[ News | Newsletters | Blogs | Reddits | Lists | Media | Jobs ] HoneyDB
DarkReading
CISO Corner: What Cyber Labor Shortage?; Trouble Meeting SEC Disclosure Deadlines
CISOs Grapple With IBM's Unexpected Cybersecurity Software Exit
Intel Discloses Max Severity Bug in Its AI Model Compression Software
10 Ways a Digital Shield Protects Apps and APIs
SEC Adds New Incident Response Rules for Financial Sector
400K Linux Servers Recruited by Resurrected Ebury Botnet
CISOs and Their Companies Struggle to Comply With SEC Disclosure Rules
Whose Data Is It Anyway? Equitable Access in Cybersecurity
Microsoft Has Yet to Patch 7 Pwn2Own Zero-Days
Addressing the Cybersecurity Vendor Ecosystem Disconnect
Ars Technica
Financial institutions have 30 days to disclose breaches under new rules
Arizona woman accused of helping North Koreans get remote IT jobs at 300 companies
Archie, the Internet’s first search engine, is rescued and running
BreachForums, an online bazaar for stolen data, seized by FBI
Google unveils Veo, a high-definition AI video generator that may rival Sora
Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach
Chief Scientist Ilya Sutskever leaves OpenAI six months after Altman ouster
Google strikes back at OpenAI with “Project Astra” AI agent prototype
Apple, SpaceX, Microsoft return-to-office mandates drove senior talent away
The hunt for rare bitcoin is nearing an end
CyberScoop
Departing top CISA official reflects on nearly four years in the cyber hot seat
Top CISA official Eric Goldstein to depart agency next month
Arizona woman arrested and charged in North Korean IT worker scheme
Lawmakers fret over who will report foreign election interference 
Three bills governing AI in elections pass Senate committee
Inside Poland’s groundbreaking effort to reckon with spyware abuses 
BreachForums, a key English-language cybercrime forum, seized by the FBI
AI companies promise to protect our elections. Will they live up to their pledges?
DeRusha stepping down from ONCD, federal CISO roles
Ransomware used in attack that disrupted US hospitals 
HITBSecNews
Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach
Flaw in Wi-Fi Standard Can Enable SSID Confusion Attacks
BreachForums, an online bazaar for stolen data, seized by FBI
MIT students stole $25M in seconds by exploiting ETH blockchain bug
It’s the End of Google Search As We Know It
Google strikes back at OpenAI with “Project Astra” AI agent prototype
Disarmingly lifelike: ChatGPT-4o
Apple releases iOS 17.5, macOS 14.5, and other updates as new iPads launch
Security researcher says PoC for kernel vulnerability targeting iOS 17.4.1 and older coming soon
FBI To Charge Teenager Hackers From Scattered Spider Who Hacked Hundreds Of Organizations
SecurityWeek
A Former OpenAI Leader Says Safety Has ‘Taken a Backseat to Shiny Products’ at the AI Company
User Outcry as Slack Scrapes Customer Data for AI Model Training
In Other News: MediSecure Hack, Scattered Spider Targeted by FBI, New Wi-Fi Attack
CISA Warns of Exploited Vulnerabilities in EOL D-Link Products
Critical Flaw in AI Python Package Can Lead to System and Data Compromise
New ‘Antidot’ Android Trojan Allows Cybercriminals to Hack Devices, Steal Data
Microsoft Quick Assist Tool Abused for Ransomware Delivery
Woman Accused of Helping North Korean IT Workers Infiltrate Hundreds of US Firms
C/side Emerges From Stealth Mode With $1.7 Million Investment
Alkira Raises $100 Million for Secure Network Infrastructure Platform
ZDNet
Are all Linux vendor kernels insecure? A new study says yes, but there's a fix
Google patches another zero-day exploit in Chrome - and this one affects Edge too
Google unveils new Android 15 security updates: What you need to know
Hacker claims to have stolen Dell customer data, twice. Here's how to protect yourself
Lawmakers' Section 230 ultimatum to Big Tech: Work together to make the internet safer, or else
Meet Hackbat: An open-source, more powerful Flipper Zero alternative
iOS and Android owners will now be alerted if an unknown tracker is moving with them
Google is planning on a fix to prevent accidental password deletion in Chrome
The best VPN deals right now
The best travel VPNs of 2024: Expert tested and reviewed
The Hacker News
Kinsing Hacker Group Exploits More Flaws to Expand Botnet for Cryptojacking
New XM Cyber Research: 80% of Exposures from Misconfigurations, Less Than 1% from CVEs
China-Linked Hackers Adopt Two-Stage Infection Tactic to Deploy Deuterbear RAT
Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks
CISA Warns of Actively Exploited D-Link Router Vulnerabilities - Patch Now
New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade Attacks
North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign
Researchers Uncover 11 Security Flaws in GE HealthCare Ultrasound Machines
Cybercriminals Exploiting Microsoft’s Quick Assist Feature in Ransomware Attacks
Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability
BleepingComputer
Ransomware gang targets Windows admins via PuTTy, WinSCP malvertising
Banking malware Grandoreiro returns after police disruption
The Week in Ransomware - May 17th 2024 - Mailbombing is back
Microsoft to start enforcing Azure multi-factor authentication in July
SEC: Financial orgs have 30 days to send data breach notifications
US arrests suspects behind $73M ‘pig butchering’ laundering scheme
WebTPA data breach impacts 2.4 million insurance policyholders
US woman allegedly aided North Korean IT workers infiltrate 300 firms
Norway recommends replacing SSL VPN to prevent breaches
Microsoft shares temp fix for Outlook encrypted email reply issues
gbhackers
Hackers Exploiting Docusign With Phishing Attack To Steal Credentials
Norway Recommends Replacing SSLVPN/WebVPN to Stop Cyber Attacks
New Linux Backdoor Attacking Linux Users Via Installation Packages
ViperSoftX Malware Uses Deep Learning Model To Execute Commands
Santander Data Breach: Hackers Accessed Company Database
U.S. Govt Announces Rewards up to $5 Million for North Korean IT Workers
Russian APT Hackers Attacking Critical Infrastructure
Millions Of IoT Devices Vulnerable To Attacks Leads To Full Takeover
Apple Has Terminated 370 Million+ Developer & Customer Accounts
VirusTotal’s Crowdsourced AI Initiative to Analyze Macros With Word & Excel Files
Cybersecurity Dive
Microsoft warns of hacker misusing Quick Assist in Black Basta ransomware attacks
AI raises CIO cyber anxieties
CISA senior official Goldstein to leave agency in June
Palo Alto Networks signs broad enterprise cybersecurity partnership with IBM
Remote-access tools the intrusion point to blame for most ransomware attacks
Cybersecurity leaders expect their SOC budgets to grow, KPMG finds
Unsafe software development practices persist, despite CISA’s push
National Cyber Director echoes past warnings: Nation-state cyber threats are mounting
Cyber insurance costs are stabilizing as global market grows
Cyber pros weigh an intel-sharing quandary: What to share when attacks hit close to home
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
CISA News
CISA Publishes Encrypted DNS Implementation Guidance to Federal Agencies
CISA, DHS, FBI and International Partners Publish Guide for Protecting High-Risk Communities
CISA Unveils New Public Service Announcement – We Can Secure Our World
CISA Announces Secure by Design Commitments from Leading Technology Providers
DHS, CISA Announce Membership Changes to the Cyber Safety Review Board
CISA Releases Physical Security Checklist to Help Election Officials Secure Polling Locations
CISA Announces Winners of the 5th Annual President’s Cup Cybersecurity Competition
CISA, FBI, and ODNI Release Guidance for Securing Election Infrastructure Against the Tactics of Foreign Malign Influence Operations
CISA Directs Federal Agencies to Immediately Mitigate Significant Risk From Russian State-Sponsored Cyber Threat
CISA Announces Malware Next-Gen Analysis
The Register
An attorney says she saw her library reading habits reflected in mobile ads. That's not supposed to happen
Gawd, after that week, we wonder what's next for China and the Western world
How two brothers allegedly swiped $25M in a 12-second Ethereum heist
Aussie cops probe MediSecure's 'large-scale ransomware data breach'
Three cuffed for 'helping North Koreans' secure remote IT jobs in America
First LockBit, now BreachForums: Are cops winning the war or just a few battles?
Crims abusing Microsoft Quick Assist to deploy Black Basta ransomware
EU probes Meta over its provisions for protecting children
Stifling Beijing in cyberspace is now British intelligence’s number-one mission
NCSC CTO: Broken market must be fixed to usher in new tech
TechCrunch
Two Santa Cruz students uncover security bug that could let millions do their laundry for free
Healthcare company WebTPA discloses breach affecting 2.5 million people
Hacker claims theft of India’s Samco account data
Ireland privacy watchdog confirms Dell data breach investigation
Flock Safety’s solar-powered cameras could make surveillance more widespread
Thoma Bravo’s LogRhythm merges with Exabeam in more cybersecurity consolidation
FBI seizes hacking forum BreachForums — again
Google’s call-scanning AI could dial up censorship by default, privacy experts warn
Google adds live threat detection and screen-sharing protection to Android
Apple touts stopping $1.8B in App Store fraud last year in latest pitch to developers
Network World Security
BGP: What is border gateway protocol, and how does it work?
Red Hat seeks to be the platform for enterprise AI
FCC proposes BGP security measures
5 Must-haves for your next DSPM solution
Cisco, Nutanix strengthen joint HCI package
Raspberry Pi to become a public company
Palo Alto to acquire IBM’s QRadar security tech as vendors expand partnership
ZutaCore launches liquid cooling for advanced Nvidia chips
2024 global network outage report and internet health check
Network jobs watch: Hiring, skills and certification trends
Help Net Security
US exposes scheme enabling North Korean IT workers to bypass sanctions
The importance of access controls in incident response
Kroll expands its document review capabilities to accelerate incident response
GitLab unveils AI capabilities to help organizations better secure their software
The IT skills shortage situation is not expected to get any better
Organizations struggle to defend against ransomware
Too many ICS assets are exposed to the public internet
New infosec products of the week: May 17, 2024
Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002)
Google fixes third exploited Chrome zero-day in a week (CVE-2024-4947)
SC Magazine
How to revamp your cybersecurity in the middle of the chaos
Automated pentesting in the cloud
Hardware cybersecurity leader, Flexxon, introduces Server Defender
Leveling the cybersecurity playing field
6K-plus AI models may be affected by critical RCE vulnerability
Zscaler annual phishing report finds a near 60% increase in phishing attacks in 2023
2 D-Link router bugs added to CISA’s exploited vulnerabilities catalog
Unforeseen outcomes of innovation
CISA official Eric Goldstein to step down next month
Microsoft, North Korea, Santander, CISA, Deepfakes, Aaran Leyland & More - SWN #387
InfoSecurity Magazine
UK Councils Warn of Data Breach After Attack on Medical Supplier
New Android Banking Trojan Mimics Google Play Update App
Patient Data at Risk in MediSecure Ransomware Attack
Windows Quick Assist Exploited in Ransomware Attacks
SugarGh0st RAT Variant Used in Targeted AI Industry Attacks
53,000 Employees' Social Security Numbers Exposed in Nissan Data Breach
CISO Confidence in AI Security Grows as GenAI Adoption Rises
UK Lags Europe on Exploited Vulnerability Remediation
BreachForums Hacking Marketplace Taken Down Again
Cyber-Attack Disrupts Christie’s $840M Art Auctions
© 2024 RiskDiscovery | Sponsored by: Deception Logic