IT Security News Daily Summary 2024-04-20

• What is Mobile Application Security Testing? Explained

• USENIX Security ’23 – PrivGraph: Differentially Private Graph Data Publication by Exploiting Community Information

• A French hospital was forced to reschedule procedures after cyberattack

• GenAI Presents a Fresh Challenge for SaaS Security Teams

• Harnessing AI and ChatGPT for Eye Care Triage: Advancements in Patient Management

• AT&T User Discusses Safety Measures Following Data Breach

• Soumnibot Malware Abuses Bugs to Escape Detection

• Lawmakers vote to reauthorize US spying law that critics say expands government surveillance

• Connecting Tech to Black America

• The Rise of Bots: Imperva’s Report Reveals Rising Trends in Internet Traffic

• U.S. Dams Vulnerable to Cyber Threats

• Inside Job Exposed: T-Mobile US, Verizon Staff Solicited for SIM Swap Scam

• AI-Controlled Fighter Jets Are Dogfighting With Human Pilots Now

• The many faces of impersonation fraud: Spot an imposter before it’s too late

• Protecting yourself after a medical data breach – Week in security with Tony Anscombe

• CrushFTP Warns Users to Patch Exploited Zero-Day “Immediately”

• Evil XDR: Researcher Turns Palo Alto Software Into Perfect Malware

• Defining and Understanding Trust Assurance

• Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks

• Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack

• Internet Service Providers Plan to Subvert Net Neutrality. Don’t Let Them

• Baby ASO: A Minimal Viable Transformation for Your SOC

• MITRE revealed that nation-state actors breached its systems via Ivanti zero-days

• IT Security News Daily Summary 2024-04-19

• Your Android phone could have stalkerware — here’s how to remove it

• Friday Squid Blogging: Squid Trackers

• Google Consolidates DeepMind And AI Research Teams

• Sacramento airport goes no-fly after AT&T internet cable snipped

• More on the PAN-OS CVE-2024-3400

• PRODUCT REVIEW: Safous Zero Trust Access

• Facebook Slammed For Censoring Content From Auschwitz Museum

• LabHost Phishing Platform is Latest Target of International Law Agencies

• Cyber Security Today, Week in Review for week ending Friday April 19, 2024

• CISA Announces Winners of the 5th Annual President’s Cup Cybersecurity Competition

• Taking Time to Understand NIS2 Reporting Requirements

• The CVE’s They are A-Changing!, (Wed, Apr 17th)

• Breakthrough in Quantum Cloud Computing Ensures its Security and Privacy

• Apple Pulls WhatsApp, Threads From China App Store

• 7 steps to create a data loss prevention policy

• BreachRx Raises $6.5M to Revamp Incident Response Reporting Systems

• The 8 Most Common Causes of Data Breaches

• The Biggest Deepfake Porn Website Is Now Blocked in the UK

• USENIX Security ’23 – Inductive Graph Unlearning

• NCSWIC Releases Roles and Responsibilities: Statewide Interoperability Coordinators Document

• EFF, Human Rights Organizations Call for Urgent Action in Case of Alaa Abd El Fattah

• APT44: Unearthing Sandworm – A Cyber Threat Beyond Borders

• Websites Engage in Deceptive Practices to Conceal the Scope of Data Collection and Sharing

• FBI says Akira Ransomware group raked $42 million

• SAFOUS ZERO TRUST ACCESS – Comprehensive Cybersecurity for the Modern Enterprise

• 4 steps CISOs can take to raise trust in their business

• Fake Cheat Lures Gamers Into Spreading Infostealer Malware

• From DAST to dawn: why fuzzing is better solution | Code Intelligence

• International Cyber Fraud Ring Busted By London Police

• 2024-04-18: Word macro –> SSLoad –> Cobalt Strike

• $2,063 Bounty Awarded for Privilege Escalation Vulnerability Patched in User Registration WordPress Plugin

• How We’re Delivering Next-Gen Workforce Collaboration with Cisco Private 5G

• Introducing the 7th Annual Partner Innovation Challenge: Featuring an Exciting New Prize Category

• Connect hybrid cloud Kubernetes with F5 multicloud networking and Red Hat OpenShift for optimized security footprints

• Learn about trends and best practices from top security experts at Red Hat and NIST’s Cybersecurity Open Forum

• 4 use cases for AI in cyber security

• Unraveling Cyber Threats: Insights from Code Analysis

• NSA Shares Best Practices for Secure AI Systems

• WhatsApp, Threads, more banished from Apple App Store in China

• Threat-Intelligence Startup VulnCheck Closes $8M Seed Financing

• BlackTech Targets Tech, Research, and Gov Sectors New ‘Deuterbear’ Tool

• IT and Cybersecurity Jobs in the Age of Emerging AI Technologies

• CISA: Akira ransomware extorted $42M from 250-plus victims

• Cisco Releases Security Advisories for Cisco Integrated Management Controller

• Dark Web Sales Driving Major Rise in Credential Attacks

• Congress: Don’t Let Anyone Own The Law

• Tuta Mail (Tutanota) Accuses Google of Censoring Its Search Results

• The Importance of Cyber Hygiene for Businesses

• First Major Attempts to Regulate AI Face Headwinds From All Sides

• In Other News: OSS Backdooring Attempts, Botnet Operator Charged, Automotive Firm Attack

• Cisco Duo raises awareness over a breach in third-party data security, revealing the exposure of SMS MFA logs.

• Unveiling the Threat: Microsoft’s Executive Speaks Out on State-Backed Hacking

• Intel Foundry Assembles Next Gen Chip Machine From ASML

• Earth Day 2024: Securing Our Earth

• Ransomware in Q1 2024: Frequency, size of payments trending downwards, SMBs beware!

• Alarming Decline in Cybersecurity Job Postings in the US

• Is the UK about to ban ransomware payments?

• Frontier Communications Shuts Down Systems Following Cyberattack

• Akira Ransomware Made Over $42 Million in One Year: Agencies

• US Government Releases Guidance on Securing Election Infrastructure

• Scaling Application Security With Application Security Posture Management (ASPM)

• What’s the deal with the massive backlog of vulnerabilities at the NVD?

• Cybercriminals threaten to leak all 5 million records from stolen database of high-risk individuals

• Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers

• How Attackers Can Own a Business Without Touching the Endpoint

• Unlocking the Power of Portfolio Analysis – A Comprehensive Guide

• Hacking the Floodgates: US Dams Face Growing Cyber Threats

• Cyber Security Today, April 19, 2024 – Police bust phishing rental platform, a nine-year old virus found on Ukrainian computers, and more

• Akira Ransomware Attacks Over 250 Organizations and Collects $42 Million

• Google Ad Impersonates Whales Market to Push Wallet Drainer Malware

• UK’s Cydea introduces new way to quantify risk management

• Ransomware Victims Who Pay a Ransom Drops to Record Low

• Germany cuffs alleged Russian spies over plot to bomb industrial and military targets

• Akira Ransomware Group Rakes in $42m, 250 Organizations Impacted

• Cisco Launches A New AI-Focused Security Solution

• Cybercriminals Pose as LastPass Staff to Hack Password Vaults

• 92% of Enterprises Unprepared for AI Security Challenges

• OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining

• LastPass users targeted by vishing attackers

• FBI chief says China is preparing to attack US critical infrastructure

• The Dark Side of EDR: Repurpose EDR as an Offensive Tool

• Google Chrome DBSC Protection Tested Against Cookie Attacks

• Crunching Some Numbers on PHP Support

• NIS-2: 10 common misconceptions about the regulation

• United Nations Development Programme (UNDP) investigates data breach

• Damn Vulnerable RESTaurant: Open-Source API Service Designed for Learning

• Novel Android Malware Targets Korean Banking Users

• The Ultimate Guide to SBIR and STTR Program Budgeting

• ‘Crude’ Ransomware Tools Proliferating on the Dark Web for Cheap, Researchers Find

• Hackers Target Middle East Governments with Evasive “CR4T” Backdoor

• Possible Cyber Attack on 911 of 4 American States

• Can Ransomware Gangs Be Neutralized? Exploring Strategies to Combat Cyber Extortion

• Protobom: Open-source software supply chain tool

• The key pillars of domain security

• Lacework, last valued at $8.3B, is in talks to sell for just $150M to $200M, say sources

• Alert! Windows LPE Zero-day Exploit Advertised on Hacker Forums

• New infosec products of the week: April 19, 2024

• 51% of enterprises experienced a breach despite large security stacks

• ISC Stormcast For Friday, April 19th, 2024 https://isc.sans.edu/podcastdetail/8946, (Fri, Apr 19th)

• Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters

Generated on 2024-04-20 23:55:09.139352