IT Security News Daily Summary 2024-07-06

• Three critical steps to close the cybersecurity talent gap, once and for all

• GootLoader is still active and efficient

• Ministry of Justice Workers’ Online Comments Highlight Workplace Communication Risks

• Hackers Attack HFS Servers to Install Malware and Mine Monero

• Behind the Scenes: How Patelco Responded to the Ransomware Threat

• Millions of Twilio Authy Users Potentially Exposed in Data Breach.

• USENIX Security ’23 – The OK Is Not Enough: A Large Scale Study of Consent Dialogs in Smartphone Applications

• Ransomware Extortion Demands Increase to $5.2 Million Per Attack

• Researchers Discover Cache of Billion Stolen Passwords

• New Mallox Ransomware Variant Targets Linux Systems

• New Snailload Attack Demonstrates Exposed User Activities Due to Network Latency

• Hackers Leaking Taylor Swift Tickets? Don’t Get Your Hopes Up

• Fintech Frenzy as Affirm and Others Emerge as Victims in Evolve Breach

• Indonesia’s Worst Cyber Attack Exposes Critical IT Policy Failures

• The Problem With Bug Bounties

• Latest Ghostscript Vulnerability Haunts Experts as the Next Big Breach Enabler

• Traeger Security Bugs Threatening Grillers’ Hard Work

• New Eldorado Ransomware Targets Windows, VMware ESXi VMs

• Passkey Redaction Attacks Subvert GitHub, Microsoft Authentication

• Hackers stole OpenAI secrets in a 2023 security breach

• Cyber Security Today, Week in Review for week ending July 5, 2024

• Roblox Developer Conference (2024) – 10,386 breached accounts

• Cloudflare Details 1.1.1.1 Service Outage Following BGP Hijack

• 10 Security Tips for Business Travellers This Summer

• Friday Squid Blogging: Newly Discovered Vampire Squid

• Devs claim Apple is banning VPNs in Russia ‘more effectively’ than Putin

• IT Security News Daily Summary 2024-07-05

• Simplifying Infrastructure Management with Imperva’s Terraform Module for Cloud WAF

• USENIX Security ’23 – Eye-Shield: Real-Time Protection of Mobile Device Screen Information from Shoulder Surfing

• Ticketmaster hackers release stolen ticket barcodes for Taylor Swift Eras Tour

• OpenAI breach is a reminder that AI companies are treasure troves for hackers

• Enhance IaC Security With Mend Scans

• Chrome to Block Entrust Certificates in November 2024

• CISA Releases Guide to Operational Security for Election Officials

• YouTube: A Prime Target for Cybercriminals

• Strengthening Web Application Security With Predictive Threat Analysis in Node.js

• How do cybercriminals steal credit card information?

• 15 Alarming Cyberbullying Statistics and Facts for 2024

• 16 common types of cyberattacks and how to prevent them

• cyber attack

• Randall Munroe’s XKCD ‘Routine Maintenance’

• Cancer patient forced to make terrible decision after Qilin attack on London hospitals

• Hacker Stole Secrets From OpenAI

• ‘Polyfill’ Supply Chain Threat: 4x Worse Than We Thought

• Cisco Patches NX-OS Zero-Day Exploited by Chinese Attackers

• Ticketmaster Breach: ShinyHunters Leak 440K Taylor Swift Eras Tour Ticket Data

• OpenAI Kept Mum About Hack of Sensitive AI Research

• Airtel India denies 370 million user data breach

• Cybersecurity in Healthcare: An In-Depth Guide by Heimdal®

• Best Automated Patch Management Software in 2024

• HealthEquity Hit by Data Breach: Protected Information Exposed

• Gen Z’s Payment Preferences are Transforming Retail and Dining

• Step-By-Step Guide: Configuring IPsec Over SD-WAN on FortiGate and Unveiling Its Benefits

• What Is a Man-in-the-Middle (MITM) Attack? Prevention + 7 Types

• Mastering YouTube Visibility: Essential Hacks for Success

• EU Tariffs On Chinese EVs Come Into Force

• Meet Brex, Google Cloud, Aerospace and more at Disrupt 2024

• Wise and Evolve Data Breach Highlights Risks of Third-Party Partnerships

• Singapore is working on technical guidelines for securing AI systems

• Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes

• Inside the Ticketmaster Hack: 440,000 Taylor Swift Fans at Risk

• OVHcloud Hit with Record 840 Million PPS DDoS Attack Using MikroTik Routers

• Webinar Alert: Learn How ITDR Solutions Stop Sophisticated Identity Attacks

• The World’s Most Popular 3D-Printed Gun Was Designed by an Aspiring Terrorist

• Latest Ghostscript vulnerability haunts experts as the next big breach enabler

• Overlooked Domain Name Resiliency Issues: Registrar Communications, (Fri, Jul 5th)

• AI and Cybersecurity: Mitigating Risks and Safeguarding Digital Assets

• Cloudflare Details 1.1.1.1 Service Outage Incident

• Polyfill.io Supply Chain Attack: 384,773 hosts still embedding a polyfill JS script linking to the malicious domain

• OVHcloud Sees Record 840 Mpps DDoS Attack

• In Other News: Microsoft Details ICS Flaws, Smart Grill Hacking, Predator Spyware Activity

• How Intelligence Sharing Can Help Keep Major Worldwide Sporting Events on Track

• This New Ransomware Group Uses Phone Calls to Pressure Victims

• Blueprint for Success: Implementing a CTEM Operation

• Vinted Fined €2.3m Over Data Protection Failure

• Hacker Stole OpenAI Internal Documents – Report

• Editorial: Labour Wins: A New Tech Strategy for Britain?

• Mekotio Banking Trojan Attacking American Users To Steal Financial Data

• Get Advanced Ad Blocking and Superior Data Privacy Tools for Just $11 Until 7/21

• New Golang Zergeca Botnet appeared in the threat landscape

• Amazon To Discontinue Astro Security Robot

• Kimusk’s HappyDoor Executed Via regsvr32 File To Evade Detection

• New Golang-based Zergeca Botnet appeared in the threat landscape

• Some Data Is ‘Breached’ During a Hacking Attack on the Alabama Education Department

• EU Opens Applications for Cybersecurity and Digital Skills Funding

• Hackers Compromised Ethereum’s Mailing List to Drain Their Crypto Funds

• CVE-2024-6387 – regreSSHion Remote Code Execution vulnerability seen in OpenSSH

• GootLoader Malware Still Active, Deploys New Versions for Enhanced Attacks

• Cybersecurity News: Senator pressures CISA, Velvet Ant exploits Cisco, Europol crushes Cobalt

• Cyber Security Today, July 5, 2024 – Prepare for business email compromise attacks

• Turning Jenkins Into a Cryptomining Machine From an Attacker’s Perspective

• Microsoft discloses 2 flaws in Rockwell Automation PanelView Plus

• Malicious QR Reader App in Google Play Delivers Anatsa Banking Malware

• Turla: A Master of Deception

• The Pros and Cons of Secure Access Service Edge (SASE)

• India’s Airtel dismisses data breach reports amid customer concerns

• Turla: A Master’s Art of Evasion

• Europol says mobile roaming tech is making its job too hard

• HubSpot Investigates Limited Security Breach Affecting Customer Accounts

• Hackers compromised Ethereum mailing list and launched a crypto draining attack

• Understanding API Key Verification

• Extending the Reach and Capabilities of Digital Signing With Standards

• Twilio data breach exposes millions of contact numbers

• Understanding the Risks to SaaS Data Security

• Threat Actor Claiming 2FA Bypass Vulnerability in HackerOne Bug Bounty Platform

• Smashing Silos With a Vulnerability Operations Center (VOC)

• Social media and teen mental health – Week in security with Tony Anscombe

• Infostealing malware masquerading as generative AI tools

• Polyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies

• 47% of corporate data stored in the cloud is sensitive

• 99% of IoT exploitation attempts rely on previously known CVEs

• New Golang-Based Zergeca Botnet Capable of Powerful DDoS Attacks

• Organizations weigh the risks and rewards of using AI

• Hackers Abused Twilio API To Verify Phone Numbers used For MFA

• New infosec products of the week: July 5, 2024

Generated on 2024-07-06 23:55:08.903588