IT Security News Daily Summary 2024-08-03

• USENIX Security ’23 – Secure Floating-Point Training

• Why Automated Incident Response is Essential for Your SOC

• Adaptive Shield Showcases New ITDR Platform for SaaS at Black Hat USA

• C-Edge Technologies: An In-Depth Look at the Indian Fintech Leader Impacted by a Major Cyberattack

• AI and automation reducing breach costs – Week in security with Tony Anscombe

• CISA Names Lisa Einstein as First Chief AI Officer

• The Use of AI by Sales Teams is Booming

• SonicWall Mid-Year Threat Report Highlights Increase in Cyberattacks – Call for MSPs

• Russia-linked APT used a car for sale as a phishing lure to target diplomats with HeadLace malware

• Black Hat Fireside Chat: ‘Black Girls Hack’ emphasizes diversity as effective force multiplier

• Data Breach: Georgia Voter Information Accidentally Displayed Online

• Ransomware Groups Exploit VMware ESXi Bug for Widespread Attacks

• It Is Time for Smart Cyber Requirements for the Water Sector

• US Hands Over Russian Cybercriminals in WSJ Reporter Prisoner Swap

• DOJ and FTC Sue TikTok for Violating Children’s Privacy Laws

• UK Shuts Down ‘Russian Coms’ Fraud Platform Defrauding Millions

• DARPA suggests turning old C code automatically into Rust – using AI, of course

• Cybersecurity Today Week in Review for August 3rd, 2024 with Terry Cutler, David Shipley and host Jim Love

• Attacks on Bytecode Interpreters Conceal Malicious Injection Activity

• How the theft of 40M UK voter register records was entirely preventable

• Hackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS Tool

• CMMC Compliance: Customer and Shared Responsibility Matrix

• Planning for Cisco Certification Exam Success

• The Promise and Perils of Building AI Into Your Business Applications

• Millions of US Voter Data Exposed in 13 Misconfigured Databases

• Industrial IoT: Exploring Microcontrollers for Robust Applications

• IT Security News Daily Summary 2024-08-02

• Friday Squid Blogging: Treating Squid Parasites

• EFF to Ninth Circuit: Don’t Shield Foreign Spyware Company from Human Rights Accountability in U.S. Court

• What’s in a Secret? Best Practices for Static, Rotated and Dynamic Secrets

• Akeyless Universal Secrets Connector: A Secrets Manager of Managers

• Investors sued CrowdStrike over false claims about its Falcon platform

• How blockchain can support third-party risk management

• Federal Appeals Court Rules That Fair Use May Be Narrowed to Serve Hollywood Profits

• USENIX Security ’23 – ARMore: Pushing Love Back Into Binaries

• Cybersecurity Compass: An Integrated Cyber Defense Strategy

• Optus and Medibank Data Breach Cases Allege Cyber Security Failures

• Even Linux users should take a look at this Microsoft KB article., (Fri, Aug 2nd)

• Here Are EFF’s Sacramento Priorities Right Now

• Hackers Exploit Security Flaws to Access Millions of UK Voters’ Details

• Randall Munroe’s XKCD ‘Chili Tornado Quake’

• Scammers are impersonating cryptocurrency exchanges, FBI warns

• Sensitive Illinois Voter Data Exposed by Contractor’s Unsecured Databases

• New Panamorfi DDoS Attack Exploits Misconfigured Jupyter Notebooks

• How to prepare for a secure post-quantum future

• Sensitive Illinois Voter Data Exposed by Contractor’s Unsecured Databases

• Israeli hacktivist group brags it took down Iran’s internet

• APT28 Targets Diplomats with HeadLace Malware via Car Sale Phishing Lure

• APT41 Hackers Use ShadowPad, Cobalt Strike in Taiwanese Institute Cyber Attack

• MSSP vs. SOC – Key Considerations When Deciding Your Strategy

• New Jersey City University Targeted by ransomware Outfit Demanding $700K

• Russian ransomware criminals earn $500 million

• What is endpoint security? How does it work?

• TechCrunch Minute: Why did Wiz walk away from $23 billion?

• Remote SMB Security—Protect Your Business While Traveling

• USENIX Security ’23 – SpectrEM: Exploiting Electromagnetic Emanations During Transient Execution

• Prisoner Swap: Huge Russian Hackers Freed — Seleznev and Klyushin

• Apple Beats Expectations, Despite Falling iPhone Sales

• Respect your data, and protect it

• Report: macOS Most Vulnerable to Endpoint Attacks Compared to Windows and Linux

• Hacking Group Exposes Pentagon IT Provider’s Documents

• Domain Validation Bug: DigiCert Revokes TLS Certificates

• Pharma giant Cencora is alerting millions about its data breach

• Avtech camera vulnerability actively exploited in the wild, CISA warns

• Sitting Ducks DNS Attacks Used to Hijack Over 35,000 Domains

• How Advanced Data Protection Revolutionizes Security Analysts’ Workflow

• Google Breaks Promise to Block Third-Party Cookies

• The European Union’s World-First Artificial Intelligence Rules Are Officially Taking Effect

• Opal Security Extends Scope and Reach of Platform for Managing Privileges

• Social Media Firms Fail to Protect Children’s Privacy, Says ICO

• Getting to Know Tim Otis

• OSPAR 2024 report now available with 163 services in scope

• Disaster Recovery Steps Up With New Cisco NERVs

• Iranian Internet Attacked by Israeli Hacktivist Group: Reports

• The Rise of AI: New Cybersecurity Threats and Trends in 2023

• EPA Told to Address Cyber Risks to Water Systems

• Fortune 50 biz coughed up record-breaking $75M ransom to halt leak of stolen data

• Protect AI Raises $60 Million in Series B Funding

• Webinar: Discover the All-in-One Cybersecurity Solution for SMBs

• Government Shelves £1.3 Billion UK Tech, AI Plan

• The C̶a̶k̶e̶ User Location Is a Lie!!!

• StackExchange Abused to Spread Malicious PyPI Packages as Answers

• Looking Past DevOps: AI, ClickOps and Platform Engineering

• Leaked GitHub Python Token

• CrowdStrike Investors File Class Action Suit Following Global IT Outage

• Intel To Cut 15 Percent Of Workforce, Suspends Dividend

• U.S. released Russian cybercriminals in diplomatic prisoner exchange

• UK plans to revamp national cyber defense tools are already in motion

• Cloudflare Tunnels Abused for Malware Delivery

• New Windows Backdoor BITSLOTH Exploits BITS for Stealthy Communication

• Mirai Botnet targeting OFBiz Servers Vulnerable to Directory Traversal

• Fighting Ursa Luring Targets With Car for Sale

• Microsoft Patched a Critical Edge Flaw that Led to Arbitrary Code Execution

• Homebrew Security Audit Finds 25 Vulnerabilities

• Suspects in ‘Russian Coms’ Spoofing Service Arrested in London, as NCA Announces Takedown

• Google Chrome Adds App-Bound Encryption to Block Infostealer Malware

• Threat Intelligence: A Blessing and a Curse?

• Gaming Industry Faces 94% Surge in DDoS Attacks

• NCSC Unveils Advanced Cyber Defence 2.0 to Combat Evolving Threats

• Cybersecurity News: Cencora patient breach, OneDrive phishing campaign, Argentina’s crime predictions

• Credo AI Raises $21M to Help Enterprises Deploy AI Safely and Responsibly

• APT41 Likely Compromised Taiwanese Government-Affiliated Research Institute with ShadowPad and Cobalt Strike

• Malicious Package Hidden in PyPI Discovered

• Over 35k Domains Hijacked in ‘Sitting Ducks’ Attacks

• Hackers Actively Exploiting WordPress Plugin Arbitrary File Upload Vulnerability

• U.S. Releases High-Profile Russian Hackers in Diplomatic Prisoner Exchange

• Russia, Moldova Targeted by Obscure Hacking Group in New Cyberespionage Campaign

• Securonix unveils Cyber Data Fabric and Noise Canceling SIEM in EON suite

• How Cyberthreats Could Disrupt the Olympics

• Cybercriminals Abusing Cloudflare Tunnels to Evade Detection and Spread Malware

• Dark web offers botnets as low as $99

• The Need for Budget Boosts to Combat AI-Generated Cyber Attacks

• NCA Shuts Down Major Fraud Platform that Triggers 1.8 Million Scam Calls

• Infosec Institute Partners with Career.io to Help Students Launch Cybersecurity Careers

• UK crimebusters shut down global call-spoofing outfit that claimed 170K-plus victims

• Microsoft confirms cyber attack cause outage and it’s own defences may have made the impact worse: Cybersecurity Today for Friday, August 2, 2024

• DNS Vulnerability: ‘Sitting Ducks’ Exposes Millions of Domains to Hijacking

• Japan mandates app to ensure national ID cards aren’t forged

• Sitting Ducks attack technique exposes over a million domains to hijacking

• Navigating Indispensable Cybersecurity Practices for Hybrid Working Professionals

• CSMA Starts with Identity A Comprehensive Approach to Modern Cybersecurity

• The Unbreakable Bond: Why Identity and Data Security are Inseparable

• Organizations fail to log 44% of cyber attacks, major exposure gaps remain

• Record-breaking $75 million ransom paid to cybercrime group

• LuLu – 190,506 breached accounts

• Open-source project enables Raspberry Pi Bluetooth Wi-Fi network configuration

• India contemplates compulsory dynamic 2FA for digital payments

• New infosec products of the week: August 2, 2024

• ISC Stormcast For Friday, August 2nd, 2024 https://isc.sans.edu/podcastdetail/9080, (Fri, Aug 2nd)

• U.S. Trades Cybercriminals to Russia in Prisoner Swap

• Victory! D.C. Circuit Rules in Favor of Animal Rights Activists Censored on Government Social Media Pages

• US sends cybercriminals back to Russia in prisoner swap that freed WSJ journo, others

• U.S. Trades 5 Cybercriminals to Russia in Prisoner Swap

Generated on 2024-08-03 23:55:08.264230