IT Security News Daily Summary 2024-02-26

• Latest Research Reveals Rise in API Attacks in 2023, Putting Businesses at Risk in 2024

• Malicious Packages in npm, PyPI Highlight Supply Chain Threat

• From Indiana Jones to Cybersecurity: The Inspiring Journey of Devin

• Nevada sues to deny kids access to Meta’s Messenger encryption

• 7 Cyber Safety Tips to Outsmart Scammers

• Prowler gets $6M seed to build out hit open-source cloud security platform

• A cyber attack hit Thyssenkrupp Automotive Body Solutions business unit

• ALPHV/BlackCat responsible for Change Healthcare cyberattack

• Randall Munroe’s XKCD ‘Light Leap Years’

• USENIX Security ’23 – Synchronization Storage Channels (S2C): Timer-less Cache Side-Channel Attacks on the Apple M1 via Hardware Synchronization Instructions

• LockBit Back Online as Ransomware Gang Continues to Clash with Law Enforcement

• Feds hack LockBit, LockBit springs back. Now what?

• What Is Cross-Site Scripting (XSS)? Types, Risks & Prevention

• EFF Statement on Nevada’s Attack on End-to-End Encryption

• Back from the dead: LockBit taunts cops, threatens to leak Trump docs

• LockBit Ransomware Gang Returns, Taunts FBI and Vows Data Leaks

• Ransomware attack blamed for Change Healthcare outage stalling US prescriptions

• LockBit back from the dead – taunts cops and plans to leak Trump docs

• Facebook Creates Team To Stop AI Disinformation In Elections

• What You Need to Know About the Cybersecurity Market in 2024

• Automating Policy Enforcement in Kubernetes Using OPA: A Step-By-Step Tutorial

• How to use a jump server to link security zones

• Linked Oculus Accounts Trigger Facebook and Instagram Suspension

• Key Points to Remember When Using the Terraform ‘Apply’ Command

• Cyber attack on Hamilton knocks out municipal phone, email

• White House Urges Tech Industry to Eliminate Memory Safety Vulnerabilities

• Best Practices To Secure Stateless REST Applications

• Zyxel Patches Remote Code Execution Bug in Firewall Products

• Cyber Insights 2024: Artificial Intelligence

• Russian Cyberspies Targeting Cloud Infrastructure via Dormant Accounts

• USENIX Security ’23 – Daniel Katzman, William Kosasih, Chitchanok Chuengsatiansup, Eyal Ronen, Yuval Yarom – The Gates of Time: Improving Cache Attacks with Transient Execution

• CISA Issues Alert on APT29’s Cloud Infiltration Tactics

• CrowdStrike 2024 Global Threat Report: 6 Key Takeaways

• Researchers say easy-to-exploit security bugs in ConnectWise remote-access software now under mass attack

• DevNet Sandbox Has a New Look & Feel

• How to make a fake ID online, with Joseph Cox: Lock and Code S05E05

• Researchers say easy-to-exploit security bugs in ConnectWise remote access software now under mass-attack

• Ransomware Roundup – Abyss Locker

• Expert Warns of Growing Android Malware Activity

• Sustainability 101: What are ecolabels?

• How to Leverage AI as a Cybersecurity Professional

• From Open Source to Enterprise Ready: 4 Pillars to Meet Your Security Requirements

• Ransomware Distributed Through Mass Exploitation of ConnectWise ScreenConnect

• New IDAT Loader Attacks Using Steganography to Deploy Remcos RAT

• FTC slaps Avast with $16.5m penalty for selling browser data

• Beware That Anonymous Sudan Is Promoting A New DDoS Botnet

• LoanDepot Ransomware Attack Exposed 16.9 Million Individuals

• State-Sponsored Group Blamed for Change Healthcare Breach

• Critical Flaw in Popular ‘Ultimate Member’ WordPress Plugin

• The xSPM Trend: Security Posture Management for Everything

• LockBit Ransomware Group Returns After Law Enforcement Operation

• Bitdefender Cryptomining Protection detects malicious cryptojacking attempts

• University Of Warwick To Launch Fintech Research Group

• Hacking firm I-Soon data leak revealed Chinese gov hacking capabilities

• Serco Leisure Faces Legal Action for Unlawful Employee Face Scanning

• Amazon Issues ‘Warning’ For Employees Using AI At Work

• LockBit Takedown: What You Need to Know about Operation Cronos

• MWC 2024: Huawei Cloud Seeks Overseas Expansion Despite Sanctions

• Everything you need to know about NIS2

• Lost to the Highest Bidder: The Economics of Cybersecurity Staffing

• LockBit Ransomware: Covertly Evolving Towards Next-Gen Threats Amid Takedown Efforts

• DataVisor introduces fraud and risk solution for financial institutions

• LockBit leak site is back online

• NetSTAR PhishCompass combats phishing threats

• 8,000+ Subdomains of Trusted Brands Hijacked for Massive Spam Operation

• Meta Forms Team To Protect EU Elections From AI Risks

• Scattered Spider: Advanced Techniques for Launching High-Profile Attacks

• LockBit Ransomware Gang Resurfaces With New Site

• Report: Cyberattacks Against Software Supply Chains Become More Targeted

• LockBit claims it’s back, blames failure to patch vulnerability for police attack

• Update: MGLNDD_* Scans, (Sat, Feb 24th)

• Utilizing the VirusTotal API to Query Files Uploaded to DShield Honeypot [Guest Diary], (Sun, Feb 25th)

• ISC Stormcast For Monday, February 26th, 2024 https://isc.sans.edu/podcastdetail/8868, (Mon, Feb 26th)

• Avast Fined Millions for Selling User Browsing Data

• Build a Flow Collectibles Portal Using Cadence (Part 2)

• Securing the Road Ahead: Addressing Persistent Cloud Misconfigurations in the Automotive Industry

• How a Right-Wing Controversy Could Sabotage US Election Security

• LoanDepot says about 17 million customers had personal data and Social Security numbers stolen during cyberattack

• US Leading Global Alliance To Counter Foreign Government Disinformation

• Lockbit Cybercrime Gang Says It Is Back Online Following Bust

• 230k Individuals Impacted By Data Breach At Australian Telco Tangerine

• Hackers For Sale: What We Learned From China’s Massive Cyber Leak

• Fox News Hacker Was Just Journalist Doing His Job, Claim Lawyers

• Palo Alto Networks empowers customers with integrated private 5G solutions

• Pikabot returns with new tricks up its sleeve

• Securing the Secure: The Importance of Secure Software Practices in Security Software Development

• Preventing Attacks and Securing the Supply Chain in the Security Software Industry

• The Importance of Training Employees in Cybersecurity

• CES 2024: Lenovo Shows Transparent Laptop Concept

• SVR Cyber Actors Adapt Tactics for Initial Cloud Access

• CISA, NCSC-UK, and Partners Release Advisory on Russian SVR Actors Targeting Cloud Infrastructure

• Drive Your Cybersecurity Platform Transformation: Lead the Way With SSE

• Data watchdog tells off outsourcing giant for scanning staff biometrics despite ‘power imbalance’

• Cyber Security Today, Feb. 26, 2024 – Canadian online harms legislation to be revealed today, and more

• North Korean Hackers Targeting Developers with Malicious npm Packages

• Security Best Practices for Docker Images

• Web Application Security: The Ultimate Guide to Coding Best Practices

• The Art of Ethical Hacking: Securing Systems in the Digital Age

• Reddit Users React With Dismay To IPO Plans

• ThreatHunter.ai Halts 100s of Attacks: Battling Ransomware & Nation-State Cyber Threats

• Fox News ‘hacker’ turns out to be journalist whose lawyers say was doing his job

• Intel Edge Platform simplifies development and management of edge AI apps

• McAfee Social Privacy Manager helps users keep their posts and personal information more private

• ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708)

• Three Tips to Protect Your Secrets from AI Accidents

• Avast Faces $16.5m Fine for Unlawfully Selling User Browsing Data

• Google Says Gmail ‘Here To Stay’ After Hoax Goes Viral

• Silicon In Focus Podcast: The Business Case for Mobile

• Healthcare Needs Risk-Based Cybersecurity for Comprehensive, Effective Protection

• ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

• NTT DATA partners with Schneider Electric to drive AI innovation at the edge

• Banking Trojans Target Latin America and Europe Through Google Cloud Run

• NCSC to Offer Cyber Governance Guidance to Boards

• Delving into NCSC’s New SMB Cybersecurity Guide

• Cyber Resilience: Planned and Practiced

• IntelBroker claimed the hack of the Los Angeles International Airport

• Nvidia Briefly Surpasses $2tn Valuation On AI Demand

• U-Haul Informs Customers of Major Data Breach

• 8220 Hacker Group Attacking Linux & Windows Users to Mine Crypto

• New DDoS malware Attacking Apache big-data stack, Hadoop, & Druid Servers

• The mobile malware threat landscape in 2023

• A week in security (February 19 – February 25)

• Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections

• Rethinking Trust: The Case Against Blind Reliance on Antivirus Software

• Cybersecurity fears trigger Cloud Repatriation

• Planning for Digital Afterlife: Retrieving Data from a Deceased User’s Google Account

• Accelerate 5G with AI-Powered Cybersecurity

• It’s time for security operations to ditch Excel

• Web Check: Open-source intelligence for any website

• LockBit Ransomware Group Resurfaces After Law Enforcement Takedown

• Escalating cyber threats spark demand for stronger regulations

• CVE count set to rise by 25% in 2024

• HackerGPT – A ChatGPT-Powered AI Tool for Ethical Hackers & Cyber Security Community

• Cybersecurity crisis in schools

• Phishing Prevention for Businesses: Employee Training

• FBI’s LockBit Takedown Postponed a Ticking Time Bomb in Fulton County, Ga.

• Challenging password dogma

• SEO Poisoning to Domain Control: The Gootloader Saga Continues

• Business Data Backups: Strategies for Data Resilience

• LockBit is back and threatens to target more government organizations

• Introducing the CyberPeace Institute: Protecting Communities Online

• IT Security News Weekly Summary – Week 08

• IT Security News Daily Summary 2024-02-25

• Safeguarding Children in the Era of Big Data

• Securing Space Infrastructure for US And Allied Collaboration

• Understand Cyber Insurance: Rising Risks and How to Right-Size Policies

• Cell Service Restored Following Extensive AT&T Outage

• A cyber attack hit the Royal Canadian Mounted Police

• From deepfakes to digital candidates: AI’s political play

• Security is hard because it has to be right all the time? Yeah, like everything else

• Crooks stole $10 million from Axie Infinity co-founder

• Canadian University Vending Machine Malfunction Discloses Use of Facial Recognition

• Cybersecurity Nightmare Unfolds as Malawi’s Immigration Systems Under Attack

• Rise in Fake Life Insurance Emails, Action Fraud Warns

• Using Webhooks with your Privileged Access Management Tool

• Security Affairs newsletter Round 460 by Pierluigi Paganini – INTERNATIONAL EDITION

• Week in review: 10 cybersecurity startups to watch, admins urged to remove VMware vSphere plugin

• Authorities Claim LockBit Admin “LockBitSupp” Has Engaged with Law Enforcement

• FTC Orders Avast To Pay $16.5M For Selling User’s Browsing Data

• Social Engineering Awareness for Employees

• Apple created post-quantum cryptographic protocol PQ3 for iMessage

Generated on 2024-02-26 23:55:35.080813