IT Security News Daily Summary 2024-04-29

• FCC Fines Major U.S. Wireless Carriers for Selling Customer Location Data

• Vulnerability Recap 4/29/24 – Cisco, Microsoft, Palo Alto & More

• Google prevented 2.28 million policy-violating apps from being published on Google Play in 2023

• Congress Should Just Say No to NO FAKES

• USPS Phishing Scams Generate Almost as Much Traffic as the Real Site

• What Is Integrated Risk Management? Definition & Implementation

• Rubrik Sets Cyber Resiliency Course Following IPO

• Google Meet Now Offers Client-Side Encryption For All Calls

• During National Small Business Week, Take Steps to Secure Your Business

• London Drugs closes all of its pharmacies following ‘cybersecurity incident’

• Vulnerability Summary for the Week of April 22, 2024

• Ford’s hands-free driver system is under investigation after fatal crashes – what to know

• Stop Managing Identities, Segment them Instead

• How TikTok Grew From a Fun App for Teens Into a Potential National Security Threat

• CISA Rolls Out New Guidelines to Mitigate AI Risks to US Critical Infrastructure

• Thoma Bravo to Buy Cybersecurity Firm Darktrace for $5.3 Billion

• Orca Security Allies with ModePUSH for Cloud Incident Response

• Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023

• Tesla Shares Surge On China Advanced Self-Driving Push

• Google Says it Blocked 2.28 Million Apps from Google Play Store

• digital identity

• How Compliance Can Launch Your Risk Program with Vanta

• What is MFA bombing? Apple users were targeted using this phishing technique

• UK to Take Steps in Helping Protect Consumers Against Cyber Threats from Smart Devices

• South Korean iPhone Ban: MDM DMZ PDQ

• Why Shouldn’t You Upload Files So Readily On Your Browser?

• From IcedID to Dagon Locker Ransomware in 29 Days

• Cyber Attack forces London Drugs to close temporarily

• UK Law Aims To Boost Security For ‘Smart’ Devices

• Study Reveals Alarming Levels of USPS Phishing Traffic

• Kaiser Permanente Data Breach Impacts 13.4 Million Patients

• Should Cybersecurity Leadership Finally be Professionalized?

• Managing Generative AI Risk and Meeting M-24-10 Mandates on Monitoring & Evaluation

• USENIX Security ’23 – Instructions Unclear: Undefined Behaviour in Cellular Network Specifications

• Cactus Ransomware Exposes Thousands of Vulnerable Qlik Sense Servers

• Researchers Successfully Sinkhole PlugX Malware Server, Recording 2.5 Million Unique IPs

• SpaceX Data Breach: Hunters International Publishes Alleged Stolen Data

• Judge0 Sandbox Vulnerabilities Expose Systems to Takeover Risk

• $197 Bounty Awarded for Unauthenticated Arbitrary Post Deletion Vulnerability Patched in LeadConnector WordPress Plugin

• UK PSTI Act – New Law To Protect Smart Devices

• Ten Years Of Heartbleed: Lessons Learned

• Meta To Face EU Probe For Not Doing Enough To Stop Russian Disinformation

• Watchdog Reveals Google Privacy Sandbox Worries

• Okta Warns Of Credential Stuffing Attacks Using Tor, Residential Proxies

• OpenAI’s ChatGPT Targeted In Austrian Privacy Complaint

• 91% of ransomware victims paid at least one ransom in the past year, survey finds

• D-Link NAS Device Backdoor Abused, (Mon, Apr 29th)

• Grafana Tool Vulnerability Let Attackers Inject SQL Queries

• CISA and FEMA IPAWS in Partnership with FCC Host Second National Meeting of Alerting Officials

• DDoS Attacks Continue, Post-Election, Against Russian Independent Media Site Meduza

• Honeywell: USB Malware Attacks on Industrial Orgs Becoming More Sophisticated

• Beyond the Buzz: Rethinking Alcohol as a Cybersecurity Bonding Ritual

• Everything you need to know about network penetration testing [+checklist to follow]

• 5 Attack Trends Your Company Should Be Aware Of

• UK enacts IoT cybersecurity law

• China-Linked ‘Muddling Meerkat’ Hijacks DNS to Map Internet on Global Scale

• Financial Business and Consumer Solutions (FBCS) data breach impacted 2M individuals

• More Than 800 Vulnerabilities Resolved Through CISA Ransomware Notification Pilot

• Hackers Tool 29 Days from Initial Hack to Sabotage Ransomware Attack

• Celebrating 5 Years of Excellence with Check Point’s Hacking Point Program

• France willing to buy key Atos assets to keep them French

• Comply-to-Connect and Cisco ISE: Revolutionizing the Department of Defense

• British Intelligence Moves to Protect Research Universities From Espionage

• Voter Registration System Taken Offline in Coffee County Cyber-Incident

• Report: 73% of SME Security Professionals Missed or Ignored Critical Alerts

• Modern Phishing Attacks: Insights from the Egress Phishing Threat Trends Report

• James Nutland studies what makes threat actors tick, growing our understanding of the current APT landscape

• UK lays down fresh legislation banning crummy default device passwords

• Silobreaker empowers users with timely insight into key cybersecurity incident filings

• Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM

• OpenAI’s ChatGPT is Breaking GDPR, Says Noyb

• Whale Song Code

• DHS Announces AI Safety Board with OpenAI Founder, CEOs of Microsoft, Nvidia, IBM

• Collection Agency FBCS Says Data Breach Exposed Nearly 2 million People

• Okta Warns of Credential Stuffing Attacks Using Tor, Residential Proxies

• OfflRouter Malware Ukraine: Govt Network Breach Since 2015

• Compounded Crisis: Change Healthcare’s Breach Escalates with New Threats

• Multiple PHP 7.4 Vulnerabilities Addressed in Debian 11

• Cyber Security Today, April 29, 2024 – Credential stuffing attacks are hitting firms using Okta ID management solutions, and more

• Ensuring Robust Security in Multi-Cloud Environments: Best Practices and Strategies

• UK says NO to ransom passwords such as admin, 123456 and qwerty

• Kaiser health insurance leaked patient data to advertisers

• 10 Database Security Best Practices You Should Know

• Machines vs Minds: The Power of Human Ingenuity Against Cyber Threats

• Know-Your-Customer Executive Order Facing Stiff Opposition From Cloud Industry

• Researchers unveil novel attack methods targeting Intel’s conditional branch predictor

• Okta warns customers about credential stuffing onslaught

• Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover

• Cyber Security Headlines: Kaiser Permanente breach, DSH Safety Board, Okta stuffing attack

• Email Provider Complains To EU Over Reduced Google Rankings

• Intel Shares Sink As AI Surge Hits Chip Revenue

• Snap Sees Surge In Users, Ad Revenues

• Google Asks US Court To Dismiss Federal Adtech Case

• Alphabet Value Surges Over $2tn On Dividend Plan

• Fake Chrome Updates Hide Android Brokewell Malware Targeting Your Bank

• Cyber-Partisans hacktivists claim to have breached Belarus KGB

• Watchdog reveals lingering Google Privacy Sandbox worries

• North Korean Hackers Exploit LinkedIn in Targeted Attacks

• Agent Tesla and Taskun Malware Targeting US Education and Govt Entities

• Most People Still Rely on Memory or Pen and Paper for Password Management

• Okta Warns of Unprecedented Scale in Credential Stuffing Attacks on Online Services

• DHS establishes AI Safety and Security Board to protect critical infrastructure

• New UK Smart Device Security Law Comes into Force

• Cyber Security Today, April 29, 2024 – Credential stuffing attacks are hitting firms using Okta ID management solutions, and more

• Chinese Botnet As-A-Service Bypasses Cloudflare & Other DDoS Protection Services

• PoC Exploit Released For Windows Kernel EoP Vulnerability

• Palo Alto Updates Remediation for Max-Critical Firewall Bug

• Japanese police create fake support scam payment cards to warn victims

• New UK Smart Device Security Law Comes into Force Today

• KageNoHitobito Ransomware Attacking Windows Users Around the Globe

• The Los Angeles County Department of Health Services disclosed a data breach

• Analysis of Native Process CLR Hosting Used by AgentTesla

• US Post Office Phishing Sites Get as Much Traffic as the Real One

• Okta Warns Customers of Credential Stuffing Barrage

• 1,200+ Vulnerabilities Detected In Microsoft Products In 2023

• A week in security (April 22 – April 28)

• US Regulator Probes Effectiveness Of Tesla Autopilot Recall

• Multiple Brocade SANnav SAN Management SW flaws allow device compromise

• Android Malware Brokewell With Complete Device Takeover Capabilities

• Okta Warns of Credential Stuffing Attacks Using Proxy Services

• Exploring the Key Sections of a SOC 2 Report (In Under 4 Minutes)

• Fileless .NET Based Code Injection Attack Delivers AgentTesla Malware

• RSAC 2024 Innovation Sandbox | Mitiga: A New Generation of Cloud and SaaS Incident Response Solutions

• Prompt Fuzzer: Open-source tool for strengthening GenAI apps

• How insider threats can cause serious security breaches

• AI is creating a new generation of cyberattacks

• Closing the cybersecurity skills gap with upskilling programs

• Anticipating and addressing cybersecurity challenges

• Discord dismantles Spy.pet site that snooped on millions of users

• The next step up for high-impact identity authorization

• ISC Stormcast For Monday, April 29th, 2024 https://isc.sans.edu/podcastdetail/8958, (Mon, Apr 29th)

• IT Security News Weekly Summary – Week 17

• IT Security News Daily Summary 2024-04-28

• ICICI Bank exposed credit card data of 17000 customers

• USENIX Security ’23 – SandDriller: A Fully-Automated Approach for Testing Language-Based JavaScript Sandboxes

• Hackers Claim to Have Infiltrated Belarus’ Main Security Service

• Deceptive npm Packages Employed to Deceive Software Developers into Malware Installation

• The Tech Landscape: Rubrik, TikTok, and Early-Stage Startups

• Okta warns of unprecedented scale in credential stuffing attacks on online services

• How to Erase The Personal Details Google Knows About You

• What Would a TikTok Ban Mean?

• Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks

• 9 Best Password Managers (2024): Features, Pricing, and Tips

• Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION

• RSAC 2024 Innovation Sandbox | Antimatter: A Comprehensive Data Security Management Tool

• Good Security Is About Iteration, Not Perfection.

• TCS CEO Predicts AI Revolution to Decimate India’s Call Center Industry in Just One Year

• Safeguarding Your Digital Future: Navigating Cybersecurity Challenges

• Targeted operation against Ukraine exploited 7-year-old MS Office bug

• Week in review: Two Cisco ASA zero-days exploited, MITRE breach, GISEC Global 2024

• Cybercriminals Exploit Web Hosting Platforms to Spread Malware

Generated on 2024-04-29 23:55:08.521259