98Articles
8Categories
2024-10-28Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 3[−]
28 OctCritical WhatsUp Gold Authentication Flaw Exposes Organizations to Cyber AttackWhatsUp Gold, a popular network monitoring software, has identified a significant security vulnerability that could potentially expose numerous organizations to cyber attacks. The flaw, which affects versions released before 2024.0.0, involves multiple critical vulnerabilities th…GBHACKERS.COM
28 OctPatched SonicWall critical vulnerability still used in several ransomware attacksA critical access control vulnerability affecting SonicWall’s SonicOS network access solutions, SSLVPN, and management access, is being excessively exploited by ransomware affiliates for breaching victims’ networks. Arctic Wolf researchers observed that the Virtual Private Networ…CSOONLINE.COM
28 OctGrafana Vulnerability CVE-2024-9264: PoC Exploit Released for 9.9-Rated Critical Flawsubmitted by kid to cybersecurity 1 points | 0 comments https://securityonline.info/grafana-vulnerability-cve-2024-9264-poc-released-for-9-9-rated-critical-flaw/SH.ITJUST.WORKS
⚠️ VULNERABILITY DISCLOSURE 26[−]
28 OctCyber Risk Assessments: Risikobewertung hilft CISOsMit Hilfe von Cyber Risk Assessments können CISOs nicht nur das konkrete Risiko im Unternehmen ermitteln, sondern auch den Erfolg ihrer Arbeit sichtbar machen. Foto: Elnur – shutterstock.com Ab einem gewissen Alter gehen viele Menschen regelmäßig zum Arzt für einen Check-up. Das …CSOONLINE.COM
28 OctResearchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows KernelA new attack technique could be used to bypass Microsoft's Driver Signature Enforcement (DSE) on fully patched Windows systems, leading to operating system (OS) downgrade attacks. "This bypass allows loading unsigned kernel drivers, enabling attackers to deploy custom rootkits th…THEHACKERNEWS.COM
28 OctFiligran secures $35M for its ceybersecurity threat management suiteParis-based startup Filigran is fast becoming the next cybersecurity rocketship to track: The company just raised a $35 million Series B round, only a few months after it raised $16 million in a Series A round. Filigran’s main product is OpenCTI, an open-source threat intelligenc…TECHCRUNCH.COM
28 OctApple Offers 1 Million Dollar Bug Bounty For It's Apple Intelligence Services: Cyber Security Today for Monday, October 28, 2024In today's episode of Cybersecurity Today, host Jim Love covers stories including, Cisco releases an emergency patch for a vulnerability exploited in brute force attacks, Delta Airlines sues CrowdStrike over a problematic software update leading to flight disruptions, UnitedHealt…CYBERSECURITYTODAY.LIBSYN.COM
28 OctThe 10 biggest issues CISOs and cyber teams face todayTo outsiders, the CISO role may seem straightforward: Secure the tech stack. But CISOs know that their job, which in its earliest days may have been narrow in scope, now comprises a huge array of responsibilities. Although CISOs say each of those duties are critical, they cite a …CSOONLINE.COM
28 Oct77% of CISOs fear next big breach will get them firedWhen security vendor Portnox reported in a survey that 77% of CISOs say they are either very or extremely worried about losing their job when the next big breach happens, it raised questions about how CISOs should perceive their value in the C-suite. Will they be punished for iss…CSOONLINE.COM
28 OctAP Sources: Chinese Hackers Targeted Phones of Trump, Vance, People Associated With Harris CampaignChinese hackers engaged in a broader espionage operation targeted cellphones used by Donald Trump, JD Vance, and the Kamala Harris campaign. The post AP Sources: Chinese Hackers Targeted Phones of Trump, Vance, People Associated With Harris Campaign appeared first on SecurityWeek…SECURITYWEEK.COM
28 OctVulnerabilities in Realtek SD Card Reader Driver Impacts Dell, Lenovo, & Others LaptopsMultiple vulnerabilities have been discovered in the Realtek SD card reader driver, RtsPer.sys, affecting a wide range of laptops from major manufacturers like Dell and Lenovo. These vulnerabilities have been present for years, allowing non-privileged users to exploit the system …GBHACKERS.COM
28 OctTHN Cybersecurity Recap: Top Threats, Tools and News (Oct 21 - Oct 27)Cybersecurity news can sometimes feel like a never-ending horror movie, can't it? Just when you think the villains are locked up, a new threat emerges from the shadows. This week is no exception, with tales of exploited flaws, international espionage, and AI shenanigans that coul…THEHACKERNEWS.COM
28 OctMore Details Shared on Windows Downgrade Attacks After Microsoft Rolls Out MitigationsMicrosoft has rolled out mitigations for recently disclosed downgrade attacks targeting the Windows Update process. The post More Details Shared on Windows Downgrade Attacks After Microsoft Rolls Out Mitigations appeared first on SecurityWeek .SECURITYWEEK.COM
28 OctHow to track Kia car owners online | Kaspersky official blogHow it was possible to track Kia owners and hack their cars using their license plate numbers by exploiting a vulnerability in the carmaker's web portal.KASPERSKY.COM
28 OctDutch Police and FBI Infiltrate Info-Stealer InfrastructureCops Recover Redline, Meta Infostealer Data; Promise Criminal Users: 'See You Soon' The Dutch National Police, working with the FBI, say they've disrupted the Redline and Meta info-stealing malware services after obtaining "full access" to them, including source code and extensiv…DATABREACHTODAY.CO.UK
28 OctCyber Attack Tools Now Being Used To Help Phishing Pages Avoid DetectionCybercriminals are offering tools to help phishing pages avoid detection by security tools, according to researchers at SlashNext.KNOWBE4.COM
28 OctRedline, Meta infostealer malware operations seized by policeThe Dutch National Police seized the network infrastructure for the Redline and Meta infostealer malware operations in "Operation Magnus," warning cybercriminals that their data is now in the hands of the law enforcement. [...]BLEEPINGCOMPUTER.COM
28 OctUS says Chinese hackers breached multiple telecom providersThe FBI and the U.S. Cybersecurity & Infrastructure Security Agency (CISA) have disclosed that Chinese hackers breached commercial telecommunication service providers in the United States. [...]BLEEPINGCOMPUTER.COM
28 OctChinese hackers targeted phones affiliated with Harris campaign, source sayssubmitted by kid to cybersecurity 0 points | 0 comments https://www.reuters.com/technology/cybersecurity/chinese-hackers-targeted-phones-used-by-trump-vance-new-york-times-reports-2024-10-25/SH.ITJUST.WORKS
28 OctA layered approach to securing multicloud generative AI workloadsWe’re on the cusp of an artificial intelligence revolution, and the generative AI trend doesn’t seem to be slowing down anytime soon. Research by McKinsey found that 72% of organizations used generative AI in one or more business functions in 2024—up from 56% in 2021. As business…CSOONLINE.COM
28 OctDelta Air Lines Sues CrowdStrike Over July System MeltdownLawsuit Compares Botched Software Update to Hacking Delta Air Lines filed an acerbic lawsuit Friday afternoon against CrowdStrike that likens the endpoint security vendor's botched July 19 update to hacking. The suit accuses the cybersecurity company of "installing an exploit in …DATABREACHTODAY.CO.UK
28 OctWiz CEO and Co-Founder Assaf Rappaport: From Zero-Day to HeroFresh off a $1 billion funding round, Wiz has shot to fame as one of the fastest-growing, impactful cloud security startups ever. And one of the most sought after: earlier this year it rebuffed a $23 billion M&A offer from Google. Watch and learn to Wiz’s CEO Assaf Rapp…TECHCRUNCH.COM
28 Oct4 out of 10 Phishing Emails Are Sent From a Compromised Email AccountAnalysis of phishing emails in the second quarter of this year paints a picture of what security teams and vigilant recipients should expect from modern phishing attacks.KNOWBE4.COM
28 OctThreat Actors Compromise Valid Accounts Via Social EngineeringPhishing remains a top initial access vector for cyberattacks, according to researchers at Cisco Talos.KNOWBE4.COM
28 OctSecurity researchers circumvent Microsoft Azure AI Content SafetySecurity researchers at Mindgard have uncovered two security vulnerabilities in Azure AI Content Safety , Microsoft’s filter system for its AI platform. The vulnerabilities create a potential means for attackers to bypass content safety guardrails before pushing malicious content…CSOONLINE.COM
28 OctStay Ahead of Identity Threats & Addressing Cybersecurity Disparities - Oktane - BSW #370Identity continues to be one of the most used attack vectors by cybercriminals. From phishing to credential stuffing to password spraying – threat actors are finding new ways to infiltrate systems and cause costly problems to companies. David Bradbury, Chief Security Officer at O…YOUTUBE.COM
28 OctTony Fadell: Innovating to save our planet | Starmus highlightsAs methane emissions come under heightened global scrutiny, learn how a state-of-the-art satellite can pinpoint their sources and deliver the insights needed for targeted mitigation effortsWELIVESECURITY.COM
28 OctThree Ways AI Can Hack the U.S. ElectionThe growing capability of AI content poses three very real threats to modern elections. We explain each, and take a glimpse at a possible solution to the growing AIpocalypse.F5.COM
28 OctThree Ways AI Can Hack the U.S. ElectionThe growing capability of AI content poses three very real threats to modern elections. We explain each, and take a glimpse at a possible solution to the growing AIpocalypse.F5.COM
📢 SECURITY ADVISORIES 11[−]
28 OctStaff Stories Spotlight Series: Cybersecurity Awareness Month 2024This blog is part of a larger NIST series during the month of October for Cybersecurity Awareness Month , called 'Staff Stories Spotlight.' Throughout the month of October this year, Q&A style blogs will be published featuring some of our unique staff members who have interes…NIST.GOV
28 OctThe Big Debate: Security vs. Compliance – Who’s Right?Security vs. Compliance – it’s a debate as old as cybersecurity itself! 🔒 In this short, experts dive into why communication and process might actually be the real MVPs of keeping your business safe. Compliance is important, but does it really define security? Hear their take as …YOUTUBE.COM
28 OctUS Bans Investments Into Cutting Edge Chinese TechUS Treasury Issues Regulations Restricting Investments in Foreign Semiconductors, AI The U.S. Department of Treasury published final regulations Monday for investors planting dollars abroad that aims to restrict investments from the United States into sensitive technologies devel…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 13[−]
28 OctFour Evil Ransomware Operators Sentenced For Hacking EnterprisesThe St. Petersburg Garrison Military Court has sentenced four individuals involved in a notorious ransomware operation. Artem Zayets, Aleksey Malozemov, Daniil Puzyrevsky, and Ruslan Khansvyarov have been found guilty of illegally circulating means of payment. Puzyrevsky and Khan…GBHACKERS.COM
28 OctSelf-contained HTML phishing attachment using Telegram to exfiltrate stolen credentials, (Mon, Oct 28th)Phishing authors have long ago discovered that adding HTML attachments to the messages they send out can have significant benefits for them – especially since an HTML file can contain an entire credential-stealing web page and does not need to reach out to th…ISC.SANS.EDU
28 OctFour REvil Ransomware Group Members Sentenced to Prison in RussiaFour members of the REvil ransomware group, arrested in 2022, were last week sentenced to prison by a Russian court. The post Four REvil Ransomware Group Members Sentenced to Prison in Russia appeared first on SecurityWeek .SECURITYWEEK.COM
28 OctOnDemand: Mastering Cyber Resilience in the Age of Unstructured DataIn the evolving cybersecurity landscape, unstructured data has emerged as a primary gateway for ransomware attacks. In the evolving cybersecurity landscape, unstructured data has emerged as a primary gateway for ransomware attacks. This webinar will explore the growing risks asso…DATABREACHTODAY.CO.UK
28 OctBlack Basta greift über MS-Teams-Chats ansrcset="https://b2b-contenthub.com/wp-content/uploads/2024/10/shutterstock_1719459637.jpg?quality=50&strip=all 4500w, https://b2b-contenthub.com/wp-content/uploads/2024/10/shutterstock_1719459637.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
28 OctFog ransomware targets SonicWall VPNs to breach corporate networkssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/fog-ransomware-targets-sonicwall-vpns-to-breach-corporate-networks/SH.ITJUST.WORKS
28 OctUS says Chinese hackers breached multiple telecom providerssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/us-says-chinese-hackers-breached-multiple-telecom-providers/SH.ITJUST.WORKS
28 OctBlack Basta affiliates used Microsoft Teams in recent attackssubmitted by kid to cybersecurity 3 points | 0 comments https://securityaffairs.com/170311/cyber-crime/black-basta-ransomware-microsoft-teams.htmlSH.ITJUST.WORKS
28 OctMexican airport operator purportedly breached by RansomHubsubmitted by kid to cybersecurity 2 points | 0 comments https://www.scworld.com/brief/mexican-airport-operator-purportedly-breached-by-ransomhubSH.ITJUST.WORKS
28 OctFree, France’s second largest ISP, confirms data breach after leakFree, a major internet service provider (ISP) in France, confirmed over the weekend that hackers breached its systems and stole customer personal information. [...]BLEEPINGCOMPUTER.COM
28 OctKey Federal Cyber Panel to Probe Chinese Telecoms HackingCyber Safety Review Board to Examine Beijing-Linked Telecom Breaches A key federal cybersecurity panel will investigate Chinese-linked hacks into United States telecom networks and wiretapping infrastructure amid growing concerns of vulnerabilities embedded into the nation's comm…DATABREACHTODAY.CO.UK
28 OctWhy Shoring Up Cyber at Rural and Small Hospitals Is UrgentWhen a large hospital in an urban area is shut down by ransomware, the disruption can be significant, but when a rural hospital faces a similar cyber outage, the impact on patient safety and the community can be extreme, said Nitin Natarajan of the Cybersecurity and Infrastructur…DATABREACHTODAY.CO.UK
28 OctFrench ISP Free confirms data breach after hacker puts customer data up for auctionOne of the largest internet providers in France, Free S.A.S, has confirmed that it recently suffered a cybersecurity breach after a hacker attempted to sell what purported to be stolen data from the organisation on the dark web. Read more in my article on the Hot for Security blo…BITDEFENDER.COM
🕵️ THREAT INTELLIGENCE 29[−]
28 OctISC Stormcast For Monday, October 28th, 2024 https://isc.sans.edu/podcastdetail/9198, (Mon, Oct 28th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
28 OctCyber Guru Raises $25 Million for Training PlatformCybersecurity training provider Cyber Guru has raised $25 million in a Series B funding round led by Riverside Acceleration Capital. The post Cyber Guru Raises $25 Million for Training Platform appeared first on SecurityWeek .SECURITYWEEK.COM
28 OctCisco is still hard-coding passwords into its productssubmitted by BrikoX to cybersecurity 2 points | 0 comments https://www.thestack.technology/cisco-hard-coding-passwords-products/ Static credentials with passwords written into a firewall’s code. What could go wrong?SH.ITJUST.WORKS
28 OctDelta Sues Cybersecurity Firm CrowdStrike Over Tech Outage That Canceled FlightsDelta Air Lines has sued CrowdStrike, claiming the cybersecurity company had cut corners and caused a worldwide technology outage that led to thousands of canceled flight in July. The post Delta Sues Cybersecurity Firm CrowdStrike Over Tech Outage That Canceled Flights appeared f…SECURITYWEEK.COM
28 OctGerman MPs and their staff fail simple phishing attack testsubmitted by BrikoX to cybersecurity 2 points | 0 comments https://www.tomshardware.com/tech-industry/cyber-security/german-mps-and-their-staff-fail-simple-phishing-attack-test Fake site set up by the Bundestag tricked several politicians into giving away their passwords and logi…SH.ITJUST.WORKS
28 OctCybercriminals Use Webflow to Deceive Users into Sharing Sensitive Login CredentialsCybersecurity researchers have warned of a spike in phishing pages created using a website builder tool called Webflow, as threat actors continue to abuse legitimate services like Cloudflare and Microsoft Sway to their advantage. "The campaigns target sensitive information from d…THEHACKERNEWS.COM
28 OctAbstract Security Raises $15 Million in Series A FundingAbstract Security has raised $15 million in an oversubscribed Series A funding round led by Munich Re Ventures. The post Abstract Security Raises $15 Million in Series A Funding appeared first on SecurityWeek .SECURITYWEEK.COM
28 OctThe £3 Million Daily HeistA recent report from UK Finance covered by the BBC paints a concerning picture of the evolving landscape of financial fraud. With a 16% rise in fraud cases and criminals stealing over £3 million daily, it's clear that awareness of cybersecurity threats has never been more crucial…KNOWBE4.COM
28 OctFiligran Secures $35M Investment to Disrupt Threat IntelFrench startup scores investments from Insight Partners, Accel and Moonfire, bringing the total raised to $56 million. The post Filigran Secures $35M Investment to Disrupt Threat Intel appeared first on SecurityWeek .SECURITYWEEK.COM
28 OctSocure Acquires Risk Decisioning Company Effectiv for $136MPredictive analytics firm Socure will spend $136 million to acquire Effectiv, a provider of fraud and risk decisioning technologies. The post Socure Acquires Risk Decisioning Company Effectiv for $136M appeared first on SecurityWeek .SECURITYWEEK.COM
28 OctGoogle: Russia Targeting Ukrainian Military Recruits With Android, Windows MalwareGoogle has uncovered a Russian cyberespionage and influence campaign targeting Ukrainian military recruits. The post Google: Russia Targeting Ukrainian Military Recruits With Android, Windows Malware appeared first on SecurityWeek .SECURITYWEEK.COM
28 OctRussian Espionage Group Targets Ukrainian Military with Malware via TelegramA suspected Russian hybrid espionage and influence operation has been observed delivering a mix of Windows and Android malware to target the Ukrainian military under the Telegram persona Civil Defense. Google's Threat Analysis Group (TAG) and Mandiant are tracking the activity un…THEHACKERNEWS.COM
28 OctBeaverTail Malware Resurfaces in Malicious npm Packages Targeting DevelopersThree malicious packages published to the npm registry in September 2024 have been found to contain a known malware called BeaverTail, a JavaScript downloader and information stealer linked to an ongoing North Korean campaign tracked as Contagious Interview. The Datadog Security …THEHACKERNEWS.COM
28 OctDelta gets serious and sues CrowdStrikeThe dispute between Delta Airlines and CrowdStrike is entering the hot phase: The airline sued the cybersecurity company CrowdStrike in Fulton County Superior Court in the US state of Georgia on October 25, according to media reports. The airline has been threatening to sue since…CSOONLINE.COM
28 OctGoogle Invests in Alternative Neutral Atom Quantum TechnologyGoogle invested in QuEra Computing, which is developing a very different and potentially rival quantum computer technology. The post Google Invests in Alternative Neutral Atom Quantum Technology appeared first on SecurityWeek .SECURITYWEEK.COM
28 OctCriminals Are Blowing up ATMs in GermanyIt’s low tech , but effective. Why Germany? It has more ATMs than other European countries, and—if I read the article right—they have more money in them.SCHNEIER.COM
28 OctMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 2 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
28 OctChinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud ServicesA government entity and a religious organization in Taiwan were the target of a China-linked threat actor known as Evasive Panda that infected them with a previously undocumented post-compromise toolset codenamed CloudScout. "The CloudScout toolset is capable of retrieving data f…THEHACKERNEWS.COM
28 OctRussia targets Ukrainian conscripts with Windows, Android malwareA hybrid espionage/influence campaign conducted by the Russian threat group 'UNC5812' has been uncovered, targeting Ukrainian military recruits with Windows and Android malware. [...]BLEEPINGCOMPUTER.COM
28 OctRussia Tied to Ukrainian Military Recruit Malware TargetingAnti-Mobilization Messaging Lead to Malware-Pushing 'Civil Defense' Site Potential Ukrainian military recruits are being targeted by a "hybrid espionage and information operation" - likely Russian - involving Telegram anti-mobilization messaging and a "Civil Defense" website desi…DATABREACHTODAY.CO.UK
28 OctINE Launches Initiative to Optimize Year-End Training Budgets with Enhanced Cybersecurity and Networking ProgramsAs the year-end approaches, it’s common for enterprises to discover they still have funds that must be utilized. Often, these L&D dollars are “use or lose,” meaning they will be returned to the general fund if not invested. Recognizing this, INE Security is launch…GBHACKERS.COM
28 OctNews alert: INE shares guidance to help companies invest in year-end cybersecurity, networking trainingCary, NC, Oct. 28, 2024, CyberNewswire — As the year-end approaches, it’s common for enterprises to discover they still have funds that must be utilized. Often, these L&D dollars are “use or lose,” meaning they will be returned to the … (more…) The pos…LASTWATCHDOG.COM
28 OctForrester's 2025 Predictions: Gen AI Investments to DeclineForrester's Cody Scott on Why 2025 Will Be Pivotal for Security Leaders Forrester's 2025 Predictions for Cybersecurity, Risk and Privacy report forecasts that security leaders will scale back generative AI investments by 10%. AI productivity gains have fallen short of expectation…DATABREACHTODAY.CO.UK
28 OctDeepfake Phone Scams for Less Than a Dollar a PopAcademics Build AI Agent With OpenAI to Execute Phone Scams at Scale Hackers can use OpenAI's real-time voice API to carry out for less than a dollar deepfake scams involving voice impersonations of government officials or bank employees to swindle victims, said researchers at th…DATABREACHTODAY.CO.UK
28 OctClaude's Computer Use May End Up a Cautionary TaleUpdate to Anthropic Model Allows Automation Without Human Oversight Anthropic's updated Claude model can autonomously run tasks on computers it's used on, a feature the company positions as a perk. The feature has the potential to boost productivity, but security experts - and th…DATABREACHTODAY.CO.UK
28 Oct2024 Startup Battlefield Top 20 Finalists: DGLegacyEnsures that in the case of an unforeseen event, your assets won’t be lost and your loved ones would be able to claim their rightful ownership with a digital legacy planning and inheritance app. Subscribe for more on YouTube: https://tcrn.ch/youtube Follow TechCrunch on Instagram…TECHCRUNCH.COM
28 OctThe CISO Mindset, Top Strategies, and Mandating Office Presence Without Purpose - BSW #370In the leadership and communications segment, The CISO Mindset: A Strategic Guide for Aspiring CEOs and The Board Members, The Top Strategy to Earn More Respect at Work: A Leadership Expert’s Proven Method, The Problem with Mandating Office Presence Without Purpose, and more! Vis…YOUTUBE.COM
28 OctArmis Secures $200M to Drive M&A and Federal Market GrowthSeries D Funding on $4.2B Valuation to Support OT, Medical Device Security Growth Armis has closed a $200 million Series D funding round on a $4.2 billion valuation to drive growth in cyber exposure management with a focus on acquisitions and federal expansion. CEO Yevgeny Dibrov…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 3[−]
28 OctSailing the Seven Seas Securely from Port to Port – OT Access Security for Ships and CranesOperational Technology (OT) security has affected marine vessel and port operators, since both ships and industrial cranes are being digitalized and automated at a rapid pace, ushering in new types of security challenges. Ships come to shore every six months on average. Container…THEHACKERNEWS.COM
28 OctPolice operation claims takedown of prolific Redline and Meta password stealersAuthorities have gained 'full access' to the servers used by the two notorious infostealers © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
🎙️ PODCASTS 1[−]
28 OctRisky Biz Soap Box: Thinkst Canary's decade of deceptionIn this Soap Box edition of the podcast Patrick Gray chats with Thinkst Canary founder Haroon Meer about his “decade of deception”, including: A history of Thinkst Canary including a recap of what they actually do A look at why they’re still really the only major player in the de…RISKY.BIZ
📡 INFOSEC NEWS 12[−]
28 OctIndustry Moves for the week of October 28, 2024 - SecurityWeekExplore industry moves and significant changes in the industry for the week of October 28, 2024. Stay updated with the latest industry trends and shifts.SECURITYWEEK.COM
28 OctCybersecurity Mystery: $46M and 33,000 Cars Stalled!What happens when a $46 million car deal goes completely off the rails? 🚗💸 A car rental company bought 33,000 vehicles, but there's a twist: they can’t actually access or control them! Due to mysterious cybersecurity issues, the systems needed to manage the cars can’t be transfer…YOUTUBE.COM
28 OctWiz CEO says company was targeted with deepfake attack that used his voiceEven cybersecurity companies aren’t safe from deepfake attacks. Speaking on stage at TechCrunch Disrupt in San Francisco, Wiz’s CEO and co-founder Assaf Rappaport, who recently turned down a $23 billion acquisition offer from Google, noted that his employees had been target…TECHCRUNCH.COM
28 OctWiz CEO explains why he turned down a $23 billion dealAssaf Rappaport, the co-founder and CEO of cloud security startup Wiz, said that turning down a $23 billion offer from Google was “the toughest decision ever,” but justified it by saying the company can get even bigger and reach $100 billion because cloud security is the future. …TECHCRUNCH.COM
28 OctExchange Online adds Inbound DANE with DNSSEC for everyoneMicrosoft announced today that inbound SMTP DANE with DNSSEC for Exchange Online, a new capability to boost email security and integrity, is now generally available. [...]BLEEPINGCOMPUTER.COM
28 OctNew tool bypasses Google Chrome’s new cookie encryption systemA researcher has released a tool to bypass Google's new App-Bound encryption cookie-theft defenses and extract saved credentials from the Chrome web browser. [...]BLEEPINGCOMPUTER.COM
28 OctApple Updates Everything, (Mon, Oct 28th)Today, Apple released updates for all of its operating systems. These updates include new AI features. For iOS 18 users, the only upgrade path is iOS 18.1, which includes the AI features. Same for users of macOS 15 Sequoia. For older operating systems versions (iOS 17, macOS 13, …ISC.SANS.EDU
28 OctCloudScout: Evasive Panda scouting cloud servicesESET researchers discovered a previously undocumented toolset used by Evasive Panda to access and retrieve data from cloud servicesWELIVESECURITY.COM