IT Security News Daily Summary 2024-05-18

• How Attackers Distribute Malware to Foxit PDF Reader Users

• An attorney says she saw her library reading habits reflected in mobile ads. That’s not supposed to happen

• Quantum Navigation Systems: Safeguarding Against GPS Spoofing

• Capture the CISO Finals – Season 2

• North Korea-linked IT workers infiltrated hundreds of US firms

• USENIX Security ’23 – Controlled Data Races In Enclaves: Attacks And Detection

• Wireshark 4.2.5 Released, (Sat, May 18th)

• Google Introduces Advanced Anti-Theft and Data Protection Features for Android Devices

• Self Proclaimed “Crypto King” Aiden Pleterski Charged With $30 Million Scam

• Gawd, after that week, we wonder what’s next for China and the Western world

• Surge in Cyber Attacks on German Businesses Costs Billions of Euros

• Scammers Use Phony DocuSign Templates to Blackmail and Defraud Companies

• From Crisis to Continuity: Ascension Ransomware’s Ongoing Toll on Healthcare

• Hamilton Library Struggles to Restore Services After Cyberattack

• What is Secure Code Review and How to Conduct it?

• US Official Warns a Cell Network Flaw Is Being Exploited for Spying

• Kimsuky Hackers Deploy New Linux Backdoor in Attacks on South Korea

• The who, where, and how of APT attacks – Week in security with Tony Anscombe

• New Backdoors on a European Government’s Network Appear to be Russian

• How two brothers allegedly swiped $25M in a 12-second Ethereum heist

• Why Bot Management Should Be a Crucial Element of Your Marketing Strategy

• Aussie cops probe MediSecure’s ‘large-scale ransomware data breach’

• Turla APT used two new backdoors to infiltrate a European ministry of foreign affairs

• IT Security News Daily Summary 2024-05-17

• Balancing generative AI cybersecurity risks and rewards

• Brothers Indicted for Stealing $25 Million of Ethereum in 12 Seconds

• Feds Bust N. Korean Identity Theft Ring Targeting US Firms

• Three cuffed for ‘helping North Koreans’ secure remote IT jobs in America

• A Former OpenAI Leader Says Safety Has ‘Taken a Backseat to Shiny Products’ at the AI Company

• How AI-driven patching could transform cybersecurity

• Three cuffed for ‘helping North Koreans’ secure remote IT jobs in US

• Cyber Security Today, Week in Review for Friday, May 17, 2024

• Three arrested for helping North Koreans to secure remote IT jobs in US

• How To Deploy HYAS Protect

• North Korea IT Worker Scam Brings Malware and Funds Nukes

• Two Santa Cruz students uncover security bug that could let millions do their laundry for free

• EFF to Court: Electronic Ankle Monitoring Is Bad. Sharing That Data Is Even Worse.

• How ID Scanning Apps Can Prevent Fraud

• EFF to Court: Electronic ankle monitoring is bad. Sharing that data is even worse.

• User Outcry as Slack Scrapes Customer Data for AI Model Training

• EFF Urges Ninth Circuit to Hold Montana’s TikTok Ban Unconstitutional

• Kinsing Hacker Group Exploits More Flaws to Expand Botnet for Cryptojacking

• RSAC 2024 reveals the impact AI is having on strengthening cybersecurity infrastructure

• Singing River Health System Suffers Major Data Breach, 895,000 Impacted

• Two students uncover security bug that could let millions do their laundry for free

• Is an Open-Source AI Vulnerability Next?

• Disadvantages of Cyber Insurance

• Breach Forums Admin ShinyHunters Claims Domain Reclaimed from FBI

• SEC to Require Financial Firms to Have Data Breach Incident Plans

• EU Probes Meta Over Its Provisions For Protecting Children

• Google Patches 3rd Chrome Browser Zero Day Inside Of A Week

• Microsoft Quick Assist Tool Abused For Ransomware Delivery

• Critical Flaw In AI Python Package Can Lead To System And Data Compromise

• Fortinet Contributes to World Economic Forum’s Strategic Cybersecurity Talent Framework

• In Other News: MediSecure Hack, Scattered Spider Targeted by FBI, New Wi-Fi Attack

• RSA Conference 2024: AI and the Future Of Security

• New Survey Finds a Paradox of Confidence in Software Supply Chain Security

• AI Enables the Return of Private Cloud

• Privacy and Security Risks in Chinese Electric Vehicles: Unraveling the Data Dilemma

• EU Widens Investigations Into Chinese Imports, Subsidies

• What AI Can Do Today in Cybersecurity – Top 8

• An overview of storage encryption for enterprises

• Healthcare company WebTPA discloses breach affecting 2.5 million people

• Lookback Analysis in ERP Audit

• Akamai?s Perspective on May?s Patch Tuesday 2024

• OWASP Dep-Scan: Open-Source Security and Risk Audit Tool

• Reddit Deal With OpenAI Gives ChatGPT Access To Content

• How a new wave of deepfake-driven cybercrime targets businesses

• May 2024 Patch Tuesday: Two Zero-Days Among 61 Vulnerabilities Addressed

• Falcon Fusion SOAR and Machine Learning-based Detections Automate Data Protection Workflows

• New CrowdStrike Capabilities Simplify Hybrid Cloud Security

• New Wi-Fi Vulnerability Exposes Users to Eavesdropping Attacks

• Critical Flaw in AI Python Package Can Lead to System and Data Compromise

• CISA Warns of Exploited Vulnerabilities in EOL D-Link Products

• Government Struggles with Low Arrest Rate Amidst 31 Lakh Cyber Fraud Complaints

• UK Councils Warn of Data Breach After Attack on Medical Supplier

• DDoS Attacks Against Life Sciences Organizations Likely to Rise

• Connect the Security Dots by CloudGuard Effective Risk Management

• Black Basta Ransomware Struck More Than 500 Organizations Worldwide

• City of Wichita disclosed a data breach after the recent ransomware attack

• New UK System Will See ISPs Benefit From Same Protections as Government Networks

• Cybersecurity Leaders Expect Their SOC Budgets to Grow, KPMG Finds

• China-Linked Hackers Adopt Two-Stage Infection Tactic to Deploy Deuterbear RAT

• New XM Cyber Research: 80% of Exposures from Misconfigurations, Less Than 1% from CVEs

• New Android Banking Trojan Mimics Google Play Update App

• Another PDF Streams Example: Extracting JPEGs, (Fri, May 17th)

• Accessing Secure Client Cloud Management after the SecureX EoL

• Cloud Security Incidents Make Organizations Turn to AI-Powered Prevention

• First LockBit, now BreachForums: Are cops winning the war or just a few battles?

• Microsoft Quick Assist Tool Abused for Ransomware Delivery

• New ‘Antidot’ Android Trojan Allows Cybercriminals to Hack Devices, Steal Data

• US exposes scheme enabling North Korean IT workers to bypass sanctions

• Get on Cybersecurity Certification Track With $145 Off These Courses

• CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog

• FBI Seizes BreachForums Website

• FCC Might Require Telecoms to Report on Securing Internet’s BGP Technology

• Ransomware Attacks Evolve as Average Ransom Demand Tops $1.26 Million

• How to Get a VAPT Certificate?

• Patient Data at Risk in MediSecure Ransomware Attack

• Microsoft Invests 4 Billion Euros In France For AI, Cloud

• ViperSoftX Malware Uses Deep Learning Model To Execute Commands

• New Linux Backdoor Attacking Linux Users Via Installation Packages

• Norway Recommends Replacing SSLVPN/WebVPN to Stop Cyber Attacks

• Critical Git Vulnerability Allows RCE When Cloning Repositories With Submodules

• Remote-Access Tools the Intrusion Point to Blame for Most Ransomware Attacks

• Cybersecurity News: Nissan NA breach, VMware Pwn2Own fix, GE Ultrasound flaws

• Cybersecurity Analysis Exposes High-Risk Assets in Power and Healthcare Sectors

• C/side Emerges From Stealth Mode With $1.7 Million Investment

• Woman Accused of Helping North Korean IT Workers Infiltrate Hundreds of US Firms

• CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog

• GhostSec Announces Shift in Operations from Ransomware to Hacktivism

• Watch Out for Cyber Scams Impersonating Police

• The importance of access controls in incident response

• Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks

• Cyber Security Today, May 17, 2024 – Malware hiding in Apache Tomcat servers, new backdoors found, and more

• Unsafe Software Development Practices Persist, Despite CISA’s Push

• Threat Actors Misusing Quick Assist in Social Engineering Attacks Leading to Ransomware

• Us Offers $5 Million for Info on North Korean IT Workers Involved in Job Fraud

• Santander Data Breach: Hackers Accessed Company Database

• Restore Damaged Files & Save Your Business for Only $50

• North Korea-linked Kimsuky APT attack targets victims via Messenger

• Flaw in Wi-Fi-Standard can Enable SSID Confusion Attacks

• Kroll expands its document review capabilities to accelerate incident response

• CISA Warns of Actively Exploited D-Link Router Vulnerabilities – Patch Now

• U.S. Govt Announces Rewards up to $5 Million for North Korean IT Workers

• Critical Steps to Bolster UK’s Cyber Resilience: Insights for Policy Makers from Cisco’s Cyber Readiness Index

• Ongoing Malvertising Campaign leads to Ransomware

• GitLab unveils AI capabilities to help organizations better secure their software

• Russian APT Hackers Attacking Critical Infrastructure

• Exabeam Recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for SIEM, for the Fifth Year

• Know the least common PIN numbers that can thwart Cyber Threats

• 7 Essential Security Tips to Identify Fake Mobile Apps

• Exabeam Recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for SIEM, for the Fifth Year

• Exabeam Recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for SIEM, for the Fifth Year

• Exabeam Recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for SIEM, for the Fifth Year

• The IT skills shortage situation is not expected to get any better

• Exabeam Recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for SIEM, for the Fifth Year

• Organizations struggle to defend against ransomware

• Exabeam Recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for SIEM, for the Fifth Year

• Exabeam Recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for SIEM, for the Fifth Year

• Too many ICS assets are exposed to the public internet

• Exabeam Recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for SIEM, for the Fifth Year

• New infosec products of the week: May 17, 2024

• Exabeam Recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for SIEM, for the Fifth Year

• ISC Stormcast For Friday, May 17th, 2024 https://isc.sans.edu/podcastdetail/8986, (Fri, May 17th)

• Exabeam Recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for SIEM, for the Fifth Year

• Exabeam Recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for SIEM, for the Fifth Year

• Exabeam Recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for SIEM, for the Fifth Year

• Exabeam Recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for SIEM, for the Fifth Year

• Exabeam Recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for SIEM, for the Fifth Year

Generated on 2024-05-18 23:55:08.265846