IT Security News Hourly Summary 2024-12-04 13h : 155 posts

155 posts were published in the last hour

• 11:37 : PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785)
• 11:18 : Credential Guard and Kerberos delegation, (Mon, Dec 2nd)
• 11:18 : ISC Stormcast For Tuesday, December 3rd, 2024 https://isc.sans.edu/podcastdetail/9238, (Tue, Dec 3rd)
• 11:18 : Extracting Files Embedded Inside Word Documents, (Tue, Dec 3rd)
• 11:18 : Data Analysis: The Unsung Hero of Cybersecurity Expertise [Guest Diary], (Wed, Dec 4th)
• 11:18 : ISC Stormcast For Wednesday, December 4th, 2024 https://isc.sans.edu/podcastdetail/9240, (Wed, Dec 4th)
• 11:18 : Implementing blocklists in the Sekoia SOC platform
• 11:18 : The Curious Case of an Egg-Cellent Resume
• 11:18 : The Shift to the Edge Continues to Accelerate
• 11:18 : Battling the Emotional Toxicity Within Games: How to Digitally Thrive
• 11:18 : The Year in Review 2024: Today?s Insights, Tomorrow?s Outlook
• 11:18 : Threat Assessment: Howling Scorpius (Akira Ransomware)
• 11:18 : CISA, NSA, FBI and International Partners Publish Guide for Protecting Communications Infrastructure
• 11:18 : UK Ministry of Defense MoD passwords leaked on Dark Web
• 11:18 : How Data Backups Turn Vital in Ransomware Scenarios
• 11:18 : Apple espionage on its employees iPhones and iCloud accounts
• 11:17 : Stoli bankruptcy with ransomware, malware distribution via resume and Kash Patel Trump Cyber Attack
• 11:17 : Can Failing to Log Out from Online Accounts Pose a Cybersecurity Threat?
• 11:17 : What Is a Security Operations Center (SOC)?
• 11:17 : Zero Trust Architecture
• 11:17 : Top Christmas Gifts: Must-Have Devices and Protection Accessories!
• 11:17 : RomCom Exploits Zero Days In Recent Backdoor Campaigns
• 11:17 : Anti-Spam WordPress Plugin Vulnerabilities Risked 200K+ Websites
• 11:17 : Sweet Security Introduces Evolutionary Leap in Cloud Detection and Response, Releasing First Unified Detection & Response Platform
• 11:17 : NachoVPN Attack Risks Corporate VPN Clients
• 11:17 : Gafgyt Malware Broadens Its Scope in Recent Attacks
• 11:17 : Gafgyt Malware Targeting Docker Remote API Servers
• 11:17 : US Announces New Export Controls On China’s Chip Sector
• 11:17 : China Bans Exports Of Gallium, Germanium, Antimony
• 11:17 : Elon Musk $56 Billion Pay Deal Rejected, Again
• 11:17 : Microsoft Faces £1 Billion Lawsuit For Alleged Overcharging
• 11:17 : UK Underestimates Threat Of Cyber-Attacks, Says NCSC Head
• 11:17 : The Ultimate Guide to Designing a Logo Online: Tools, Tips, and Tricks
• 11:17 : Data Vigilante Leaks 772K Employee Records from Top Firms and 12.3M-Row Database
• 11:16 : Dark Web Hydra Market Mastermind Sentenced to Life by Russia
• 11:16 : The Role of Salesforce Implementation in Digital Transformation
• 11:16 : 15 SpyLoan Apps Found on Play Store Targeting Millions
• 11:16 : PEFT-As-An-Attack, Jailbreaking Language Models For Malicious Prompts
• 11:16 : CISA Releases Advisory to Monitor Networks to Detect Malicious Cyber Actors
• 11:16 : MobSF XSS Vulnerability Let Attackers Inject Malicious Scripts
• 11:16 : Progress WhatsUp Gold RCE Vulnerability – PoC Exploit Released
• 11:16 : Google Chrome Security Update, Patch for High-severity Vulnerability
• 11:16 : Updated TIC 3.0 Security Capabilities Catalog (SCC) to v3.2
• 11:16 : ESET Flags UEFI Bootkit Targeting Linux Systems
• 11:16 : SpyLoan Malware Infects 8 Million Android Users
• 11:16 : Why Cloudways is Perfect Hosting Solution for Your Businesses
• 11:16 : Cyber Risk – How to effectively manage fourth-party risks
• 11:16 : Cohere’s Rerank 3.5 is here, and it’s about to change enterprise search forever
• 11:16 : I recommend the Blink Mini 2 security camera over the Wyze Cam (and it’s only $30 right now)
• 11:16 : LastPass adds passkey support for free and premium users
• 11:16 : Flipper Zero goes retro with this cool limited-edition transparent version
• 11:15 : I deleted thousands of tweets from X with this new tool – for free
• 11:15 : FTC says AI company Evolv ‘falsely hyped’ its security scanners
• 11:15 : Diversity Can Be a Powerful Tool in Combating Increasing Cybersecurity Threats
• 11:15 : Avoiding Pitfalls in Vulnerability Management: Key Insights and Best Practices
• 11:15 : CIS Control 10: Malware Defenses
• 11:15 : Tripwire Patch Priority Index for November 2024
• 11:14 : Tech Support Scams Exploit Google Ads to Target Users
• 11:14 : TechRepublic Premium Editorial Calendar: Policies, Hiring Kits, and Glossaries for Download
• 11:14 : Top 5 Cyber Security Trends for 2025
• 11:14 : Bitwarden Review (2024): Is It a Secure Password Manager?
• 11:14 : TorGuard VPN Review: The Good, the Bad, and the Ugly
• 11:14 : Over 600,000 Personal Records Exposed by Data Broker
• 11:14 : How to monitor network traffic in 7 steps
• 11:14 : What is Cisco Certified Internetwork Expert (CCIE) certification?
• 11:14 : Ransomware attacks on critical sectors ramped up in November
• 11:14 : Why Phishers Love New TLDs Like .shop, .top and .xyz
• 11:14 : Live Stream: AWS Partners LIVE!
• 11:14 : Video: Russia Fines Google for $2.5 Decillion
• 11:14 : Are You Being Tracked by an AirTag? Here’s How to Check
• 11:14 : Top US Consumer Watchdog Has a Plan to Fight Predatory Data Brokers
• 11:13 : He Got Banned From X. Now He Wants to Help You Escape, Too
• 11:13 : FTC Says Data Brokers Unlawfully Tracked Protesters and US Military Personnel
• 11:13 : With Threats to Encryption Looming, Signal’s Meredith Whittaker Says ‘We’re Not Changing’
• 11:13 : ICONICS and Mitsubishi Electric GENESIS64 Products
• 11:13 : Ruijie Reyee OS
• 11:13 : Fuji Electric Tellus Lite V-Simulator
• 11:13 : Open Automation Software
• 11:13 : Fuji Electric Monitouch V-SFT
• 11:13 : An Apple employee is suing the company over monitoring employee personal devices
• 11:13 : US government contractor ENGlobal says operations are ‘limited’ following cyberattack
• 11:13 : US agency proposes new rule blocking data brokers from selling Americans’ sensitive personal data
• 11:13 : FTC bans two data brokers from collecting and selling Americans’ sensitive location data
• 11:13 : US says Chinese hackers are still lurking in American phone networks
• 11:13 : Energy industry contractor ENGlobal Corporation discloses a ransomware attack
• 11:13 : DMM Bitcoin halts operations six months after a $300 million cyber heist
• 11:13 : The ASA flaw CVE-2014-2120 is being actively exploited in the wild
• 11:13 : U.S. CISA adds ProjectSend, North Grid Proself, and Zyxel firewalls bugs to its Known Exploited Vulnerabilities catalog
• 11:13 : Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks
• 11:13 : Horns&Hooves campaign delivers NetSupport RAT and BurnsRAT
• 11:12 : Kaspersky Security Bulletin 2024. Statistics
• 11:12 : Palo Alto Networks — the 2024 AWS Global Technology Partner of the Year
• 11:12 : SpyLoan Apps: The New Face of Financial Exploitation
• 11:12 : As Device Dependency Grows, So Do the Risks
• 11:12 : Anticipating Change: Key Cybersecurity Trends to Watch in 2025
• 11:12 : Navigating Australia’s Evolving Cyber Threat Landscape: Insights on AI-Driven Scams, Ransomware, and more
• 11:12 : APIs and the Demise of Direct Database Access: A Safer World?
• 11:12 : Imperva Defends Against LLM Hacking
• 11:12 : First Things First: Know and Prioritize Your Risk in Data Security
• 11:12 : Alleviating Alert Fatigue with an MSSP
• 11:12 : KnowBe4 Releases the Latest Phishing Trends in Q3 2024 Phishing Report, With QR Code Phishing on the Rise
• 11:12 : Heimdal Announces New Partnership with ITHealth to Reinforce Cyber Security for NHS Organisations
• 11:12 : SmokeLoader Attack Targets Companies in Taiwan
• 11:12 : Fortinet Contributes to Major Cybercrime Operation Arrests
• 11:12 : Amazon and Google Must Keep Their Promises on Project Nimbus
• 11:12 : 🍿 Today’s Double Feature: Privacy and Free Speech
• 11:12 : Speaking Freely: Aji Fama Jobe
• 11:12 : Top Ten EFF Digital Security Resources for People Concerned About the Incoming Trump Administration
• 11:11 : A week in security (November 25 – December 1)
• 11:11 : These cars want to know about your sex life (re-air) (Lock and Code S05E25)
• 11:11 : No company too small for Phobos ransomware gang, indictment reveals
• 11:11 : Repeat offenders drive bulk of tech support scams via Google Ads
• 11:11 : AI chatbot provider exposes 346,000 customer files, including ID documents, resumes, and medical records
• 11:11 : Severity of the risk facing the UK is widely underestimated, NCSC annual review warns
• 11:11 : Major energy contractor reports ‘limited’ access to IT after ransomware locks files
• 11:11 : Perfect 10 directory traversal vuln hits SailPoint’s IAM solution
• 11:11 : FTC scolds two data brokers for allegedly selling your location to the metre
• 11:11 : Eurocops take down ‘secure’ criminal chat system known as Matrix
• 11:11 : Vendors Unveil New Cloud Security Products, Features at AWS re:Invent 2024
• 11:11 : New EU Regulation Establishes European ‘Cybersecurity Shield’
• 11:11 : FBI Tells Telecom Firms to Boost Security Following Wide-Ranging Chinese Hacking Campaign
• 11:11 : Industry Moves for the week of December 2, 2024 – SecurityWeek
• 11:11 : Law Enforcement Read Criminals’ Messages After Hacking Matrix Service
• 11:11 : HyperRing Launches Second-Generation Smart Payment Ring With Global Coverage
• 11:11 : Are We Too Trusting of Employees?
• 11:11 : Defending Against Email Attachment Scams
• 11:10 : A Strategic Approach to Building a Comprehensive Third-Party Risk Framework
• 11:10 : Why Technology Interoperability is the Key to a Safer Internet of Things (IoT)
• 11:10 : Helldown Ransomware Outfit Linkd to Zyxel’s Firewall Exploits
• 11:10 : Costa Rica Faces Another Cyberattack, RECOPE Operations Shift to Manual Mode
• 11:10 : Russian Hackers Use Firefox and Windows Vulnerabilities in Global Cyberattack
• 11:10 : Cybercriminals Recruit Experts for Advanced Ransomware Development
• 11:10 : User Tracking: Google to Store User Data for 180 Days
• 11:10 : Vulnerability Summary for the Week of November 25, 2024
• 11:10 : ​​Follow-up on Ignite with Ask Microsoft Anything: Microsoft Security edition​​
• 11:10 : Veza Access Requests reduces the risk of identity-based threats
• 11:9 : Elastic expands cloud detection and response capabilities from a single SIEM
• 11:9 : Veeam Data Platform v12.3 encompasses three key objectives for enterprises
• 11:9 : AttackIQ Flex 3.0 empowers security teams to take control of their detection strategies
• 11:9 : FortiAppSec Cloud simplifies web application security management
• 11:9 : Critical SailPoint IdentityIQ Vulnerability Exposes Files to Unauthorized Access
• 11:9 : Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console
• 11:9 : Joint Advisory Warns of PRC-Backed Cyber Espionage Targeting Telecom Networks
• 11:9 : Researchers Uncover Backdoor in Solana’s Popular Web3.js npm Library
• 11:9 : How to Plan a New (and Improved!) Password Policy for Real-World Security Challenges
• 11:8 : Kimsuky Group Adopts New Phishing Tactics to Target Victims
• 11:8 : Ransomware Attack Disrupts Operations at US Contractor ENGlobal
• 11:8 : French Mobile Operators Join Forces to Tackle Rising Fraud
• 11:8 : German Police Shutter Country’s Largest Dark Web Market
• 11:8 : Vodka Giant Stoli Files for Bankruptcy After Ransomware Attack
• 11:8 : Ransomware affiliate arrested, UK hospital hacked, Cloudflare’s lost logs
• 11:8 : Hydra Market leader sentenced, Pegasus spyware arrest, SpyLoan malware targets millions
• 11:8 : Stoli U.S. bankrupts, German Crimenetwork seized, FBI telecom advisory
• 11:8 : AI ChatBot Exposes 300,000 Records: Cyber Security Today for Monday, December 1, 2024
• 11:8 : Hackers Move From Data Theft To Complete Destruction: Cyber Security Today For Wednesday, December 4, 2024