloud

• Five Eyes Agencies Release Guidance on Detecting Active Directory Intrusions

• US Sanctions Crypto Exchanges for Facilitating Russian Cybercrime

• Hispanic Heritage Month Spotlight: Ana Perez Quiles

• Critical Flaw in HashiCorp Vault Enables Unrestricted SSH Access, Threatens System Security

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• Critical Linux CUPS Printing System Flaws Could Allow Remote Command Execution

• When LLMs day dream: Hallucinations and how to prevent them

• Red Hat’s response to OpenPrinting CUPS vulnerabilities: CVE-2024-47076, CVE-2024-47175, CVE-2024-47176 and CVE-2024-47177

• CISA Warns of Hackers Targeting Industrial Systems Using “Unsophisticated Methods”

• Top Tips and Risks Ahead of the 2024 Olympic Games

• US Announces Charges, Sanctions Against Russian Administrator of Carding Website

• UK data watchdog confirms it’s investigating MoneyGram data breach

• Acumen Cyber Achieves CREST Security Operations Centre Accreditation

• Check Point Software Named a Visionary in 2024 Gartner Magic Quadrant for Endpoint Protection Platforms

• Critical WhatsUp Gold Vulnerabilities Demand Immediate Action

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• European Cybersecurity Skills Conference: Intensifying our efforts to close the cybersecurity skills gap in the EU

• Black Hat 2024: SOC in the NOC

• Phishing-as-a-Service Platform Sniper Dz Used to Create 140,000 Phishing Sites in One Year

• Sophistication of AI-Backed Operation Targeting Senator Points to Future of Deepfake Schemes

• NIST Recommends Some Common-Sense Password Rules

• Critical Flaws Discovered in Jupiter X Core WordPress Plugin Affecting Over 90,000 Sites

• Millions of Kia Cars Were Vulnerable to Remote Hacking: Researchers

• Top 6 Cloud Security Threats to Watch Out For

• Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks

• How to Plan and Prepare for Penetration Testing

• Meta Unveils Orion AR Glasses, Quest 3S VR Headset

• G2 Names INE 2024 Enterprise and Small Business Leader

• Hackers Abusing Third-Party Email Infrastructure to Send Spam Mails

• U.S. sanctioned virtual currency exchanges Cryptex and PM2BTC for facilitating illegal activities

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• Storm-0501: Ransomware attacks expanding to hybrid cloud environments

• Is Google Password Manager Safe to Use in 2024?

• Tesla’s Cybertruck Goes, Inevitably, to War

• How a RevOps Consultant Can Drive Growth for Your SaaS Business

• VLC Media Player Update Needed: CVE-2024-46461 Discovered

• Kaspersky, Pango Respond to User Backlash as Transition to UltraAV Nearly Complete

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• CUPS vulnerabilities affecting Linux, Unix systems can lead to RCE

• Cloud Security Policy

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• New HTML Smuggling Campaign Delivers DCRat Malware to Russian-Speaking Users

• Cybersecurity Certifications: The Gateway to Career Advancement

• Man Arrested Over UK Railway Station Wi-Fi Hack

• Cybersecurity News: Train station WiFi hack, Mozilla tracking complaint, NIST password changes

• Critical CUPS Vulnerabilities Expose Linux and Other Systems to Remote Attacks

• Supreme Court Ruling May Question FTC Authority to Regulate Privacy and Security

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• Russian Hackers Target Ukrainian Servicemen via Messaging Apps

• Critical Vulnerabilities Found in NVIDIA Container Toolkit

• See No Evil – NY AG Letitia James Cracks Down on Banks Refusing to Foot the Bill for Consumer Phishing and Fraud

• An Unexamined Life – Virginia Court Strikes Down Automated License Plate Readers (ALPRs)

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• SpyCloud Connect delivers automated remediation of compromised identities

• U.S. Sanctions Two Crypto Exchanges for Facilitating Cybercrime and Money Laundering

• How to protect yourself against cyber espionage

• AuditBoard’s risk platform enhancements empower teams to boost efficiency

• Cyber Attack news headlines trending on Google

• Hacking Kia Cars Remotely with a License Plate

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• Critical NVIDIA Container Toolkit Vulnerability Could Grant Full Host Access to Attackers

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• Vulnerabilities in OT systems pose real environmental and safety issues in fuel storage. Cyber Security Today for Friday, September 27, 2024

• Are You Sabotaging Your Cybersecurity Posture?

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• Mozilla Faces Legal Complaint Over Firefox’s New “Privacy Preserving” Tracking Feature

• The AI-Cybersecurity Paradox: How AI is Revolutionizing Defenses While Empowering Hackers

• The Return of the Laptop From Hell

• Security Professionals Cite AI as Top Security Risk

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• Tosint: Open-source Telegram OSINT tool

• 3 tips for securing IoT devices in a connected world

• Dell’s Security Woes Deepen: Attackers Strike Twice in One Week

• How the Promise of AI Will Be a Nightmare for Data Privacy

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• Developing an effective cyberwarfare response plan

• How The NIST Cybersecurity Framework is enhanced by Identity Continuity

• Anton’s Security Blog Quarterly Q3 2024

• CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, CVE-2024-47177: Frequently Asked Questions About Common UNIX Printing System (CUPS) Vulnerabilities

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• How to lock and hide iPhone apps in iOS 18

• New infosec products of the week: September 27, 2024

• ISC Stormcast For Friday, September 27th, 2024 https://isc.sans.edu/podcastdetail/9156, (Fri, Sep 27th)

• Cybersecurity Compass: Bridging the Communication Gap

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• 42% of daily X users have a negative view of it – losing the block feature won’t help

• Hacking Kia cars made after 2013 using just their license plate

• New Threats in Cybersecurity: September 2024 CVE Roundup

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• Patch now: Critical Nvidia bug allows container escape, complete host takeover

• Announcing the Team Cymru Scout Integration With Palo Alto Cortex XSOAR

• A Treacherous Dinner Party: The Global Effort to Maintain Supply Chain Security

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• IT Security News Daily Summary 2024-09-26

• How hackers could have remotely controlled millions of cars

• Security compliance unicorn Drata lays off 9% of its workforce

• Unit 42 Incident Response Retainers Enhance Organizational Resilience

• Kryptina RaaS: From Unsellable Cast-Off to Enterprise Ransomware

• Patch for Critical CUPS vulnerability: Don’t Panic, (Thu, Sep 26th)

• The MDR That Sees It All

• HPE patches three critical security holes in Aruba PAPI

• Randall Munroe’s XKCD ‘Physics Lab Thermostat’

• USENIX NSDI ’24 – Understanding Routable PCIe Performance for Composable Infrastructures

• Old Vulnerability Rated 9.9 Impacts All GNU/Linux Systems, Researcher Claims

• HPE patches three critical flaws in Aruba proprietary access protocol Interface

• Doomsday ‘9.9 RCE bug’ might hit every Linux system

• X Releases Its First Transparency Report Since Elon Musk’s Takeover

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• Are hardware supply chain attacks “cyber attacks?”

• Elon Musk’s X Asks Brazil’s Top Court To Reinstate Service

• Critical RCE vulnerability found in OpenPLC

• Doomsday ‘9.9 RCE bug’ could hit every Linux system

• The best VPN trials of 2024: Expert tested and reviewed

• Watch Now: Shield Your Data, Secure Your Future: A Multi-Layered Approach to Operational Resilience

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• Comparing Top VPN Solutions: SurfShark vs ExpressVPN

• Kaspersky defends force-replacing its security software without users’ explicit consent

• Innovating Education: Cisco Philippines and Mapúa University Unveil AI-Led Digital Classrooms

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• Microsoft claims China is spying on US ISPs and Users

• Cyber Attack on Wi-Fi networks of London Rail Network

• How to Evaluate and Choose the Best Web Hosting Service

• Mozilla Firefox Slapped With Privacy Complaint

• Blackstone To Invest £10bn For Blyth AI Data Centre

• OpenAI To Remove Non-Profit Control – Report

• Check Point Software Technologies: A Visionary Approach to Workspace Security

• Building and securing a governed AI infrastructure for the future

• USENIX NSDI ’24 – Cloudcast: High-Throughput, Cost-Aware Overlay Multicast in the Cloud

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates

• Is It Possible to Inject Integrity Into AI?

• Wordfence Intelligence Weekly WordPress Vulnerability Report (September 16, 2024 to September 22, 2024)

• UK Train Stations’ Wi-Fi Hacked, Displays Islamophobic Messages

• U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

• Cisco Releases Security Updates for IOS and IOS XE Software

• goTenna Pro ATAK Plugin

• Advantech ADAM-5630

• India’s Star Health says it’s investigating after hacker posts stolen medical data

• Navigating Change: The Power of Digital Resilience to Transform Networks

• China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

• FTC Report Confirms: Commercial Surveillance is Out of Control

• Securing intellectual property in AI-powered enterprises

• Remote Code Execution, DoS Vulnerabilities Patched in OpenPLC

• Here’s Why UltraAV Replaced Kaspersky Antivirus Software

• Understanding the Domain Name System (DNS): How It Works and Why It Matters

• Doxing: Is Your Personal Information at Risk?

• $65 Million Settlement for Health System After Nude Photos Leak

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• Data Breach at MC2 Data Leaves 100 Million at Risk of Fraud

• Keep Your Tech Flame Alive: Akamai Trailblazer Sabine A. Sitterli

• Ransomware on the rise: Healthcare industry attack trends 2024

• ASD’s ACSC, CISA, and US and International Partners Release Guidance on Detecting and Mitigating Active Directory Compromises

• goTenna Pro X and Pro X2

• Advantech ADAM-5550

• CISA Releases Five Industrial Control Systems Advisories

• Atelmo Atemio AM 520 HD Full HD Satellite Receiver

• Victims lose $70k to one single wallet-draining app on Google’s Play Store

• Decoding the Pentesting Process: A Step-by-Step Guide

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• Zilla Security simplifies identity governance and administration for organizations

• Active Directory compromise: Cybersecurity agencies provde guidance

• Over a Third of Employees Secretly Sharing Work Info with AI

• The Cryptocurrency Drainer Hiding on Google Play

• CISA Warns of Hackers Targeting Industrial Systems with “Unsophisticated Methods” Amid Lebanon Water Hack Claims

• Ransomware Task Force finds 73% attack increase in 2023

• Cisco Patches High-Severity Vulnerabilities in IOS Software

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• DoControl introduces security product suite for Google Workspace

• How to migrate 3DES keys from a FIPS to a non-FIPS AWS CloudHSM cluster

• Simple Mail Transfer Pirates: How threat actors are abusing third-party infrastructure to send spam

• Privacy watchdog files complaint over Firefox quietly enabling its Privacy Preserving Attribution

• Ensemble raises $3.3M to bring ‘dark matter’ tech to enterprise AI

• Fortifying The Digital Frontier: Everyday Habits That Shape Your Company’s Cybersecurity Posture

• ‘Good, fast, cheap… Pick two’: Software quality dilemma forces risky decisions

• How to Stop Online Gambling Fraud from Eating Into Your Profits

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• N. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks

• Overloaded with SIEM Alerts? Discover Effective Strategies in This Expert-Led Webinar

• NIST Scraps Passwords Complexity and Mandatory Changes in New Guidelines

• First Mobile Crypto Drainer Found on Google Play

• More OpenAI Exec Departures Amid Fundraising, Restructuring

• Fake League of Legends Download Ads Spread Lumma Stealer Malware

• Advanced Threat Protection Solutions: Our Top Picks for 2024

• Amid Air Strikes and Rockets, an SMS From the Enemy

• The Tor Project merges with Tails, a Linux-based portable OS focused on privacy

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• The number of Android memory safety vulnerabilities has tumbled, and here’s why

• End-to-End Security for APIs: From Development Through Retirement

• Telegram will hand over user details to law enforcement

• Top 10 Managed Service Providers in New York for 2024

• Police Are Probing a Cyberattack on Wi-Fi Networks at UK Train Stations

• China-Backed Salt Typhoon Targets U.S. Internet Providers: Report

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware

• EPSS vs. CVSS: What’s the Best Approach to Vulnerability Prioritization?

• Millions of Vehicles Could Be Hacked and Tracked Thanks to a Simple Website Bug

• An Analysis of the EU’s Cyber Resilience Act

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• Salt Security provides improved API protection with Google Cloud

• CrowdStrike Apologises For Global IT Outage In House Hearing

• Don’t panic and other tips for staying safe from scareware

• Get Real-World Cybersecurity Skills for $30

• Privacy non-profit noyb claims that Firefox tracks users with privacy preserving feature

• 16-30 June 2024 Cyber Attacks Timeline

• The UN General Assembly and the Fight Against the Cybercrime Treaty

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• Public Wi-Fi operator investigating cyberattack at UK’s busiest train stations

• Harnessing The Benefits of The Thales and Imperva Partner Ecosystem

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• Unraveling Sparkling Pisces’s Tool Set: KLogEXE and FPSpy

• Latest Octo Malware Variant Mimics Popular Apps Like NordVPN, Chrome

• Necro Malware Attacks Google Play Store, Again. Infects 11 Million Devices

• Cybersecurity News: DragonForce ransomware, Salt Typhoon hits ISPs, ChatGPT SpAIware

• Octo2 Android Malware Attacking To Steal Banking Credentials

• RansomHub Ransomware Using Multiple Techniques To Disable EDR And Antivirus

• Researchers Backdoored Azure Automation Account Packages And Runtime Environments

• TWELVE Threat Attacks Windows To Encrypt Then Deleting Victims’ Data

• Google Warns Of North Korean IT Workers Have Infiltrated The U.S. Workforce

• Beware Of Fake Verify You Are A Human Request That Delivers Malware

• New Mallox Ransomware Linux Variant Attacking Enterprise Linux Servers

• BBTok Targeting Brazil: Deobfuscating the .NET Loader with dnlib and PowerShell

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• New MIT protocol protects sensitive data during cloud-based computation

• Navigating the NIS2 Directive: Key insights for cybersecurity compliance and how Sekoia.io can help

• TeamTNT Hackers Attacking VPS Servers Running CentOS

• UK government’s bank data sharing plan slammed as ‘financial snoopers’ charter’

• Threat landscape for industrial automation systems, Q2 2024

• Malicious Ads Hide Infostealer in League of Legends ‘Download’

• Open Source C3 Frameworks Used In Red Teaming Assessments Vulnerable To RCE Attacks

• Microsoft Warns Of Vanilla Tempest Hackers Attacking Healthcare Sector

• Beware Of Fake Captcha Attacks That Delivers Lumma Stealer Malware

• Russian Hackers Registering Domains Targeting US Tech Brands

• 5 obscure web browsers that will finally break your Chrome addiction

• Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities

• Critical Arc Browser Vulnerability Let Attackers Execute Remote Code

• Flax Typhoon’s Botnet Actively Exploiting 66 Vulnerabilities In Various Devices

• Data of 3,191 congressional staffers leaked in the dark web

• AI use: 3 essential questions every CISO must ask

• Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign

• CISA Releases Guide to Empower Software Buyers in Creating a Secure Tech Ecosystem

• PECB Conference 2024: A Global Forum for IT, Security, and Privacy Professionals

• Cybersecurity in E-Commerce

• Rethinking privacy: A tech expert’s perspective

• Compliance management strategies for protecting data in complex regulatory environments

• Companies mentioned on the dark web at higher risk for cyber attacks

• ISC Stormcast For Thursday, September 26th, 2024 https://isc.sans.edu/podcastdetail/9154, (Thu, Sep 26th)

• WordPress.org denies service to WP Engine, potentially putting sites at risk

• CISOs: The one question your board will NEVER ask you

• Activate your data responsibly in the era of AI with Microsoft Purview

• ​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant for Endpoint Protection Platforms

• OpenAI Chief Technology Officer Mira Murati and 2 Other Execs Are Leaving the ChatGPT Maker

• OSINT – Image Analysis or More Where, When, and Metadata (Guest Diary), (Wed, Sep 25th)

• Digital ID Isn’t for Everybody, and That’s Okay

• MoneyGram Cyberattack: Global Service Disruptions Enter Day 5

• Q&A With Axiad’s New CFO: Brian Szeto

• Building a Zero Trust API With ASP.NET Core: A Developer’s Guide

• Why Windows 11 requires a TPM – and how to get around that

• China’s Salt Typhoon cyber spies are deep inside US ISPs

• OpenAI Exec Mira Murati Says She’s Leaving Artificial Intelligence Company

• Choosing the Best Data Anonymization Tools: A Guide for Secure DevOps

• The Strategic Impact of Mastercard’s Recorded Future Acquisition

• IT Security News Daily Summary 2024-09-25

• OpenAI’s brain drain continues: CTO Mira Murati jumps ship

• Simplifying SOAR Maintenance with D3’s Dynamic Data Normalization

• Dell Hit by Third Data Leak in a Week Amid “grep” Cyberattacks

• New variant of Necro Trojan infected more than 11 million devices

• Nominations Now Open for the 2025 Cybersecurity Excellence Awards

• A catastrophic browser flaw is patched almost immediately – here’s how

• ​Tech Terror in Lebanon: The Fallout of Unrestrained Aggression

• Star Health Data Breach: Sensitive Customer Information Exposed on Telegram Chatbots

• CISA Releases Anonymous Threat Response Guidance and Toolkit for K-12 Schools

• Elon Musk Seeks Lawsuit Dismal From Former CNN Anchor

• Digital Asset Trading Platform UEEx Strengthens Digital Asset Security with New Protection Policy

• ‘Titanic Mindset’: Just 54% of UK IT Pros Confident in Data Recovery

• Calls to Scrap Jordan’s Cybercrime Law Echo Calls to Reject Cybercrime Treaty

• China claims Taiwan, not civilians, behind web vandalism

• RansomHub genius tries to put the squeeze on Delaware Libraries

• Webinar Today: Shield Your Data, Secure Your Future: A Multi-Layered Approach to Operational Resilience

• Managing identity source transition for AWS IAM Identity Center

• DNS Reflection Update and Odd Corrupted DNS Requests, (Wed, Sep 25th)

• US DoJ Sues Visa For ‘Monopolising’ Debit Cards

• Patient Rights and Consumer Groups Join EFF In Opposing Two Extreme Patent Bills

• Decoding Generative AI’s Privacy Paradox

• Anonymizing Your Data in Db2 for Better Testing and Development

• Common Mark Certificates (CMC) for Google BIMI Adoption

• Cybercrime Current Events: AWS Takeover Campaign, Ransomware Attack on Columbus, and City of Columbus Sues Ransomware Researcher Whistleblower

• Comic Agilé – Mikkel Noe-Nygaard, Luxshan Ratnaravi – #307 – Types of Innovation

• Why Hackers Are Collecting Encrypted Data for Future Attacks

• Google’s Shift to Rust Programming Cuts Android Memory Vulnerabilities by 52%

• OpenSSL Corporation’s Silver Sponsorship at ICMC 2024 – A Retrospective

• 90,000 WordPress Sites Affected by Arbitrary File Upload and Authentication Bypass Vulnerabilities in Jupiter X Core WordPress Plugin

• Talos discovers denial-of-service vulnerability in Microsoft Audio Bus; Potential remote code execution in popular open-source PLC

• Kaspersky causes new data security concerns while leaving the United States

• CMA States “Concerns Remain” After Google’s Cookie U-Turn

• secator – The Security Pentester Swiss Knife

• Timeshare Owner? The Mexican Drug Cartels Want You

• Citrix Releases Security Updates for XenServer and Citrix Hypervisor

• Rev up to Recert: Power up Your Programming Skills

• Safe and trustworthy AI is a shared responsibility

• Cyberattack Forces Kansas Water Plant to Operate Manually

• Cyber Founder Recipe for Success: Clear Vision and Trusted Experts

• Telegram To Provide Law Enforcement With Suspect Data, If Requested

• DragonForce Ransomware Expands RaaS, Targets Firms Worldwide

• The Future of Application Security: Empowering Developers in the AI Era

• Risk & Repeat: What’s next for Telegram and Pavel Durov?

• Threat Actors Continue to Exploit OT/ICS through Unsophisticated Means

• Empowered Together: A Story of Hope and Partnership

• A Leader in the 2024 Gartner Magic Quadrant for EPP

• Tamnoon Raises $12 Million for Cloud Security Remediation Service

• City Water Facility in Kansas Hit by Cyberattack

• Microsoft Issues New Warnings For Windows Users

• 82% of Phishing Sites Now Target Mobile Devices

• LummaC2: Obfuscation Through Indirect Control Flow

• Top LMS Training Tips for Effective Learning

• Don’t share the viral Instagram Meta AI “legal” post

• How SMBs Can Implement Cyber-HDR for Increased Protection and Reduced Risk Harden-Detect-Respond

• CEO Durov Says Telegram Will Provide More Data to Governments

• Marko Polo Infostealer Campaigns Target Thousands Across Platforms

• Malwarebytes Personal Data Remover protects user privacy

• PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987)

• Cybersecurity Researchers Warn of New Rust-Based Splinter Post-Exploitation Tool

• Mozilla Faces Privacy Complaint for Enabling Tracking in Firefox Without User Consent

• 2024 H1 IRAP report is now available on AWS Artifact for Australian customers

• Malwarebytes Personal Data Remover: A new way to help scrub personal data online

• Romance scams costlier than ever: 10 percent of victims lose $10,000 or more

• AI: The New Frontier in Safeguarding Critical Infrastructure

• The 5 Best VPN Extensions for Chrome in 2024

• Harnessing Technology for Conservation: An Interview with the Executive Director of Connected Conservation Foundation

• Kaspersky Self-Deletes and Force-Installs UltraAV on Users’ Endpoints

• Researcher Says Healthcare Facility’s Doors Hackable for Over a Year

• Baffle Extends Reach to Ecrypt AWS S3 Data as Ingested

• Onapsis expands security for SAP Business Technology Platform

• US House Bill Addresses Growing Threat of Chinese Cyber Actors

• CISO Series Podcast LIVE in La Jolla (10-30-24)

• Multiple 0-Day Flaws in Automated Tank Gauge Systems Threaten Critical Infrastructure

• Forrester Named Cisco a Leader in the 2024 Microsegmentation Wave

• FTX’s Caroline Ellison Sentenced To Two Years In Prison

• New Windows Malware Locks Computer in Kiosk Mode

• Red Teaming in the age of EDR: Evasion of Endpoint Detection Through Malware Virtualisation

• Second Pwn2Own Automotive Contest Offers Over $1 Million in Prizes

• IntelBroker Leak Claims Involve Deloitte Communications

• Tamnoon raises $12 million to reduce critical cloud exposures

• How to check suspicious links fast?

• TikTok Removes Russian State Media Accounts

• From 12 to 21: how we discovered connections between the Twelve and BlackJack groups

• Mobile Phishing Attacks Explode, Enterprise Devices Targeted

• Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593)

• Portnox enhances passwordless risk-based access for enterprise applications

• Nudge Security introduces automated SaaS spend discovery capabilities

• ChatGPT macOS Flaw Could’ve Enabled Long-Term Spyware via Memory Function

• Agentic AI in SOCs: A Solution to SOAR’s Unfulfilled Promises

• Thousands of US Congress Emails Exposed to Takeover

• CrowdStrike Apologizes for IT Outage, Defends Microsoft Kernel Access

• Cybersecurity News: Kansas water targeted, CrowdStrike apology, MoneyGram goes dark

• Understanding Network Attacks: Types, Trends, and Mitigation Strategies

• Navigating the Privacy Paradox: How Organizations Can Secure Customer Data While Ensuring Convenience

• Iran Was Behind Thousands of Text Messages Calling for Revenge Over Quran Burnings, Sweden Says

• ManageEngine Analytics Plus 6.0 identifies key inefficiencies in IT operations

• NETSCOUT’s nGeniusONE notification center streamlines and automates alerts

• Critical Ivanti Authentication Bypass Bug Exploited in Wild

• U.S. CISA adds Ivanti Virtual Traffic Manager flaw to its Known Exploited Vulnerabilities catalog

• Bitwarden inline autofill empowers users to fill passkeys directly from their vault

• OneTrust helps organizations operationalize DORA compliance

• Arkansas City water treatment facility switched to manual operations following a cyberattack

• Commvault acquires Clumio to accelerate cyber resilience capabilities for AWS

• Transportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport Malware

• SilentSelfie: Uncovering a major watering hole campaign against Kurdish websites

• US Capitol data breach and MoneyGram Cyber Attack details

• The Importance of Healthcare Data to Ransomware Hackers

• MoneyGram Confirms Cyberattack Following Outage

• Kansas County Ransomware Attack Exposed Nearly 30,000 Residents’ Sensitive Data

• New Android banking trojan Octo2 targets European banks

• CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns

• Evilginx – an open source program to bypass MFA: Cyber Security Today for Wednesday, September 25, 2024

• Underfunding and Leadership Gaps Weaken Cybersecurity Defenses

• Securing non-human identities: Why fragmented strategies fail

• NetAlertX: Open-source Wi-Fi intruder detector

• Necro Trojan Strikes Google Play Again, Infecting Popular Apps

• Generative AI Fuels New Wave of Cyberattacks, HP Warns

• Symmetry Systems Shines as Finalist in Cloud Security Alliance Startup Pitchapalooza

• Cybersecurity jobs available right now: September 25, 2024

• Organizations are making email more secure, and it’s paying off

• 41% concerned about job security due to skill gaps

• ISC Stormcast For Wednesday, September 25th, 2024 https://isc.sans.edu/podcastdetail/9152, (Wed, Sep 25th)

• CrowdStrike apologizes to Congress for ‘perfect storm’ that caused global IT outage

• China claims Taiwan, not civilian hackers, behind website vandalism

• PDiddySploit Malware Hidden in Files Claiming to Reveal Deleted Diddy Posts

• Hacker group Handala Hack Team claim battery explosions linked to Israeli battery company.

• Microsoft Trustworthy AI: Unlocking human potential starts with trust

• IT Security News Daily Summary 2024-09-24

• Investigating Infrastructure and Tactics of Phishing-as-a-Service Platform Sniper Dz

• A generative artificial intelligence malware used in phishing attacks

• AI Adoption Set to Unravel Years of Cyber Resilience

• EFF to Federal Trial Court: Section 230’s Little-Known Third Immunity for User-Empowerment Tools Covers Unfollow Everything 2.0

• Congressional Staffers’ Data Leaked on Dark Web: Report

• AI can now solve reCAPTCHA tests as accurately as you can

• What Is EDR in Cyber Security: Overview & Capabilities

• NormCyber Introduces Digital Risk Protection For Enhanced Cyber Resilience

• Who’s watching you the closest online? Google, duh

• CrowdStrike Overhauls Testing and Rollout Procedures to Avoid System Crashes

• CrowdStrike Gets Grilled By U.S. Lawmakers Over Faulty Software Update

• Arkansas City water treatment facility hit by cyberattack

• Russia’s digital warfare on Ukraine shows no signs of slowing: Malware hits surge

• Randall Munroe’s XKCD ‘Maslow’s Pyramid’

• SBOM-a-Rama Fall 2024: Sonatype’s top 5 takeaways

• CRQ Loss Exceedance Curves for Risk Management | Kovrr

• USENIX NSDI ’24 – A Large-Scale Deployment of DCTCP

• PREVIEW: CISO Series Podcast LIVE in Los Angeles, CA 10-9-24

• 20,000 WordPress Sites Affected by Privilege Escalation Vulnerability in WCFM – WooCommerce Frontend Manager WordPress Plugin

• Automatic Tank Gauges Used in Critical Infrastructure Plagued by Critical Vulnerabilities

• We analyzed 2,670 posts and comments from social media platforms. Here’s what we learned about job scams

• Spotlight on DeepKeep.ai

• 10 nasty software bugs put thousands of fuel storage tanks at risk of cyberattacks

• AI-Generated Malware Found in the Wild

• GUEST ESSAY: Massive NPD breach tells us its high time to replace SSNs as an authenticator

• Microsoft Pushes Governance, Sheds Unused Apps in Security Push

• Necro Android Malware Found in Popular Camera and Browser Apps on Play Store

• How AWS WAF threat intelligence features help protect the player experience for betting and gaming customers

• NetApp Secure Data Storage offers resilience against ransomware attacks

• How AIOps enhances operational resilience in the face of IT complexity

• Leveraging LLMs for Malware Analysis: Insights and Future Directions

• Harnessing the Power of Cloud App Development and DevOps for Modern Businesses

• A new wave of personalized sextortion scams—Using Google Street View images to startle targets

• US Kaspersky customers startled by forced switch to ‘rando’ AV software

• Formula 1 looks to AI to fuel efficiencies and improve sustainability scorecard

• Warnings After New Valencia Ransomware Group Strikes Businesses and Leaks Data

• 2024 Exposed: The Alarming State of Australian Data Breaches

• Microsoft Initiative the ‘Largest Cybersecurity Engineering Effort in History’

• Layered Protection for RADIUS With Cisco

• Microsoft Names Deputy CISOs, Governance Council to Manage Security Push

• FTC Report Exposes Mass Data Surveillance by Some of the Social Media Giants in the World

• Cybersecurity Incident Affects Arkansas City Water Treatment Facility

• Threat Actors Shift to JavaScript-Based Phishing Attacks

• The best VPN services for torrenting in 2024: Expert tested and reviewed

• 10 nasty bugs put thousands of fuel storage tanks at risk of attacks

• PC Matic vs Norton Antivirus: Feature Comparisons

• OMNTEC Proteus Tank Monitoring

• Franklin Fueling Systems TS-550 EVO

• A cyberattack on MoneyGram caused its service outage

• Building Cyber Resilience

• Osano reduces complexity for data privacy professionals

• Transportation, logistics companies targeted with lures impersonating fleet management software

• New Octo2 Malware Variant Threatens Mobile Banking Security

• Exploitation of RAISECOM Gateway Devices Vulnerability CVE-2024-7120, (Tue, Sep 24th)

• Exploring the Sidecar Pattern in Cloud-Native Architecture

• Alisonic Sibylla

• OPW Fuel Management Systems SiteSentinel

• MoneyGram blames ‘cybersecurity issue’ for ongoing days-long outage

• You Don’t Need an Agent to Secure Your Browser

• Forrester Names Palo Alto Networks a Leader in Attack Surface Management

• Cyberattack Causes MoneyGram Service Outage

• Anatomy of an Attack | ADR vs WAF and EDR Technology | Contrast Security

• Specops Unearths Millions of Compromised VPN Passwords

• Arlo Secure 5 boosts smart home security

• Cloudflare helps secure popular messaging applications

• KELA Identity Guard detects and intercepts compromised assets

• U.S. Proposes Ban on Connected Vehicles Using Chinese and Russian Tech

• Six tips to improve the security of your AWS Transfer Family server

• Telegram to Share User IPs and Phone Numbers on Legal Request

• SANS Institute: Top 5 dangerous cyberattack techniques in 2024

• With 23andMe in crisis, strengthening DNA security has never been more urgent

• Torq, which automates cybersecurity workflows, raises $70M in new capital

• Gamuda Transforms IT Operations with Cato Networks

• Privileged Access Management Features: What You Need in Your PAM Solutions

• NETGEAR announces three WIFI 7 routers to secure connectivity for homes of any size

• US-based Kaspersky users startled by unexpected UltraAV installation

• NetApp enhances security directly within enterprise storage

• Absolute AI Threat Insights monitors, detects, and prioritizes suspicious activity

• HPE unveils AI insights and third-party network device monitoring capabilities

• 14 Million Patients Impacted by US Healthcare Data Breaches in 2024

• Russia-Backed Media Outlets Are Under Fire in the US—but Still Trusted Worldwide

• Did Israel infiltrate Lebanese telecoms networks?

• How to spot a North Korean agent before they get comfy inside payroll

• Kansas Water Facility Switches to Manual Operations Following Cyberattack

• Modernize your chaos engineering with commercial software transparency

• NICE Actimize Fraud Investigation combats fraud and financial crime

• The SSPM Justification Kit

• Discover Latest Ransomware Tactics and Zero Trust Strategies in This Expert Webinar

• EU Digital Identity Wallet: A leap towards secure and trusted electronic identification through certification

• Israel’s Pager Attacks and Supply Chain Vulnerabilities

• Users Quick to Remove UltraAV After Silent Transition From Kaspersky Antivirus

• HTTP Headers Phishing Campaigns Used For Credential Theft

• TuxCare Expands Presence in South America through New Strategic Partnership

• Ubuntu 22.04.5 LTS Released with Linux Kernel 6.8

• Malvertising and Cybercrime in Online Advertising

• FBI Shuts Down Chinese Linked Botnet Campaign in a Joint Operation

• Port of Seattle Faces $5.9 Million Ransom Demand in Rhysida Cyberattack

• New Octo2 Android Banking Trojan Emerges with Device Takeover Capabilities

• US Mulls Ban on Russian, Chinese Parts in Connected Vehicles

• #GartnerSEC: Zero Failure Tolerance, A Cybersecurity Myth Holding Back Organizations

• Google Launches Passkeys Sync With Google Password Manager

• Coinbase Challenges SEC Over Crypto Rules

• OpenAI Backers ‘Betting It Will Be Worth Trillions’

• How to Create an Effective Cybersecurity Awareness Program

• Web tracking report: who monitored users’ online activities in 2023–2024 the most

• Telegram will share IP addresses, phone numbers of criminal suspects with cops

• Cybersecurity News: Proposed ban on autonomous vehicles, updated Telegram policy, Necro infects Android devices

• … And the Business Listened to the CISO and Everyone Lived Happily Ever After

• US Proposes Ban On Chinese, Russian Components In Cars

• Xiaomi Asks For Recall Of India Antitrust Report

• The Relation Between Breaches and Stock Price Drops

• A data leak and a data breach

• Deloitte Says No Threat to Sensitive Data After Hacker Claims Server Breach

• How to Choose the Right VMDR Tool?

• Guardsquare strenghtens mobile application security for developers

• Europol: GenAI Offers “Treasure Trove of Possibilities”

• Telegram Boss Agrees to Closer Police Cooperation

• LinkedIn Suspends Use Of UK Data For AI

• Jony Ive Confirms Working With OpenAI’s Altman On Device

• Researcher Details Cisco Smart Licensing that Lets Attacker Control Device

• ArmorCode unveils two modules to help reduce software-based risks

• Telegram Agrees to Share User Data With Authorities for Criminal Investigations

• Meta AI Chatbot To Offer Voices Of Judi Dench, Other Celebrities

• MC2 Data leak Exposes 100 million+ US Citizens Data

• Telegram will provide user data to law enforcement in response to legal requests

• Addressing Data Security Concerns in Cloud Migrations

• UN Report on Governing AI for Humanity – Key Recommendations and Insights

• ColorTokens Acquires PureID to Advance Zero-Trust IT

• Clothes less photos of patients land on dark web after ransomware attack

• Red Canary’s Midyear Threat Report Highlights Infostealer Surge Targeting macOS Devices

• Discover how online fraud can impact your business

• Future-proofing cybersecurity: Why talent development is key

• 65% of websites are unprotected against simple bot attacks

• How cyber compliance helps minimize the risk of ransomware infections

• MFA bypass becomes a critical security issue as ransomware tactics advance

• ISC Stormcast For Tuesday, September 24th, 2024 https://isc.sans.edu/podcastdetail/9150, (Tue, Sep 24th)

• Some US Kaspersky customers find their security software replaced by ‘UltraAV’

• OpenAI tackles global language divide with massive multilingual AI dataset release

• Community Corner: InClusive InCyber

• Hacker Leaks 12,000 Alleged Twilio Call Records with Audio Recordings

• Crypto scammers hack OpenAI’s press account on X

• What Is Noise-Down Automation?

• Telegram will now hand over IP addresses, phone numbers of suspects to cops

• Publisher’s Spotlight: Reach Security

• Necro malware continues to haunt side-loaders of dodgy Android mods

• ‘Cybersecurity issue’ takes MoneyGram offline for three days – and counting

• IT Security News Daily Summary 2024-09-23

• Inside SnipBot: The Latest RomCom Malware Variant

• How to prepare a system security plan, with template

• ​​Securing our future: September 2024 progress update on Microsoft’s Secure Future Initiative (SFI)

• 100 million+ US citizens have records leaked by background check service

• Some Kaspersky customers receive surprise forced-update to new antivirus software

• Reducing Infrastructure Misconfigurations With IaC Security

• EFF to Supreme Court: Strike Down Texas’ Unconstitutional Age Verification Law

• Randall Munroe’s XKCD ‘Tectonic Surfing’

• Join Us 10-04-24 for “Hacking Job Stagnation” – Super Cyber Friday

• Cyber Security Leader vs Cyber Security Tag-along: How to Tell the Difference

• The best VPN services for iPhone: Expert tested and reviewed

• Vulnerability Recap 9/23/24 – Remote Code Execution Steals the Show

• ESET fixed two privilege escalation flaws in its products

• US proposes ban on Chinese, Russian connected car tech over security fears

• Mandiant Offers Clues to Spotting and Stopping North Korean Fake IT Workers

• 2024 NIST Password Guidelines: Enhancing Security Practices

• Vice Society Shifts to Inc Ransomware in Latest Healthcare Cyberattack

• iCloud Storage fake warning leading to Phishing and Malware attacks

• Securing Cloud Native Apps: The Power of SSPM Essentials

• Dark Web Sales Fuel 32% Increase in Global Healthcare Cyberattacks

• San Francisco’s fight against deepfake porn, with City Attorney David Chiu (Lock and Code S05E20)

• Police are using AI to write crime reports. What could go wrong?

• First TikTok, now smart cars: How Biden’s new proposed ban will affect U.S. automakers

• Hacking the “Bike Angels” System for Moving Bikeshares

• Necro Trojan Infects Google Play Apps With Millions of Downloads

• Nearly Half of Security Experts Believe AI is Risky

• Kryptina Ransomware Resurfaces in Enterprise Attacks By Mallox

• (Free & Downloadable) Endpoint Security Policy Template – 2024

• Why DNS Security Is Important: 3 Real-life Use Cases

• So how’s Microsoft’s Secure Future Initiative going?

• Freemium Model Optimization for B2B SaaS: A Strategic Growth Approach

• USENIX NSDI ’24 – Can’t Be Late: Optimizing Spot Instance Savings under Deadlines

• Brave Browser: The Secure and Private Way to Surf the Web

• Vulnerability Summary for the Week of September 16, 2024

• Vulnerabilities Found in Popular Houzez Theme and Plugin

• Staying a Step Ahead: Mitigating the DPRK IT Worker Threat

• Relationship broken up? Here’s how to separate your online accounts

• ASPM vs. ASOC: How do they differ?

• Types of Cloud Security Controls & Their Uses

• FreeBSD Issues Critical Security Advisory for CVE-2024-41721 (CVSS 9.8)

• Innovator Spotlight: Qwiet

• Innovator Spotlight: ZINAD

• Ban Sought for Chinese, Russian Software and Hardware Used in Autonomous Vehicles on US Roads

• Small Trade Businesses Urged to Strengthen Security After Total Tools Data Breach

• RightCrowd SmartAccess platform enhancements boost enterprise security

• Cloudflare AI Audit helps websites control how their content is used by AI models

• Windows Server 2025 gets hotpatching option, without reboots

• Russian Cyber-Attacks Home in on Ukraine’s Military Infrastructure

• Hackers Posed as Google Support to Steal $243 Million in Crypto

• Hackers Mimic as Company’s HR to Trick Employees

• 10 Security Best Practices for SaaS

• SpaceX, CNN, and The White House internal data allegedly published online. Is it real?

• What Is Threat Hunting In Cybersecurity?

• North Korea-linked APT Gleaming Pisces deliver new PondRAT backdoor via malicious Python packages

• Critical Dragonfly2 Flaw Due to Hardcoded Key Threatens Admin Access

• One Year Later: CISA’s Secure by Design Initiative

• Public Sector Compliance: Passwords and Credentials Matter

• Organizations are changing cybersecurity providers in wake of Crowdstrike outage

• The secrets to Developing a High-Performing Data Team

• Three Key Considerations for Companies Implementing Ethical AI

• Beyond CISO Scapegoating: Cultivating Company-Wide Security Mindsets

• Demystifying AI Models: How to Choose the Right Ones

• Critical Grafana Plugin SDK Flaw Exposes Sensitive Information

• Innovator Spotlight: HyperCube

• UPS supplier’s password policy flip-flops from unlimited, to 32, then 64 characters

• Versa Networks Patches Vulnerability Exposing Authentication Tokens

• Why ‘Never Expire’ Passwords Can Be a Risky Decision

• THN Cybersecurity Recap: Last Week’s Top Threats and Trends (September 16-22)

• Publishers Spotlight: HackerOne

• How the Necro Trojan infiltrated Google Play, again

• Picus Security Raises $45M in Funding

• US DoJ Charged Two Men With Stealing and Laundering $230 Million Worth of Cryptocurrency

• More Than $44 Million in Cryptocurrency Stolen From Singaporean Platform Bingx

• DOJ, FBI Need Better Metrics for Tracking Ransomware Disruption Efforts, Audit Finds

• Keycloak Vulnerability Puts SAML Authentication at Risk

• The Importance of Cybersecurity Awareness and Insider Threat Management

• Will Smaller Companies Buckle Under the SEC’s Incident Reporting Requirements?

• Iranian-Linked Group Facilitates APT Attacks on Middle East Networks

• Complexity: Research Offers Solution for Healthcare Security Amid Rising Cyberattacks

• AI Development Needs Global Oversight, UN Experts State

• Discord Introduces DAVE Protocol for End-to-End Encryption in Audio and Video Calls

• Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk

• When Can AI Take Over Decision Making in the SOC?

• SEC To Seek Sanctions After Musk Fails To Appear In Court

• Sky Glass Televisions Disabled By Tech Fault

• It’s Never Too Late: Transitioning to a Career in Cybersecurity

• Industry Moves for the week of September 23, 2024 – SecurityWeek

• Videos: Attack Surface Management Summit – All Sessions Available on Demand

• The Problem With Third-Party Breaches: A Data Protection Dilemma

• Cybersecurity News: LinkedIn halts AI training, Ukraine bans Telegram, hack-for-hire lawsuit

• Apple Previews AI Features As iPhone 16 Sales Begin

• Trump Media Shares Fall To All-Time Low

• Aligning Your Cybersecurity Strategy with the NIST CSF 2.0

• The Latest Email Scams: Key Trends to Look Out For

• What is Cybersecurity Automation? Benefits & Challenges

• Quishing 2.0: QR Code Phishing Evolves with Two-Step Attacks and SharePoint Abuse

• SambaSpy RAT Targets Italian Users in a Unique Malware Campaign

• Lumma Stealer Malware Campaign Exploits Fake CAPTCHA Pages

• Police Dismantles Phone Unlocking Ring Linked to 483,000 Victims

• Germany Seizes Leak Site of ‘Vanir’ Ransomware Operation

• Bitdefender debuts GravityZone PHASR, enhancing security through user behavior analysis

• LinkedIn Pauses GenAI Training Following ICO Concerns

• Geely’s Zeekr Slashes Electric SUV Price In Latest Threat To Tesla

• Huawei’s Mate XT Launches On Same Day As iPhone 16

• Chinese APT Earth Baxia target APAC by exploiting GeoServer flaw

• Cloud Security Risk Prioritization is Broken. Here’s How to Fix It.

• PIPEDA

• German Police Shutter 47 Criminal Crypto Exchanges

• Phishing links with @ sign and the need for effective security awareness building, (Mon, Sep 23rd)

• Qualcomm ‘Offers To Buy Intel’

• FreeBSD RCE Vulnerability Let Attackers Execute Malicious Code

• macOS Sequoia Update Breaks Multiple Security Tools

• A week in security (September 16 – September 22)

• Privacy and API security: What’s at stake?

• Move over, Cobalt Strike. Splinter’s the new post-exploit menace in town

• New PondRAT Malware Hidden in Python Packages Targets Software Developers

• Google Chrome gets rid of Password menace

• Benefits of Data Protection and GDPR Compliance for Businesses

• Hacktivist group Twelve is back and targets Russian entities

• Analysis of ENISA’s 2024 Threat Landscape Report: Key Takeaways and Implications

• Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware

• Tor browser anonymity cracked by German police: Cyber Security Today for Monday, September 23, 2024

• Certainly: Open-source offensive security toolkit

• GameVN – 1,369,485 breached accounts

• Paid open-source maintainers spend more time on security

• Offensive cyber operations are more than just attacks

• Tor Project Assures Users It’s Safe Amid Controversy of Deanonymizing Users

• The surge in cyber insurance and what it means for your business

• ISC Stormcast For Monday, September 23rd, 2024 https://isc.sans.edu/podcastdetail/9148, (Mon, Sep 23rd)

• Apple’s latest macOS release is breaking security software, network connections

• IT Security News Weekly Summary – Week 38

• IT Security News Daily Summary 2024-09-22

• Hackers Claim Second Dell Data Breach in One Week

• Security Flaw in Google Cloud Document AI Could Expose Sensitive Data, Experts Warn

• Global Taskforce Dismantles Encrypted Criminal Platform ‘Ghost,’ Leading to 51 Arrests

• Tor Project Assures Users It’ Safe Amid Controversy of Deanonymizing Users

• USENIX NSDI ’24 – Jolteon: Unleashing the Promise of Serverless for Serverless Workflows

• IT Leaders Raise Security Concerns Regarding Generative AI

• Massive Chinese Botnet Infects SOHO Routers and IP Cameras

• macOS Sequoia Interferes With VPNs And EDRs Following Update

• Security Affairs newsletter Round 490 by Pierluigi Paganini – INTERNATIONAL EDITION

• SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 12

• The TechCrunch Cyber Glossary

• Noise Storms: Mysterious massive waves of spoofed traffic observed since 2020

• The Great Ai Swindle

• Tor Assured Safety Amidst Deanonymizing Claims From Authorities

• Lumma Stealer Uses Fake CAPTCHA Pages to Distribute Malware

• Week in review: Critical VMware vCenter Server bugs fixed, Apple releases iOS 18

• 2024-09-19 – File downloader to Lumma Stealer

Generated on 2024-09-29 23:58:20.470729