IT Security News Daily Summary 2024-01-29

• 10 reasons why securing software supply chains needs to start with containers

• The best identity theft protection and credit monitoring services of 2024

• Apple Begins 2024 Patching A Zero-Day Under Attack

• Facebook Among The Worst At Collecting Data From Apps For Kids

• Navigating the Digital Frontier: Insights from Leading Experts on Data Privacy Day

• Dashlane 2024

• Threat Actors Selling 1.8TB Database of Indian Mobile Users

• Meta releases ‘Code Llama 70B’, an open-source behemoth to rival private AI development

• Ransomware’s Impact Could Include Heart Attacks, Strokes & PTSD

• Mercedes-Benz accidentally exposed sensitive data, including source code

• SolarWinds slams SEC lawsuit against it as ‘unprecedented’ victim blaming

• Datadog Report Surfaces Pair of Sophisticated AWS Attacks

• Edge Security for IoT: Protecting Data at the Edge

• Ivanti Struggling to Hit Zero-Day Patch Release Schedule

• CVE-2024-23897: Assessing the Impact of the Jenkins Arbitrary File Leak Vulnerability

• Control D Launches Control D for Organizations: Democratizing Cybersecurity for Organizations of All Sizes

• SAFECOM Membership Spotlight: Major Darryl Anderson, SAFECOM At-Large (Stark County Sheriff’s Office)

• What Do Apple’s EU App Store Changes Mean for App Developers?

• Vulnerability Summary for the Week of January 22, 2024

• Apple’s new Stolen Device Protection has a big vulnerability. Here’s how to fix it

• Experts detailed Microsoft Outlook flaw that can leak NTLM v2 hashed passwords

• USENIX Security ’23 – Rishabh Khandelwal, Asmit Nayak, Hamza Harkous, Kassem Fawaz – Automated Cookie Notice Analysis and Enforcement

• Randall Munroe’s XKCD ‘Fast Radio Bursts’

• Control D Launches Control D for Organizations: Democratizing Cybersecurity

• Data Governance and DevOps

• DevNet: A Decade of Innovation and Community Growth

• Cisco Cloud Application Security (Panoptica) at Cisco Live 2024 Amsterdam

• 23andMe Faces Privacy Breach

• NSA Admits Buying American Browsing Records From Shady Markets

• In Final Talks on Proposed UN Cybercrime Treaty, EFF Calls on Delegates to Incorporate Protections Against Spying and Overcriminalization or Reject Convention

• Decoding the Maze: A Guide to Cyber Security Risk Assessment Models

• ‘Mother of All Breaches’: 26 Billion Personal Records and Passwords Leaked

• Hearings on Canada’s proposed cybersecurity law to start today

• Phobos Ransomware Family Expands With New FAUST Variant

• Global Partner Engineering Building Momentum into 2024

• How ChatGPT changed the world – a timeline

• US Lawmakers Tell DOJ to Quit Blindly Funding ‘Predictive’ Police Tools

• PoC Exploit Published for Critical Jenkins Vulnerability

• Vulnerabilities in WatchGuard, Panda Security Products Lead to Code Execution

• Canadian Man Sentenced to Prison for Ransomware Attacks

• US Senator Exposes NSA Purchase of Americans’ Internet Records

• indicators of compromise (IOC)

• Juniper Networks Releases Security Bulletin for J-Web in Junos OS SRX Series and EX Series

• BO Team hackers wipe 2 Peta Bytes Satellite data from Planeta

• Amazon Abandons $1.4bn iRobot Buy Amidst EU Opposition

• Ermac malware: The other side of the code

• Microsoft Expects AI Revenue Growth As Shares Surge

• AI Companies Will Need to Start Reporting Their Safety Tests to the US Government

• US Aid Office in Colombia Reports Its Facebook Page Was Hacked

• Why CNAPP Will Be a Key Enabler for DevSecOps in 2024

• Apple Engineering Veteran Departs For EV Maker Rivian

• Huawei Electric Car Partner Sees Revenue Surge

• E-Rate Update: $4.5 Billion for Discounts Available

• NSA buys internet browsing records from data brokers without a warrant

• Palo Alto Networks — Strategic Partner on the Road to Quantum Readiness

• Q&A – Dr. Ryan Heartfield: 3 things to remember when securing your Industrial OT environment

• What the Charges Against the SolarWinds CISO Mean for Security in 2024

• Improved Access Review

• Improved SoD Results Accuracy

• Dynatrace acquires Runecast to improve cloud-native security

• Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords

• AI Image Generation Breakthrough Predicted to Trigger Surge in Deepfakes

• Pegasus Spyware Targets Two Journalists in Togo: RSF

• Juniper Networks introduces AI-Native Networking Platform

• Nigerian ‘Yahoo Boys’ Behind Social Media Sextortion Surge in the US

• Navigating the Cloud: Strategies for Secure Data Storage

• Brave Sunsets Strict Fingerprinting Block Setting For Better Browsing

• Critical Authentication Bypass Flaw Patched In GoAnywhere MFT

• Exploit Released for Critical Jenkins RCE Flaw

• Cisco Customer Experience (CX) Sweepstakes at Cisco Live EMEA

• Microsoft Executives Hacked

• SecurityWeek Analysis: Cybersecurity M&A Dropping, Over 400 Deals Announced in 2023

• The Rise of AI Restrictions: 25% of Firms Slam the Door on AI Magic

• Cyber Security Today, Jan. 29, 2024 – SolarWinds demands fraud allegation be dropped, a Canadian sentenced for ransomware attacks, and more

• Apple ‘Infringes DMA’ With New EU Developer Terms

• Previous Most Inspiring Women in Cyber Winners: Where Are They Now?

• Microsoft Provides Defense Guidance After Nation-State Compromise

• Bastille Networks Raises $44 Million to Secure Wireless Devices

• DEEP TECH NEWS: Respecting individual rights by using ‘privacy preserving aggregate statistics’

• Ten Simple Steps to Improve SOC Efficiency

• Fix Available for Critical Jenkins Flaw That Leads to RCE Attacks

• Albabat, Kasseika, Kuiper: New Ransomware Gangs Rise with Rust and Golang

• Riding the AI Waves: The Rise of Artificial Intelligence to Combat Cyber Threats

• 493 Companies Share Their SaaS Security Battles – Get Insights in this Webinar

• X Blocks Taylor Swift Searches After Spread Of Fake AI Images

• Silicon UK In Focus Podcast: The Future of GenAI

• Fortnite To Return To iPhones In European Union

• Building Resilient Web Applications on AWS: A Comprehensive Approach to Security

• Data Privacy Day: Privacy budgets expected to decrease in 2024

• Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897)

• Data Privacy Day: Privacy budgets expected to decrease in 2024, new research from ISACA reveals

• 16-30 November 2023 Cyber Attacks Timeline

• Why It’s Critical to Integrate SIEM Solutions into Your Organization’s Security Strategy

• Dark Web Drugs Vendor Forfeits $150m After Guilty Plea

• Emerging Paradigms and Innovations in Software Development Trends for 2024

• CI/CD at Risk as Exploits Released For Critical Jenkins Bug

• IBM i and Tripwire Enterprise: What you need to know

• Why the OWASP API Security Top 10 is Essential for Every Business

• Ukraine’s SBU arrested a member of Pro-Russia hackers group ‘Cyber Army of Russia’

• The New Cybercrime Atlas: A Collaborative Approach to Fighting Digital Crime

• NSA Admits Secretly Buying Your Internet Browsing Data without Warrants

• Data Security concerns make US Cloud Companies impose ban on China AI Training

• Essential Security Certifications for Consumer Mobile Devices: A Comprehensive Guide

• Third-party risk management best practices and why they matter

• Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines

• Prioritizing cybercrime intelligence for effective decision-making in cybersecurity

• Global critical infrastructure faces relentless cyber activity

• Indian state government fixes website bugs that exposed residents’ sensitive documents

• Cybercriminals embrace smarter strategies, less effort

• Exploring the intersection of network security and modern technologies

• Third-Party Security Assessments: Vendor Risk Management

• Tesla hacks make big bank at Pwn2Own’s first automotive-focused event

• Buzzing on Christmas Eve: Trigona Ransomware in 3 Hours

• Cyber Insurance for Businesses: Navigating Coverage

• Ukraine Claims Destruction of 280 Russian Servers, 2 Petabytes Lost

• 750 million Indian mobile subscribers’ info for sale on dark web

• IT Security News Weekly Summary – Week 04

• IT Security News Daily Summary 2024-01-28

• Simplifying Access: The Role of Single Sign-On (SSO) in Cloud Computing

• Multiple PoC exploits released for Jenkins flaw CVE-2024-23897

• Crypto Stealing PyPI Malware Hits Both Windows and Linux Users

• Failing Upwards (or not) (Pt1)

• Failing Upwards: Put on your own mask before assisting others (Pt2)

• AllaKore RAT: Malware Target Mexican Banks and Crypto Platforms

• UK Cybersecurity Agency Issues Warning: AI to Enhance Authenticity of Scam Emails

• Medusa ransomware attack hit Kansas City Area Transportation Authority

• The Future of AI: Labour Replacement or Collaboration?

• Kasseika Ransomware Employs AntiVirus Driver to Disarm Other Antiviruses

• Preserving Literary Integrity: Indian Publishers Plead for Copyright Measures Against AI Models

• In Pursuit of a Passwordless Future

• Insights from Billington Cybersecurity Summit 2023: The Enhanced Threat Surface of 5G/6G & IOT

• It’s Time to Tear Down the Barriers Preventing Effective Threat Intelligence

• Building For a More Secure Future: How Developers Can Prioritize Cybersecurity

• PixPirate: The Brazilian financial malware you can’t see

• NASCIO, PTI on What’s Coming in 2024 for State and Local IT

• Week in review: 15 million Trello users’ scraped data on sale, attackers can steal NTLM hashes

• Security Affairs newsletter Round 456 by Pierluigi Paganini – INTERNATIONAL EDITION

• Business Cybersecurity Culture: Building a Secure Workforce

• Data Loss Prevention (DLP) for Business: Strategies and Tools

• New Soap2day Domains Emerge Despite Legal Challenges

Generated on 2024-01-29 23:55:42.281679