π΅οΈββοΈ Microsoft to Host Windows Security Summit in CrowdStrike Outage Aftermath π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The tech giant seeks to work with endpoint security partners, including CrowdStrike, on how to prevent an outage event of such gravity from happening again.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Microsoft to Host Windows Security Summit Post-CrowdStrike
The tech giant seeks to work with endpoint security partners, including CrowdStrike, on how to prevent an outage event of such gravity from happening again.
π1
π΅οΈββοΈ Cybercriminals Tap Greasy Opal to Create 750M Fake Microsoft Accounts π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Such cyberattack enablement services let attackers breach security measures, establish new fake accounts, and bruteforce servers.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Cybercriminals Tap Greasy Opal to Create 750M Fake Microsoft Accounts
Such cyberattack enablement services let attackers breach security measures, establish new fake accounts, and brute-force servers.
ποΈ Microsoft Fixes ASCII Smuggling Flaw That Enabled Data Theft from Microsoft 365 Copilot ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Details have emerged about a nowpatched vulnerability in Microsoft 365 Copilot that could enable the theft of sensitive user information using a technique called ASCII smuggling. "ASCII Smuggling is a novel technique that uses special Unicode characters that mirror ASCII but are actually not visible in the user interface," security researcher Johann Rehberger said. "This means that an attacker.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Google Warns of CVE-2024-7965 Chrome Security Flaw Under Active Exploitation ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Google has revealed that a security flaw that was patched as part of a security update rolled out last week to its Chrome browser has come under active exploitation in the wild. Tracked as CVE20247965, the vulnerability has been described as an inappropriate implementation bug in the V8 JavaScript and WebAssembly engine. "Inappropriate implementation in V8 in Google Chrome prior to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ Australia and Google turn to AI to protect critical infrastructure π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Australia's CSIRO partners with Google to develop homegrown AI security tools for infrastructure.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Australia and Google turn to AI to protect critical infrastructure
Australia's CSIRO partners with Google to develop homegrown AI security tools for infrastructure
π A Third of Organizations Suffer SaaS Data Breaches π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
AppOmni report claims number of companies suffering SaaSrelated data breaches has jumped five percentage points over past year.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
A Third of Organizations Suffer SaaS Data Breaches
AppOmni report claims number of companies suffering SaaS-related data breaches has jumped five percentage points over past year
π1
π’ Uber hit with β¬290m fine for storing European driver data in the US π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The fine marks the latest imposed on Uber by the Dutch data protection authority.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Uber hit with β¬290m fine for storing European driver data in the US
The fine marks the latest imposed on Uber by the Dutch data protection authority
π Uber Hit With β¬290m GDPR Fine π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The Dutch data protection regulator has imposed a 290m GDPR fine on Uber for storing driver data in the US without adequate safeguards.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Uber Hit With β¬290m GDPR Fine
The Dutch data protection regulator has imposed a β¬290m GDPR fine on Uber for storing driver data in the US without adequate safeguards
π₯1
π’ Teleport partners with TD Synnex to tackle identity-focused cyber attacks π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The new distribution agreement will enable customers to procure secure infrastructure access solutions from a single source.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
channelpro
Teleport partners with TD Synnex to tackle identity-focused cyber attacks
The new distribution agreement will enable customers to procure secure infrastructure access solutions from a single source
π’ North Korean insider attacks are skyrocketing β dozens of US firms didn't spot the hacker in their midst π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
A North Korean threat campaign sneaking hackers into US firms as fake IT workers is just the tip of the iceberg, researchers have warned.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
North Korean insider attacks are skyrocketing β dozens of US firms didn't spot the hacker in their midst
North Korean threat campaigns are sneaking hackers into US firms as fake IT workers - and the trend shows no sign of stopping
π΅οΈββοΈ Why Every Business Should Prioritize Confidential Computing π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Confidential computing safeguards data in use, making it a crucial component of cloud security.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Why Every Business Should Prioritize Confidential Computing
Confidential computing safeguards data in use, making it a crucial component of cloud security.
π¦Ώ The 5 Best Free Endpoint Protection Platforms for 2024 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Discover our top picks for reputable free endpoint protection platforms and compare their features, pros and cons in this indepth guide.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
The 5 Best Free Endpoint Protection Platforms for 2024
Discover our top picks for reputable free endpoint protection platforms and compare their features, pros and cons in this in-depth guide.
π§ Cost of data breaches: The business case for security AI and automation π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
As Yogi Berra said, Its dj vu all over again. If the idea of the global average costs of data breaches rising year over year feels like more of the same, thats because it is. Data protection solutions get better, but so do threat actors. The other broken record is the underuse or misuse of The post Cost of data breaches The business case for security AI and automation appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
Cost of data breaches: The business case for security AI and automation
IBM's 2024 comprehensive report shows that the use of modern technologies, such as AI automation, reduced breach costs by $2.2 million.
ποΈ CTEM in the Spotlight: How Gartner's New Categories Help to Manage Exposures ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Want to know whats the latest and greatest in SecOps for 2024? Gartners recently released Hype Cycle for Security Operations report takes important steps to organize and mature the domain of Continuous Threat Exposure Management, aka CTEM. Three categories within this domain are included in this years report Threat Exposure Management, Exposure Assessment Platforms EAP, and Adversarial.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π FBI Flawed Data Handling Raises Security Concerns π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A US Justice Department watchdog has found significant weaknesses in the FBIs physical and online media storage and disposal processes.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
FBI Flawed Data Handling Raises Security Concerns
A US Justice Department watchdog has found βsignificant weaknessesβ in the FBIβs physical and online media storage and disposal processes
π Suspected Cyber-Attack Causes Travel Chaos at Seattle Airport π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The Port of Seattle revealed system outages at the citys airport may have been caused by a cyberattack, affecting early Labor Day travel.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Suspected Cyber-Attack Causes Travel Chaos at Seattle Airport
The Port of Seattle revealed system outages at the cityβs airport may have been caused by a cyber-attack, affecting early Labor Day travel
β€1
ποΈ Chinese Volt Typhoon Exploits Versa Director Flaw, Targets U.S. and Global IT Sectors ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Chinanexus cyber espionage group tracked as Volt Typhoon has been attributed with moderate confidence to the zeroday exploitation of a recently disclosed highseverity security flaw impacting Versa Director. The attacks targeted four U.S. victims and one nonU.S. victim in the Internet service provider ISP, managed service provider MSP and information technology IT sectors as early.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π¦
High-Risk CVE-2024-7965 Vulnerability in Chromeβs V8 Engine Requires Quick Fix π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key Takeaways CISA has included a type of confusion vulnerability affecting Google Chrome and potentially other Chromiumbased browsers in its Known Exploited Vulnerabilities KEV catalog, highlighting its seriousness and potential for exploitation. CVE20247965 affects Chrome's V8 JavaScript engine, allowing attackers to exploit heap corruption through specially crafted HTML pages. Its high CVSS score of 8.8 indicates a severe threat to system confidentiality and integrity. Google has acknowledged that CVE20247965 is actively being exploited. A critical patch has been released in Chrome versions 128.0.6613.84 for Linux and 128.0.6613.84.85 for Windows and Mac. Due to the active exploitation of this vulnerability, it is crucial for all users to update their browsers immediat...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Urgent Fix Needed For Chrome V8 Engine CVE-2024-7965
CVE-2024-7965 is a critical flaw in Chrome's V8 engine, posing high-risk to browsers. Update now to protect against security threats. Learn more at Cyble.
βοΈ New 0-Day Attacks Linked to Chinaβs βVolt Typhoonβ βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Malicious hackers are exploiting a zeroday vulnerability in Versa Director, a software product used by many Internet and IT service providers. Researchers believe the activity is linked to Volt Typhoon, a Chinese cyber espionage group focused on infiltrating critical U.S. networks and laying the groundwork for the ability to disrupt communications between the United States and Asia during any future armed conflict with China.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
New 0-Day Attacks Linked to Chinaβs βVolt Typhoonβ
Malicious hackers are exploiting a zero-day vulnerability in Versa Director, a software product used by many Internet and IT service providers. Researchers believe the activity is linked to Volt Typhoon, a Chinese cyber espionage group focused on infiltratingβ¦
β€1
π MOVEit Hack Exposed Personal Data of Half Million TDECU Users π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The Texas Dow Employees Credit Union told the Maine Attorney General the MOVEit data breach compromised information of over 500,000 members.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
MOVEit Hack Exposed Personal Data of Half Million TDECU Users
The Texas Dow Employees Credit Union told the Maine Attorney General the MOVEit data breach compromised information of over 500,000 members
π¦
Cloud Storage Bucket Security: PII Leak Brings Renewed Focus to Storage Bucket Access Controls π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key Takeaways News of a Google Cloud Storage bucket data leak has once again drawn public attention to the risks of misconfigured cloud storage buckets, one of the most common cloud security issues and causes of data leaks. Alices Table, a former contestant on ABCs Shark Tank, inadvertently leaked the personally identifiable information PII of more than 83,000 customers from a misconfigured Google Cloud Storage bucket. The leak underscores the importance of cloud storage bucket access controls as well as regularly auditing permissions and monitoring for data leaks. Cloud storage bucket leaks are very common Cyble Odin is presently detecting more than 500,000 such exposures between AWS and Google Cloud Storage. We look at best practices for cloud storage bucket access con...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
π₯2