IT Security News Daily Summary 2024-02-06

• How Does Automated API Testing Differ from Manual API Testing: Unveiling the Advantages

• Patch Management and Container Security

• MuleSoft unveils policy development kit for API gateway

• Confirmed: Entrust is buying AI-based ID verification startup Onfido, sources say for more than $400M

• Commercial spyware vendors are behind most zero-day exploits discovered by Google TAG

• 3 million smart toothbrushes were just used in a DDoS attack. Really

• Google is making sharing passwords with your family members a lot easier

• Mozilla adds paid-for data-deletion tier to Monitor, its privacy-breach radar

• dictionary attack

• Free & Downloadable Cybersecurity Risk Assessment Templates

• Verizon says 63K employees’ info fell into the wrong hands – an insider this time

• The Web Scraping Problem, Part 2: Use Cases that Require Scraping

• What to Do When Your VPN Provider Suffers from Zero-Day Vulnerabilities

• Stop Scrapers and Scalpers with Akamai Content Protector

• The Web Scraping Problem, Part 3: Protecting Against Botnets

• Securing The Future: Cybersecurity Predictions for 2024

• Verizon says 63K employees’ info fell into wrong hands – an insider in this case

• CISA Announces Renewal of the Information and Communications Technology Supply Chain Risk Management Task Force

• Verizon alerts 63k employees their details were leaked by an insider

• Unifying Cloud Security Beyond Siloes

• Chained Exploits, Stolen VPN Access: Hackers Target Ivanti Users Despite Patches

• Google fixed an Android critical remote code execution flaw

• Report Surfaces Extent of SaaS Application Insecurity

• Top 7 Cyber Threat Hunting Tools for 2024

• How GPL-1 Drug Success Transforms Healthcare Revenue – Is your Organization Ready?

• USENIX Security ’23 – Chen Chen, Rahul Kande, Nathan Nguyen, Flemming Andersen, and Aakash Tyagi, Ahmad-Reza Sadeghi, Jeyavijayan Rajendran – HyPFuzz: Formal-Assisted Processor Fuzzing

• Unlocking Seamless Experiences: Embracing Passwordless Login for Effortless Customer Registration and Authentication

• A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e

• Documents about the NSA’s Banning of Furby Toys in the 1990s

• The Essential Guide to Incident Response and Cyber Resilience

• Chinese Coathanger malware hung out to dry by Dutch defense department

• New ResumeLooters Gang Targets Job Seekers, Steals Millions of Resumes

• Why and How to Extract Malware Configurations in a Sandbox

• Microsoft unveils Face Check for secure identity verification

• WhatsApp Chats Will Soon Work With Other Encrypted Messaging Apps

• CISA Adds One Known Exploited Vulnerability to Catalog

• Navigating the AI Frontier with Cisco

• Safer Internet Day: Cybersecurity Experts Weigh In

• Spotify Sees Record Subscriber Growth For 2023

• Securden Password Vault Review 2024: Security, Pricing, Pros & Cons

• 20 free cybersecurity tools you should know about

• Tech Giants Form Post-Quantum Cryptography Alliance

• ZeroFox to be Taken Private in $350 Million Deal

• EU Takes a Leap Forward with Cybersecurity Certification Scheme

• Watch Out for Phone Scams

• Telegram Emerges as Hub for Cybercrime, Phishing Attacks as Cheap as $230

• Critical infrastructure cyber law needed ‘more than ever,’ Parliament told

• Adaptiva launches risk-based prioritization capability for OneSite Patch

• $1,900 Bounty Awarded for Arbitrary Options Update Vulnerability Patched in Cookie Information | Free GDPR Consent Solution WordPress Plugin

• Meta To Begin Labelling Other Companies’ AI Images

• What Is a Host-Based Firewall? Definition & When to Use

• HID Global Reader Configuration Cards

• HID Global Encoders

• A Guide to Effective Cloud Privileged Access Management

• EquiLend back in the saddle as ransom payment rumors swirl

• Millions of User Records Stolen From 65 Websites via SQL Injection Attacks

• US Uses Visa Restrictions in Struggle Against Spyware

• Malware-as-a-Service Now the Top Threat to Organizations

• Now Spyware links can lead to Visa restrictions

• Warning After Videos Show Apple Vision Pro Users Driving Teslas

• Mozilla Monitor’s new service removes your personal info from data broker sites automatically

• Innovation With a Security-First Mindset

• Elite Supplements: The Latest Aussie Business to Fall Victim to a Cyber Attack

• US Authorities Identify Iranian Connection in Recent Cybersecurity Breaches

• Bitdefender Email Protection identifies potentially dangerous content in webmail

• SailPoint unveils two sets of new offerings to help companies grow their identity security program

• Combat Phishing Attacks With AI-Powered Email Threat Protection: Packet Guide 2024

• Third-party breaches hit 90% of top global energy companies

• State of Malware 2024: What consumers need to know

• Cisco Motific reduces GenAI security, trust, and compliance risks

• Experts Detail New Flaws in Azure HDInsight Spark, Kafka, and Hadoop Services

• Beware: Fake Facebook Job Ads Spreading ‘Ov3r_Stealer’ to Steal Crypto and Credentials

• VT Livehunt Cheat Sheet

• Resonance Hires Cybersecurity Pro George Skouroupathis As Its Offensive Security Engineer

• Cloudflare Server Compromised Due to Leaked Access Token in Okta Breach

• Eight emerging areas of opportunity for AI in security

• Rethinking Cybersecurity: Why Platform Consolidation is the Future

• Why an HR-IT Partnership is Critical for Managing Cybersecurity Risk

• Spoutible API exposed encrypted password reset tokens, 2FA secrets of users

• Known ransomware attacks up 68% in 2023

• Menlo Ventures’ vision for the future of security for AI

• DeepMind’s GenEM uses LLMs to generate expressive behaviors for robots

• 9 Best Cybersecurity Certifications to Get in 2024

• Safer Internet Day, or why Brad Pitt needed an internet bodyguard

• Canon Patches 7 Critical Vulnerabilities in Small Office Printers

• A Chicago Children’s Hospital Has Taken Its Networks Offline After a Cyberattack

• The Future of Rollouts: From Big Bang to Smart and Secure Approach to Web Application Deployments

• Hackers Exploit APAC Job Boards: Analysis and Key Takeaways

• Double trouble for Fortinet customers as pair of critical vulns found in FortiSIEM

• Government hackers targeted iPhones owners with zero-days, Google says

• eBPF wrapped 2023

• Red Hat and RISC-V: To the far edge and beyond

• Main Types of Patch Management Solutions: A Decision-Making Guide

• SOC 2 Audit: The Essentials for Data Security and Compliance

• Software supply chain security: Upgrade your AppSec for a new era

• The Cloudflare source code breach: Lessons learned

• Delinea appoints Kate Reed as CMO

• OpenText Fortify Audit Assistant increases developer efficiency by reducing noise and false positives

• Akamai Content Protector detects and mitigates evasive scrapers

• Chinese Tablet Vendors Post Strong Growth Amid Global Slump

• Resonance Hires Cybersecurity Pro George Skouroupathis As Its Offensive Security Lead

• Researchers Unvield the Sophisticated Ransomware Used by Black Hunt

• Joint Statement on Ivanti Connect Secure and Ivanti Policy Secure Vulnerabilities

• Attack surface management platform Ionix adds another $15M to its $27M Series A round

• Paving the Way to a More Inclusive Future

• How Cisco, together with Apple, is tackling the next frontier of hybrid work — spatial computing

• Hacker Conversations: Rob Dyke on Legal Bullying of Good Faith Researchers

• Critical Remote Code Execution Vulnerability Patched in Android

• EasyDMARC VS Proofpoint DMARC

• Safer Internet Day: Two Million Brits Victims of Financial Identity Fraud

• Early Apple Vision Pro Users Find Pitfalls, Hidden Gems

• Multiple Container Flaws Allow Attackers to Access the Host OS

• NinjaOne raises $231.5 million to boost product innovation

• Meta’s Oversight Board Urges a Policy Change After a Fake Biden Video

• U.S. Gov imposes visa restrictions on individuals misusing Commercial Spyware

• Fragmented cybersecurity vendor landscape is exacerbating risks and compounding skills shortages, SenseOn research reveals

• Google Links Over 60 Zero-Days to Commercial Spyware Vendors

• Security Breach at AnyDesk: Production Servers Hacked, Password Reset

• Hackers Exploit Job Boards, Stealing Millions of Resumes and Personal Data

• How a $10B Enterprise Customer Drastically Increased their SaaS Security Posture with 201% ROI by Using SSPM

• 2054, Part II: Next Big Thing

• ResumeLooters target job search sites in extensive data heist

• IBM LinuxONE 4 Express protects sensitive private data

• Latest Ivanti Zero Day Exploited By Scores of IPs

• UK EV Maker Arrival Collapses Into Administration

• The Dangers of Default: Cybersecurity in the Age of Intent-Based Configuration

• ThinkCyber and Plexal Join BT as Sponsors of The Most Inspiring Women in Cyber Awards 2024

• New kids on the ransomware block in 2023: Akira and 8Base lead dozens of newbies

• Cisco introduces new integrations across networking and security portfolios

• Hackers Exploit Job Boards in APAC, Steal Data of Millions of Job Seekers

• US Cracks Down on Spyware with Visa Restrictions

• AI In Your Pocket

• Yandex Parent To Sell Russian Operations

• What is SaaS Sprawl? Guide to Combating SaaS Security Risks

• Singapore removes personal data collected for COVID-19 contact tracing

• Save $500 on This Unique Web-Based Cybersecurity Training Program for a Limited Time

• Lagging Mastodon admins urged to patch critical account takeover flaw (CVE-2024-23832)

• ResumeLooters Gang Raids Retail and Job Site Data

• Security Risks of Kubernetes Helm Charts and What to do About Them

• Adversary infrastructures tracked in 2023

• How are user credentials stolen and used by threat actors?

• Phone Scam Siphons Over $200,000 from Bank Account Holder

• Connect, Secure, Assure Every Digital Experience Everywhere

• Staying Connected and Protected in a Highly Distributed World with Cisco Secure Networking

• Unlock Rapid, Trusted Delivery of Generative AI Applications

• HPE is investigating claims of a new security breach

• iOS sideloading & alternative app stores: Preparing for increased brand risk this March

• Recent SSRF Flaw in Ivanti VPN Products Undergoes Mass Exploitation

• The Tech Jobs That AI Will Not Disrupt

• 3 New Risks That CISOs Will Face in 2024

• How Small and Mid-Sized Businesses Can Achieve System and Organization Controls (SOC 2) Compliance

• Closing the Gap: Safeguarding Critical Infrastructure’s IT and OT Environments

• Five 5 benefits of having a cyber insurance cover on hand

• 3 ways to achieve crypto agility in a post-quantum world

• How CISOs navigate policies and access across enterprises

• U.S. Imposes Visa Restrictions on those Involved in Illegal Spyware Surveillance

• 10 must-read cybersecurity books for 2024

• Exploring NIST Cybersecurity Framework 2.0

• Paying ransoms is becoming a cost of doing business for many

• Cybersecurity for E-commerce Websites: Protecting Customer Data

• UK, France Host Conference to Tackle ‘Hackers for Hire’

• Google throws $1M at Rust Foundation to build C++ bridges

• The Role of Machine Learning in Cybersecurity

• Are you sure you want to share that with ChatGPT? How Metomic helps stop data leaks

• CVE-2024-21893: Another Ivanti Vulnerability Exploited in the Wild. Verify with NodeZero Today!

• Navigating Cybersecurity Budget Constraints for K-12 Schools

• Google throws $1m at Rust Foundation to build C++ bridges

• IT Security News Daily Summary 2024-02-05

• Enpass Review 2024: Pricing, Features, Pros, & Cons

• Clorox counts the cost of cyberattack

• The Trusted Liquid Workforce

• The Journey to CCDE, a Personal Story

• Ivanti devices hit by wave of exploits for latest security hole

• US to Roll Out Visa Restrictions on People Who Misuse Spyware to Target Journalists, Activists

• AnyDesk hacked, details unclear

• VulnRecap 2/5/24 – Azure, Apple, Ivanti, & Mastodon at Risk

• More mass exploits hit the same buggy Ivanti devices

• Pass Canadian AI law as soon as possible, expert tells Parliament

• The best VPN deals right now

• Facebook Oversight Board Says Company’s Rules Allow Fake Video Calling Biden Pedophile

• Experts warn of a surge of attacks targeting Ivanti SSRF flaw

• Vulnerability Summary for the Week of January 29, 2024

• Ignore Uncle Sam’s ‘voluntary’ cybersecurity goals for hospitals at your peril

• Snap Cuts 10 Percent Of Staff

• Safeguard Your Network in a Post-Quantum World

• AnyDesk revokes signing certs, portal passwords after crooks sneak into systems

• Shadow AI poses new generation of threats to enterprise IT

• Google Contributes $1 Million to Rust, Says It Prevented Hundreds of Android Vulnerabilities

• Mitsubishi Electric Factory Automation Flaws Expose Engineering Workstations

• Survey Surfaces Willingness to Switch Data Protection Platforms

• CFO Deepfake Fools Staff — Fakers Steal $26M via Video

• AsyncRAT Loader Delivers Malware via JavaScript

• CSO’s Guide: Water-Tight Account Security For Your Company

• Firm offers protection layer preventing sensitive data uploaded to ChatGPT

• ‘Control D for Organizations’ Launched – Democratizing Cybersecurity for Organizations of All Sizes

• Cybersecurity Tops 2024 Global Business Risks

• Mispadu Malware Exploits Windows SmartScreen Flaw to Attack Users

• Improving Interoperability Between Rust and C++

• 6 multi-cloud identity management tips and best practices

• HopSkipDrive says personal data of 155,000 drivers stolen in data breach

• How to hack the Airbus NAVBLUE Flysmart+ Manager

• Deepfake Fraud

• Belarusian National Linked to BTC-e Faces 25 Years for $4 Billion Crypto Money Laundering

• Python Info-stealer Distributed by Malicious Excel Document

• Cybersecurity Crisis on US Healthcare Sector Children Hospital in Alarms

• Congratulations to Cisco’s 2024 CRN Channel Chiefs!

• Privileged Accounts 101: Everything You Need to Know

• Top Trends in Cybersecurity, Ransomware and AI in 2024

• Pennsylvania Courts’ Website Disrupted by DoS Attack

• Interpol’s Operation ‘Synergia’ Secures Numerous Cybercriminal Arrests, Disrupts Global C2s

• Cloudflare Faces Cybersecurity Breach in Okta Supply-Chain Attack

• Local File Inclusion Vulnerability Patched in Shield Security WordPress Plugin

• Huawei ‘Faces Production Bottleneck’ Amidst AI, 5G Chip Success

• Data Lineage in Modern Data Engineering

• How to spot the bad actors this awards season

• Lurie Children’s Hospital back to pen and paper after cyberattack

• QNAP Patches High-Severity Bugs in QTS, Qsync Central

• AnyDesk Revokes Certificates, Urges Password Changes After Attack

• RBI Issues Warning Against Scam Via KYC trick

• Varonis MDDR helps organizations prevent data breaches

• Deepfaked video conference call makes employee send $25 million to scammers

• Employee Duped by AI-Generated CFO in $25.6M Deepfake Scam

• Remote access giant AnyDesk resets passwords and revokes certificates after hack

• Are Passwords Killing Your Customer Experience?

• Huawei Retakes Top China Smartphone Sales Spot

• Thoma Bravo takes critical event management software company Everbridge private in $1.5B deal

• Metomic for ChatGPT identifies critical risks in ChatGPT conversations

• OPSWAT enhances its MetaDefender Kiosk product line

• US Condemns Iran, Issues Sanctions for Cyber-Attacks on Critical Infrastructure

• Secureworks Applies Multiple Forms of AI to Assess Threat Risks

• Ex-CIA Developer Faces 40-Year Sentence for Leaking Classified Data to WikiLeaks

• Cyber Security Today, Feb. 5, 2024 – Warnings to AnyDesk and Mastodon administrators, a lesson from a Cloudflare breach, and more

• Airbus App Vulnerability Introduced Aircraft Safety Risk: Security Firm

• Google Open Sources AI-Aided Fuzzing Framework

• Two Practical Examples of Modern Cloud SecOps

• Facebook Manipulated Media Policy ‘Incoherent’, Board Finds

• Synthetic Solutions: Redefining Cybersecurity Through Data Generation in the Face of Hacking

• How to comply with GDPR requirements

• AnyDesk has been hacked, users urged to change passwords

• AnyDesk Hit by Cyber-Attack and Customer Data Breach

• Tesla Recalls More Than 2 Million Cars Over Warning Light Size

• AnyDesk Hacked: Revokes Passwords, Certificates in Response

• OT Maintenance Is Primary Source of OT Security Incidents: Report

• Vix Makes Travels Safer and Smoother With Proactive Global Visibility

• Crooks stole $25.5 million from a multinational firm using a ‘deepfake’ video call

• Combined Security Practices Changing the Game for Risk Management

• Ransomware Retrospective 2024: Unit 42 Leak Site Analysis

• Labour Would Bring In Mandatory AI Safety Testing

• Ethical Hackers Reported 835 Vulnerabilities, Earned $450K in 2023

• 2054, Part I: Death of a President

• Yandex to sell its remaining Russian businesses for $5.2B — half its market value

• AnyDesk Revokes Passwords, Certificates in Response to Hack

• Ukraine Faces PurpleFox Malware Crisis: Unraveling the Ongoing Battle and Countermeasures

• Are smart homes about to break free from smart phones?

• A Comprehensive Overview Of Nanotechnology And Applications Of Nanotechnology

• Clorox and Johnson Controls Reveal $76m Cyber-Attack Bill

• Lords: UK Risks Missing Out On AI ‘Goldrush’

• Tripwire Patch Priority Index for January 2024

• Preparing Cybersecurity for the Super Bowl

• UK Court Backlog Blocks Attempts to Fight Fraud Epidemic

• Software firm AnyDesk disclosed a security breach

• Pegasus Spyware Targeted iPhones of Journalists and Activists in Jordan

• Cisco CX is Accelerating Outcomes Through Technology Innovation

• Spoutible – 207,114 breached accounts

• A week in security (January 29 – February 4)

• Alert: Jenkins Vulnerabilities Open Servers To RCE Attacks

• ApateWeb: Hackers Using 130,000+ Domains to Launch Cyber Attacks

• Latio Application Security Tester: Use AI to scan your code

• KeePass 2.56 released: options search and history improvements

• AnyDesk hit by ransomware and Cloudflare hacked

• Unraveling the Differences: Hashing, Salting, and Encryption Explained

• Businesses banning or limiting use of GenAI over privacy risks

• Researchers discover exposed API secrets, impacting major tech tokens

• How cybersecurity strategies adapt to evolving threats

• New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw

• Migrating to the cloud: An overview of process and strategy

• SBF likely off the hook for misplaced FTX funds after cops bust SIM swap ring

• Mobile Device Security: Protecting Your Smartphone

• General Timothy Haugh Takes Lead of NSA and Cyber Command

Generated on 2024-02-06 23:55:48.158690