CISO Corner: Federal Cyber Deadlines Loom; Private Chatbot Danger

Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: fighting cybersecurity burnout; BlackSuit ransomware; the SEC breach rules and risk management.

BBC Breach Puts 25K Pension Scheme Members at Risk

Though information such as dates of birth, email addresses, and home addresses were compromised, "the Beeb" assures individuals that financial information is still protected.

OpenAI Disrupts 5 AI-Powered, State-Backed Influence Ops

Most of the operations were feckless efforts with little impact, but they illustrate how AI is changing the game for inauthentic content on both the adversary and defense sides.

FlyingYeti APT Serves Up Cookbox Malware Using WinRAR

The Russia-aligned FlyingYeti's phishing campaign exploited Ukrainian citizens' financial stress to spread Cookbox malware.

Data Privacy in the Age of GenAI

Consumer data is still a prime target for threat actors, and organizational consumption of data must be aligned to protecting it. The new rights act seeks to do some of this, but it still needs tweaking.

Cops Swarm Global Cybercrime Botnet Infrastructure in 2 Massive Ops

Europol undertook dropper malware botnet takedown while US law enforcement dismantled a sprawling cybercrime botnet for hire.

Flawed AI Tools Create Worries for Private LLMs, Chatbots

Companies are looking to large language models to help their employees glean information from unstructured data, but vulnerabilities could lead to disinformation and, potentially, data leaks.

BforeAI Launches PreCrime™ Guarantee Program for Seamless Cyber Risk Coverage

Microsoft: 'Moonstone Sleet' APT Melds Espionage, Financial Goals

North Korea's newest threat actor uses every trick in the nation-state APT playbook, and most of cybercrime's tricks, too. It also developed a whole video game company to hide malware.

Exploit for Fortinet Critical RCE Bug Allows SIEM Root Access

Corporate admins should patch the max-severity CVE-2024-23108 immediately, which allows unauthenticated command injection.

Making the Case for 'Reasonable' Cybersecurity

Reasonable cybersecurity is highly subjective and organizations need to plan carefully in order to quantify cyber risk and apply security controls.

CatDDOS Threat Groups Sharply Ramp Up DDoS Attacks

In attacks over the past three months, threat actors have exploited more than 80 vulnerabilities to accelerate distribution of the Mirai variant.

OpenAI Forms Another Safety Committee After Dismantling Prior Team

The committee is being set up as the ChatGPT creator begins to train its latest large language model, GPT-5, which will reach "a new level of capabilities."

90+ Malicious Apps Totaling 5.5M Downloads Lurk on Google Play

The dangerous Anatsa banking Trojan is among the malware being spread to Android users via decoy mobile apps in recent months.

The SEC's New Take on Cybersecurity Risk Management

Insights from three companies that recently reported breaches under the new disclosure regulations.

Looking to Leverage Generative AI? Prep for Success With These 4 Tips

There's plenty of upside to this emerging technology, especially if organizations smartly plan for GenAI's rollout and long-term management.

6 Facts About How Interpol Fights Cybercrime

So you think you know Interpol? Here are some key details of how this international law enforcement entity disrupts cybercrime worldwide.

Microsoft's 'Recall' Feature Draws Criticism From Privacy Advocates

Despite Microsoft's reassurances, multiple security researchers describe the technology as problematic for users and their organizations.

Research From Claroty's Team82 Highlights Remote Access Risks Facing Mission-Critical OT Assets

AI Voice Generator App Used to Drop Gipy Malware

Users get duped into downloading malicious files disguised to look like an application that uses artificial intelligence to alter voices.

MIT Brothers Charged With Exploiting Ethereum to Steal $25 Million

The two MIT graduates discovered a flaw in a common trading tool for the Ethereum blockchain. Does it presage problems ahead for cryptocurrency?

Stalkerware App With Security Bug Discovered on Hotel Systems

The spyware is able to capture screenshots of a user's device every few seconds from any location globally.

New Gift Card Scam Targets Retailers, Not Buyers, to Print Endless $$$

Microsoft researchers discover an old-timey scam with a facelift for the cloud era: hacking retailers' portals to make it rain gift cards.

GitHub Authentication Bypass Opens Enterprise Server to Attackers

The max-severity bug affects versions using the SAML single sign-on mechanism.

Snowflake's Anvilogic Investment Signals Changes in SIEM Market

Coming on the heels of Cisco buying Splunk, Palo Alto Networks acquiring IBM's QRadar, and LogRhythm merging with Exabeam, Snowflake's investment highlights the ongoing market pressure to improve SOC tools.

Trends at the 2024 RSA Startup Competition

Startups at Innovation Sandbox 2024 brought clarity to artificial intelligence, protecting data from AI, and accomplishing novel security solutions with new models.

Iran APTs Tag Team Espionage, Wiper Attacks Against Israel & Albania

Scarred Manticore is the smart, sophisticated one. But when Iran needs something destroyed, it hands the keys over to Void Manticore.

YouTube Becomes Latest Battlefront for Phishing, Deepfakes

Personalized phishing emails with fake collaboration opportunities and compromised video descriptions linking to malware are just some of the new tricks.

Name That Toon: Buzz Kill

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Critical Bug Allows DoS, RCE, Data Leaks in All Major Cloud Platforms

An on-by-default endpoint in ubiquitous logging service Fluent Bit contains an oversight that hackers can toy with to rattle most any cloud environment.

Students Spot Washing Machine App Flaw That Gives Out Free Cycles

UCSC students say that after reporting the bug months ago they're still able to rack up unlimited free wash loads at their local laundromat.

What American Enterprises Can Learn From Europe's GDPR Mistakes

As the US braces for a data privacy overhaul, companies need to update data practices, train staff, and ensuring compliance from the outset to avoid Europe's costly missteps.

Android Banking Trojan Antidot Disguised as Google Play Update

Antidot uses overlay attacks and keylogging to target users' financial data.

CISO Corner: What Cyber Labor Shortage?; Trouble Meeting SEC Disclosure Deadlines

Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: DR's podcast on the CISO & the SEC; breaking down CISA's Secure by Design Pledge; Singapore puts cloud providers on notice.

Intel Discloses Max Severity Bug in Its AI Model Compression Software

The improper input validation issue in Intel Neural Compressor enables remote attackers to execute arbitrary code on affected systems.

10 Ways a Digital Shield Protects Apps and APIs

Layers of protection can bring defense-in-depth practices to distributed clouds and other modern network architectures.

SEC Adds New Incident Response Rules for Financial Sector

Financial firms covered under new regulations will be required to establish a clear response and communications plan for customer data breaches.

There Is No Cyber Labor Shortage

There are plenty of valuable candidates on the market. Hiring managers are simply looking in the wrong places.

US AI Experts Targeted in SugarGh0st RAT Campaign

Researchers believe the attacker is likely China-affiliated, since a previous version of the malware was used by a China nation-state attack group.

Asian Threat Actors Use New Techniques to Attack Familiar Targets

Generative AI and software supply chain attacks are being exploited to disrupt, manipulate, and steal.

GE Ultrasound Gear Riddled With Bugs, Open to Ransomware & Data Theft

Thankfully, GE ultrasounds aren't Internet-facing. Exploiting most of the bugs to cause serious damage to patients would require physical device access.

Alkira Raises $100M in Series C Funding to Simplify, Secure and Scale Critical Network Infrastructure

FBI, DoJ Shut Down BreachForums, Launch Investigation

Instead of online contraband, the website now asks anyone with information that could help with the investigation to contact authorities.

Scammers Fake DocuSign Templates to Blackmail & Steal From Companies

Cybercriminals are trafficking DocuSign assets that allow for easy extortion and business email compromise.

Microsoft Windows DWM Zero-Day Poised for Mass Exploit

CVE-2024-30051, under active exploit, is the most concerning out of this month's Patch Tuesday offerings, and already being abused by several QakBot actors.

Unprotected Session Tokens Can Undermine FIDO2 Security

While the protocol has made passwordless authentication a reality, token-binding is key to prevent against token theft and reuse, security vendor says.

A Cost-Effective Encryption Strategy Starts With Key Management

Key management is more complex than ever. Your choices are: Rely on your cloud provider or manage keys locally; Encrypt only the most critical data; Or encrypt everything.

There Is No Cyber Labor Shortage

There are plenty of valuable candidates on the market. Hiring managers are simply looking in the wrong places.

Heartbleed: When Is It Good to Name a Vulnerability?

Ten years have passed since Heartbleed was first identified, but the security industry is still grappling with the question of branded vulnerabilities and naming vulnerabilities appropriately.

500 Victims In, Black Basta Reinvents With Novel Vishing Strategy

Ransomware groups have always created problems for their victims that only they could solve. Black Basta is taking that core idea in a creative, new direction.

Ukrainian, Latvian TV Hijacked to Broadcast Russian Celebrations

At least 15 television channels were interrupted in Ukraine alone, which, reportedly, is not out of the norm in this "information war."

IntelBroker Nabs Europol Info; Agency Investigating

Europe's cross-border law enforcement agency says the well-known hacking outfit, contrary to claims, did not access operational data.

Why Tokens Are Like Gold for Opportunistic Threat Actors

When setting authentication token expiry policies, always lean in to security over employee convenience.

Millions of IoT Devices at Risk from Flaws in Integrated Cellular Modem

Researchers discovered seven vulnerabilities — including an unauthenticated RCE issue — in widely deployed Telit Cinterion modems.

Reality Defender Wins RSAC Innovation Sandbox Competition

In a field thick with cybersecurity startups showing off how they use AI and LLMs, Reality Defender stood out for its tool for detecting and labeling deepfakes and other artificial content.

CyberProof Announces Strategic Partnership With Google Cloud

Aggressive Cloud-Security Player Wiz Scores $1B in Funding Round

The latest round of investment prices the fast-growing cloud native application protection platform (CNAPP) at $12 billion with a simple mandate: Grow quickly through acquisition.

LockBit Claims Wichita as Its Victim 2 Days After Ransomware Attack

The city is still investigating the attack, and neither the group nor city officials have offered details about the ransomware demands.

runZero Research Explores Unexpected Exposures in Enterprise Infrastructure

CISOs Are Worried About Their Jobs & Dissatisfied With Their Incomes

The research shows a significant drop in the number of tech CISOs that got a base salary increase in the past year — roughly 18% year-over-year.

Chinese Hackers Deployed Backdoor Quintet to Down MITRE

MITRE's hackers made use of at least five different Web shells and backdoors as part of their attack chain.

Wiz Announces $1B Funding Round, Plans More M&A

Much of the funding will be used for product development and talent acquisition to cover more ground as the cybersecurity industry continues to evolve.

Does CISA's KEV Catalog Speed Up Remediation?

Vulnerabilities added to the CISA known exploited vulnerability (KEV) list do indeed get patched faster, but not fast enough.

What's the Future Path for CISOs?

A panel of former CISOs will lead the closing session of this week's RSA Conference to discuss challenges and opportunities.

Introducing the NetBeacon Institute: Empowering a Safer Web

AXA XL Introduces Endorsement to Help Public Companies Address SEC Cyber Reporting Costs

Microsoft Previews Feature to Block Malicious OAuth Apps

Microsoft is previewing new AI and machine learning capabilities in Defender XDR that will help detect and block malicious OAuth applications.

AT&T Splits Cybersecurity Services Business, Launches LevelBlue

The new company will focus on cybersecurity services as a top-10 managed security service provider, but must expand outside the low-margin managing of security into detection and response.

Anetac Targets Service Account Security

The new startup's identity and access management platform uncovers poorly monitored service accounts and secures them from abuse.

Amnesty International Cites Indonesia as a Spyware Hub

The growing amount of surveillance technology being deployed in the country is concerning due to Indonesia's increasing blows to citizens' civil rights.

Paris Olympics Cybersecurity at Risk via Attack Surface Gaps

Though Olympics officials appear to have better secured their digital footprint than other major sporting events have, significant risks remain for the Paris Games.

GAO: NASA Faces 'Inconsistent' Cybersecurity Across Spacecraft

The space agency needs to implement stricter policies and standards when it comes to its cybersecurity practices, but doing so the wrong way would put machinery at risk, a federal review found.

REvil Affiliate Off to Jail for Multimillion-Dollar Ransomware Scheme

Charges against the ransomware gang member included damage to computers, conspiracy to commit fraud, and conspiracy to commit money laundering.

Hacker Sentenced After Years of Extorting Psychotherapy Patients

Two years after a warrant went out for his arrest, Aleksanteri Kivimäki finally has been found guilty of thousands of counts of aggravated attempted blackmail, among other charges.

The Psychological Underpinnings of Modern Hacking Techniques

The tactics employed by hackers today aren't new; they're simply adapted for the digital age, exploiting the same human weaknesses that have always existed.

Dropbox Breach Exposes Customer Credentials, Authentication Data

Threat actor dropped in to Dropbox Sign production environment and accessed emails, passwords, and other PII, along with APIs, OAuth, and MFA info.

Cobalt's 2024 State of Pentesting Report Reveals Cybersecurity Industry Needs

Shadow APIs: An Overlooked Cyber-Risk for Orgs

Unmanaged and unknown Web services endpoints are just some of the challenges organizations must address to improve API security.

Qantas Customers' Boarding Passes Exposed in Flight App Mishap

Some customers found that they had the ability to cancel a stranger's flight to another country after opening the app, which was showing other individuals' flight details.

'Cuttlefish' Zero-Click Malware Steals Private Cloud Data

The newly discovered malware, which has so far mainly targeted Turkish telcos and has links to HiatusRat, infects routers and performs DNS and HTTP hijacking attacks on connections to private IP addresses.