IT Security News Daily Summary 2024-04-04

• Google survey: 63% of IT and security pros believe AI will improve corporate cybersecurity

• The Power of AI Assistants and Advanced Threat Detection

• 2024-04-04: Koi Loader/Stealer activity

• Google Patches Pixel Phone Zero-days After Exploitation by

• Ransomware attacks ravaged municipal governments in March

• New Latrodectus Downloader Malware Linked to IcedID and Qbot Creators

• Introducing Confidential Containers Trustee: Attestation Services Solution Overview and Use Cases

• Bing ad for NordVPN leads to SecTopRAT

• Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz

• Google Chrome Enlists Emerging DBSC Standard to Fight Cookie Theft

• Infosec professionals praise CSRB report on Microsoft breach

• Mastering MITRE: Enhancing Cybersecurity with Device Log Mapping

• Feds probe massive alleged classified US govt data theft and leak

• Slicing up DoNex with Binary Ninja, (Thu, Apr 4th)

• Wordfence Intelligence Weekly WordPress Vulnerability Report (March 25, 2024 to March 31, 2024)

• There are plenty of ways to improve cybersecurity that don’t involve making workers return to a physical office

• Alphabet Mulls Offer For Marketing Software Firm HubSpot

• OWASP Disclosed Data Breach Affecting Old Members

• Cisco Industrial IoT: Enabling the global acceleration of offshore wind

• Navigating the Multicloud Journey with Cisco’s New Certifications [Infographic]

• The White House is Wrong: Section 702 Needs Drastic Change

• US To Urge Holland To Halt ASML Servicing Tools For China

• OWASP Reveals Data Breach Stemming from Wiki Misconfiguration

• Smishing Surge: Tactics, Threats, and ‘The Com’

• 5 Best Crypto Marketing Agencies for Web3 Security Brands in 2024

• Jackson County hit by ransomware, declares state of emergency

• New Phishing Campaign Targets Oil & Gas with Evolved Data-Stealing Malware

• Vietnam-Based Hackers Steal Financial Data Across Asia with Malware

• LockBit Scrambles After Takedown, Repopulates Leak Site with Old Breaches

• Cyber Attack propelled Electromagnetic Interference targets ships on Iran Coast

• AT&T To Face Lawsuit Following Breach Impacting 73 Million Customers

• AI Deepfakes Rising as Risk for APAC Organisations

• DOD Officially Launches New Cyber Policy Office

• Jackson County IT Systems Hit By Ransomware Attack

• Tesla Shares Dive After EV Shipments Disappoint

• Google Patches Pixel Phone Zero-days After Exploitation by “Forensic Companies”

• Asia-Pacific Ransomware Threats Depend on Country and Sector, Says Rapid7

• Hitachi Energy Asset Suite 9

• CISA Releases Two Industrial Control Systems Advisories

• CISA Adds Two Known Exploited Vulnerabilities to Catalog

• US cancer center City of Hope: data breach impacted 827149 individuals

• Byakugan – The Malware Behind a Phishing Attack

• A 5-Minute Refresher to Cryptography

• Ivanti commits to secure-by-design overhaul after vulnerability nightmare

• From Promising to Practical: The Transformative Impact of Homomorphic Encryption

• Leadership in the Age of AI: Skills You Need to Succeed

• New JSOutProx Malware Targets Financial Firms in APAC, MENA

• Hackers Hijacked Notepad++ Plugin to Execute Malicious Code

• CISA Joins the Minimum Viable Secure Product Working Group

• Data protection vs. data backup: How are they different?

• Transforming Connectivity: Inside Bush Brothers & Company’s Network Infrastructure Overhaul

• Empowering Partner Success: How 3 Black Female CEOs lead the charge with AACPC

• 1-15 January 2024 Cyber Attacks Timeline

• Fake Lawsuit Threat Exposes Privnote Phishing Sites

• Ivanti Releases Security Update for Ivanti Connect Secure and Policy Secure Gateways

• Israel Used AI To Identify 37,000 Hamas Targets

• WordPress LayerSlide Plugin Bug Risks Password Hash Extraction

• Man Pleads Guilty To Stealing Former Coworker’s Identity For 30 Years

• Cyberattack Causes Disruptions at Omni Hotels

• Omni Hotels suffer prolonged IT outage due to cyberattack

• Taiwan Earthquake Prompts Chip Supply Concerns

• Macs Vulnerable to Info-Stealing Malware via Ads and Fake Software

• NIST awards $3.6 million to address the cybersecurity workforce gap

• Omni hotels hit by a possible ransomware attack

• Exploring the Threat of Data Poisoning in Cybersecurity

• New Red Ransomware Group (Red CryptoApp) Exposes Victims on Wall of Shame

• Mastering The DevOps Toolchain: 10 Essential to Build a DevOps Assembly Line

• Not So Private After All: How Dating Apps Can Reveal Your Exact Location

• US Cancer Center Data Breach Impacting 800,000

• The Five Essentials of Immutable Storage: Why They Matter

• Center Identity Launches Patented Passwordless Authentication for Businesses

• Despite Mounting Cyberattacks, Analysts Uncover The Primary Challenge

• Google’s Incognito Mode: Privacy, Deception, and the Path Forward

• Are YouTube Game Cracks Hiding Malware?

• Ivanti vows to transform its security operating model, reveals new vulnerabilities

• Microsoft reveals how much Windows 10 Extended Security Updates will cost

• Pixel Phone Zero-Days Exploited by Forensic Firms

• SurveyLama Data Breach Impacts 4.4 Million Users

• Cloud Threat Detection Firm Permiso Raises $18 million

• Critical Vulnerability in Progress Flowmon Allows Remote Access to Systems

• CoralRaider targets victims’ data and social media accounts

• 5 Best Password Managers for Android in 2024

• Get a Lifetime of VPN Protection for Just $16

• Meet the new Cisco Catalyst 1200 and 1300 Series Switches for SMBs

• New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks

• Considerations for Operational Technology Cybersecurity

• Leicester Council Confirms Confidential Documents Leaked in Ransomware Attack

• Surveillance by the New Microsoft Outlook App

• New HTTP/2 DoS Attack Potentially More Severe Than Record-Breaking Rapid Reset

• Deepfake Expert Henry Ajder to Keynote Infosecurity Europe 2024 on AI Challenges

• Ransomware gang did steal residents’ confidential data, UK city council admits

• Researchers Observed Visual Studio Code Extensions Stealing Users’ Sensitive Data

• Hosting Provider VMware ESXi Servers Hit by New SEXi Ransomware

• Zoom Paid Out $10 Million via Bug Bounty Program Since 2019

• Microsoft’s Security Chickens Have Come Home to Roost

• Cyber Insurance Reduces Risk: Five Ways to Lower Your Rates

• CMA Begins Phase 2 Probe Of Vodafone Merger With Three UK

• 9 Must-Do Tips to Secure Ubuntu Server

• Avast One Silver allows users to tailor their coverage based upon their personal preferences

• Intel Shares Slide After Foundry Business Posts $7 Billion Loss

• Security vs. Compliance: What’s the Difference?

• Expert Insight: Breaking the glass firewall: Building a cybersecurity sisterhood

• Threat Actor Claims Classified Five Eyes Data Theft

• A Vigilante Hacker Took Down North Korea’s Internet. Now He’s Taking Off His Mask

• When AI attacks

• Firms Must Work Harder to Guard Children’s Privacy, Says UK ICO

• Ivanti fixed for 4 new issues in Connect Secure and Policy Secure

• Gesture Jacking – New Attack That Deceives Website Visitors

• Understanding ISO 27001:2022 Annex A.10 – Cryptography

• Welcome to 2024: A Year in Review with Akamai Hunt

• KeyTrap Highlights Need for Enduring DNS Defenses for Service Providers

• How to Avoid Email Blacklists and Improve Your Deliverability

• Ivanti Rushes Patches for 4 New Flaws in Connect Secure and Policy Secure

• Jackson County, Missouri, discloses a ransomware attack

• Get end-to-end protection with Microsoft’s unified security operations platform, now in public preview

• Six steps for security and compliance in AI-enabled low-code/no-code development

• Ivanti Rushes Patches for 4 New Flaw in Connect Secure and Policy Secure

• Mantis: Open-source framework that automates asset discovery, reconnaissance, scanning

• Strengthening defenses against nation-state and for-profit cyber attacks

• Healthcare’s cyber resilience under siege as attacks multiply

• Hackers Claiming Breach of Five Eyes Intelligence Group (FVEY) Documents

• 76% of consumers don’t see themselves as cybercrime targets

• ISC Stormcast For Thursday, April 4th, 2024 https://isc.sans.edu/podcastdetail/8924, (Thu, Apr 4th)

• Nearly 1M medical records feared stolen from City of Hope cancer centers

• Broadcast Network Finds Multiple Solutions with Votiro

• 100 kilometers of quantum-encrypted transfer

• Top Signs Your Ad Campaigns Are Being Sabotaged by Bots & How to Stop Them

• Google Fixed Pixel Vulnerabilities CVE-2024-29745 and CVE-2024-29748

• IT Security News Daily Summary 2024-04-03

• Google addressed another Chrome zero-day exploited at Pwn2Own in March

• Smart Traffic Signals Security in the Era of AI and Smart Cars

• Google patches critical vulnerability for Androids with Qualcomm chips

• Want to keep getting Windows 10 updates next year? Here’s what it will cost

• Soft Skills for Cybersecurity Leaders: CISO’s Perspective

• Security Pioneer Ross Anderson Dies At 67

• Microsoft Blamed For A Cascade Of Security Failures In Exchange Breach Report

• ChatGPT Jailbreak Prompts Proliferate On Hacker Forums

• EU Drops Sovereignty Reqs In Cybersecurity Cert Scheme

• Google Chrome gets ‘Device Bound Session Credentials’ to stop cookie theft

• Omni Hotels IT systems down since Friday, hitting bookings, payments, door locks

• Cisco Duo wins Best in KLAS again for the second year in a row

• In Historic Victory for Human Rights in Colombia, Inter-American Court Finds State Agencies Violated Human Rights of Lawyers Defending Activists

• NIST Proposes Public-Private Group to Help with NVD Backlog

• Biden Review Board Gives Microsoft a Big, Fat Raspberry

• Some things you can learn from SSH traffic, (Wed, Apr 3rd)

• Amazon Web Services Lays Off Hundreds Of Staff

• Ostrich Cyber-Risk Announces Partnership with Kyndryl

• Embracing innovation: Derrick’s transition from banking to Microsoft’s Threat Intelligence team

• Musicians, Artists Call For Protection From AI

• The New Version of JsOutProx is Attacking Financial Institutions in APAC and MENA via Gitlab Abuse

• Indian government issues cyber crime alert in view of job offers

• Know the significance of World Cloud Security Day

• Victoria VR Becomes First Virtual Reality Developer to Integrate OpenAI

• Google Cloud/Cloud Security Alliance Report: IT and Security Pros Are ‘Cautiously Optimistic’ About AI

• Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies

• FCC To Vote This Month To Restore Net Neutrality

• Delivering on the vision of a modern grid network that’s secure, simple, and scalable

• #MIWIC2024: Hazel McPherson, CISO at ALD Automotive

• Speaking Freely: Emma Shapiro

• Vulnerability Summary for the Week of March 25, 2024

• Cyber Safety Review Board Report Slams Microsoft Security Failures in Government Email Breach

• Sophos Reveals Ransomware Attacks Are Now Targeting Backups

• Expand your IT and cybersecurity skills with this $28 learning bundle

• RoboForm Review 2024: Is It Right for Your Business?

• IoT Botnets and Infostealers Frequently Target Retail Sector

• U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers

• Prudential Financial Notifies 36,000 Individuals of Data Breach

• Celebrating 25 Years of OpenSSL

• Jackson County, Missouri, Closes Offices Because of Ransomware Attack

• Number of Chinese Devices in US Networks Growing Despite Bans

• Google Messages’ Gemini Update: What You Need To Know

• Infostealers Prevalent in Retail Sector Cybercrime Trends

• Elon Musk’s X Names New Head Of Safety

• The best travel VPNs of 2024: Expert tested and reviewed

• A True Trusted Advisor

• Palo Alto Networks 2023 ESG Report — Securing Our Digital Future

• Why your data isn’t as safe as you think and what it could cost you

• On Secure Workload Access and Aembit’s Journey to Innovation Sandbox at RSA Conference 2024

• Aembit Selected as Finalist for RSA Conference 2024 Innovation Sandbox Contest

• Navalny’s Revenge? Hackers Siphon Huge Russian Prisoner Database: Report

• Protecting Your Digital Identity: Celebrating Identity Management Day

• Google fixed two actively exploited Pixel vulnerabilities

• CVE and NVD – A Weak and Fractured Source of Vulnerability Truth

• Know Your Audience When Speaking to Security Practitioners

• Google Chrome Beta Tests New DBSC Protection Against Cookie-Stealing Attacks

• IntelBroker Leaks Alleged National Security Data Tied to US Contractor Acuity Inc.

• “When can we be together – forever?” A deep dive into emotional scamming

• Empowering Your Team: 5 Ways Internally Marketing Security Policies can Benefit Your Organization

• Authy vs Google Authenticator: Two-Factor Authenticator Comparison

• The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermind

• Salt Security Launches AI-Powered Assistant Pepper

• Bridging IT and OT Cybersecurity with AI

• A “cascade” of errors let Chinese hackers into US government inboxes

• New XZ Utils Backdoor Free Scanner to Detect Malicious Executables

• GenAI: The next frontier in AI security threats

• ‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

• Picus Security helps organizations reduce their threat exposure with AI-driven insights

• Critical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress Sites

• Scathing Federal Report Rips Microsoft for Shoddy Security, Insincerity in Response to Chinese Hack

• Continuous Monitoring and Frameworks: A Web of Security Vigilance

• Picus Security Melds Security Knowledge Graph with Open AI LLM

• NVD’s New Phase, Industry Consortium to Oversee NIST’s Vulnerability Database

• Cyber Slavery: Thousands of Indians Trapped in a Web of Deceit

• Microsoft’s Exchange Server Hack: Key Rotation Flaw Triggers Breach

• Top GenAI Threats – and why Zero Trust AI Access is the Future

• Empowering Your Team: 5 ways internally marketing security policies can benefit your organization

• Google Cloud and CSA: 2024 will bring significant generative AI adoption in cybersecurity, driven by C-suite

• Unlocking the Future of Government Cybersecurity: Insights from CyberScoop’s Zero Trust Summit

• Accelerate the path to PCI DSS 4.0 adoption

• Security pioneer Ross Anderson dies at 67

• Cyber Security Today, April 3, 2024 – New Linux vulnerability is found, and a must-read ransomware case study

• Google bakes new cookie strategy that will leave crooks with a bad taste

• Missouri County Hit by Ransomware

• Microsoft Singled Out In Review Of Chinese Hack Of US Government Emails

• This IT Career Kickstarter Bundle is An Extra 20% Off Through April 7th

• Attack Surface Management vs. Vulnerability Management

• Unveiling the Fallout: Operation Cronos’ Impact on LockBit Following Landmark Disruption

• [Free & Downloadable] Incident Management Policy Template – 2024

• XZ Utils Backdoor Attack Brings Another Similar Incident to Light

• Google Patches Chrome Flaw That Earned Hackers $42,500 at Pwn2Own

• UK and US to Build Common Approach on AI Safety

• Samsung To ‘Redefine’ Bixby With Generative AI

• UN? FBI? World Bank? Deepfake police chief used for compensation scam video

• Class-Action Lawsuit against Google’s Incognito Mode

• Google Patches Exploited Pixel Vulnerabilities

• Bitwarden releases magic links API to improve passwordless user authentication

• NVD: NIST is working on longer-term solutions

• RDP Abuse Present in 90% of Ransomware Breaches

• WhatsApp vs. Signal vs. Telegram vs. Facebook: What data do they have about you?

• Mispadu Trojan Targets Europe, Thousands of Credentials Compromised

• Jackson County Missouri Ransomware Attack Impacts IT Systems

• Exploring Access Control Models: Building Secure Systems in Cybersecurity

• Tripwire Patch Priority Index for March 2024

• New Version of the Vultur Android Banking Trojan Spoofs Security App

• Rust memory safety explained

• Owl Talon 3 provides hardware-enforced, one-way data transfers

• YouTube Video Game ‘Hacks’ Contain Malware Links

• Block Ads And Free Up The Internet For An Extra 20% Off

• Customer Story | Content Filter Protects Student Safety, Data Security, and CIPA Compliance At Azusa Unified School District

• TrueMedia.org introduces deepfake detection tool

• Highly sensitive files mysteriously disappeared from EUROPOL headquarters

• Beware of New Mighty Stealer That Takes Webcam Pictures & Capture Cookies

• Meet clickjacking’s slicker cousin, ‘gesture jacking,’ aka ‘cross window forgery’

• DarkGate Malware Abusing Cloud Storage & SEO Following Delivery Over Teams

• USSD Call Forwarding Deactivation: India’s Move to Safeguard Against Cyber Fraud

• Critical Security Flaw Found in Popular LayerSlider WordPress Plugin

• Location tracking and the battle for digital privacy

• How Google plans to make stolen session cookies worthless for attackers

• Cybersecurity jobs available right now: April 3, 2024

• Indian government’s cloud spilled citizens’ personal data online for years

• Microsoft Priva announces new solutions to help modernize your privacy program

• Human risk is the top cyber threat for IT teams

• Cyber attacks on critical infrastructure show advanced tactics and new capabilities

• Microsoft slammed for lax security that led to China’s cyber-raid on Exchange Online

• Microsoft slammed for lax security that led to Exchange Online attack

• ISC Stormcast For Wednesday, April 3rd, 2024 https://isc.sans.edu/podcastdetail/8922, (Wed, Apr 3rd)

• Threat Intelligence Platforms: Leveraging Actionable Insights

• Prioritizing Cyber Risk: Get a leg up with AI

• Our People and Our Growth: Key Drivers of Akamai?s ESG Strategy

• XZ Utils Backdoor ? Everything You Need to Know, and What You Can Do

• Announcing Flow-IPC, an Open-Source Project for Developers to Create Low-Latency Applications

• The Sustainability Team Is Listening. Here?s What We Heard.

• What Is a Heuristic Virus? + How to Remove It

Generated on 2024-04-04 23:55:48.009688