Cyber Security News

ℹ️ Cybersecurity Talent Isn't as in Demand as You Might Think (2024) Although the need for security professionals is increasing in certain nations, several large economies are experiencing a decline. In Europe, France witnessed a 4.5% decrease from May 2023 to 2024, marking this the third largest reduction among the 15 countries reviewed by LinkedIn's Economic Graph team. The USA and Singapore had even greater declines. Source: LinkedIn News Europe 📷 Image credit: Business Standard @Cyber_Security_Channel

Google Workspace Authentication Vulnerability Allowed Thousands of Emails to be Compromised In its message sent to impacted emails, Google said it fixed the vulnerability within 72 hours of it being discovered and that it has since added “additional detection” processes to ensure it cannot be repeated. Cyber_Security_Channel

🗂 GDPR Data Classification & Cyber Security Template Ideal starting point for SMBs and developing companies.

Table of Contents

— '3rd party Access’ page — 'Where' and 'Why' sheet — 60 types of personal data — 'User Permissions Tracker’ + additional tools inside.

Special Bonus

↳ 'A Practical Guide to GDPR for Small Businesses' eBook (53 pages) for FREE! Enjoy this generous deal from our partners... Download your resources here: → https://gumroad.com/a/710907859/loChz

“Humans Remain the Weakest Link”: Pentesters’ 98% Success in Social Engineering We monitored the responses with bated breath the day we sent the email. Within minutes, the first few employees clicked on the link. By the end of the day, over 80% of the employees, including several high-ranking executives, had fallen for the ruse. They clicked the link and entered their usernames and passwords without hesitation. Cyber_Security_Channel

North Korean Hackers Target Critical Infrastructure for Military Gain The threat actor primarily targets organizations in the: — Energy — Nuclear — Defense — Aerospace — Engineering Sectors, to exfiltrate information such as: — Contract specification — Design drawings — Project data Cyber_Security_Channel

Most Airlines Except One Are Recovering From the CrowdStrike Tech Outage. The Feds Have Noticed Transportation Secretary Pete Buttigieg spoke to Delta CEO Ed Bastian on Sunday about the airline’s high number of cancellations since Friday. Buttigieg said his agency had received “hundreds of complaints” about Delta, and he expects the airline to provide hotels and meals for travelers who are delayed and to issue quick refunds to customers who don’t want to be rebooked on a later flight. Cyber_Security_Channel

🎙"80% of Your Security Comes from 20% of Your Controls" → 2024 Strategies for Balancing Cost and Security Controls with Mads Nielsen [LIVE WEBINAR] 📅 Thursday, 1st of August ⏰ 2:00 PM, GMT+2

Mads will Cover

• Identifying Misplaced Priorities: Which controls might you have wrong? • Top Priority Controls: Three essential controls for maximum impact. • Cost-Effective Playbook: Craft a CISO playbook that balances security needs and budget constraints. • CISO Priority Map: Hardening, Firewalls/WAP, Strong passwords.

Featured Insights

• Recent Data Breaches & Budget Impacts: Learn from UnitedHealth Group and Trello incidents — recent high-profile data breaches. • CrowdStrike Incident: Understand the lessons from the recent CrowdStrike update failure. • Emerging 2024 Threats: Insights from the CrowdStrike 2024 Global Threat Report.

How to Attend?

↳ Register via the following link → click here. ----- #ad #paidpromotion #sponsored @Cyber_Security_Channel

Wiz Walks Away From $23 Billion Deal with Google, Will Pursue IPO Wiz has walked away from a $23 billion deal to be bought by Google, in what would have been the search giant’s largest-ever acquisition, telling employees it would pursue an IPO as previously planned. Rappaport wrote that the company would focus on its next milestones: an initial public offering and $1 billion in annual recurring revenue. The deal would have nearly doubled the $12 billion valuation of the startup from its most recent round of funding. Wiz was founded in 2020 and has grown rapidly under Assaf Rappaport, who had been targeting an IPO as recently as May. Discussion question for the community: → Do you think that was the right decision for them? @Cyber_Security_Channel

📩 CyberWeekly by Hacklido — Issue №6; 20th of July, 2024 Dive into the latest insights with the current edition of the CyberWeekly Newsletter, courtesy of Hacklido. Uncover discussions on a wide range of themes, such as: • HIPPA • Snort IPS • Crowdstrike outage • CVE202427956 - SQLi • Healthcare ransmoware • RAG manipulation attacks • Oracle bulk patch updates • Active Directory pentesting • CVE202440626 - XSS (Stored) There is much more to explore in this version. Read the full article here. ----- → If your Company / Project / Community wants to become a partner of Cyber Security News... Please, do not hesitate to contact us by sending a direct message to @cybersecadmin ----- @Cyber_Security_Channel

Arrest Made in MGM Resorts $100 Million Hacking Attack A 17-year-old boy from Walsall has been arrested in connection with a global cyber online crime group targeting large organisations with ransomware and gaining access to computer networks. The BetMGM 2024 cyber attack is one of the significant cases under investigation. Cyber_Security_Channel

Major Data Breaches That Have Rocked Organizations in 2024 Find out what led to the breaches and how they affected the breached organizations. The information in this recap might help your organization strengthen its cybersecurity posture. Cyber_Security_Channel

📩 CyberWeekly by Hacklido — Issue №5; 13th of July, 2024 Dive into the latest insights with the current edition of the CyberWeekly Newsletter, courtesy of Hacklido. Get ready to explore all of the exhilarating things that are on the table in this release: • HIPPA • Snort IPS • Crowdstrike outage • CVE202427956 - SQLi • Healthcare ransmoware • RAG manipulation attacks • Oracle bulk patch updates • Active Directory pentesting • CVE202440626 - XSS (Stored) There is much more to explore in this version. Read the full article here. ----- → If your Company / Project / Community wants to become a partner of Cyber Security News... Please, do not hesitate to contact us by sending a direct message: @cybersecadmin ----- @Cyber_Security_Channel

💡 Computer Networking: All-in-One For Dummies Our partners at Codelivly created a hyper effective resource for Cyber Security beginners. 13 modules, full of value: — Theory + hands-on learning — Fundamentals + advanced topics — Knowledge + skills to navigate networking = A no-brainer offer. Helping you become a better specialist. Grab 178 pages of content and upskill yourself: ↳ https://codelivly.gumroad.com/l/computer-networking

⚡️Microsoft Users Around the World Report Widespread Outages Banks, airlines, TV stations and health systems in countries around the world that rely on Microsoft's 365 apps reported widespread outages Friday. Microsoft IT outage disrupts flights, banks, media outlets, and companies worldwide. Thousands of flights and train services were cancelled in the U.S. and Europe, and there were disruptions to many other public and retail services. In a statement to CBS News later on Friday, CrowdStrike CEO George Kurtz said that the issue had been identified and a solution was being implemented. "CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted," Kurtz said. "This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed." @Cyber_Security_Channel

What Is Cloud Penetration Testing & Why Is It Important? Cloud computing involves the storage, processing and management of data and applications on remote servers, often provided by third-party service providers. These applications can range from your simple email service to something as robust as cloud identity and management access services. Cyber_Security_Channel

Nearly All Customers Affected by New AT&T Data Breach The company said that it believes that none of the data is publicly available. AT&T serves upwards of 100 million customers in the US, meaning that data from hundreds of millions of people has been obtained and could be used for various nefarious activities. Cyber_Security_Channel

Google Near $23 Billion Deal for Cybersecurity Startup Wiz This deal is set to be company's largest acquisition in history, so far. Google has been working to bulk up its cybersecurity business, focused on the cloud. Alphabet is eyeing the deal at a time of intense antitrust scrutiny of the search company and other tech giants. The acquisition could also help boost Alphabet’s efforts in cloud computing, an important and growing business but one where it has lagged behind peers. @Cyber_Security_Channel

📩 CyberWeekly by Hacklido — Issue №5; 13th of July, 2024 The CyberWeekly Newsletter powered by our partners (Hacklido) is back on your feed. Get ready to explore all of the exhilarating things that are on the table in this release: • WGU • STOK • EvilnoVNC • Polyfill(.)io • Pentesting AD • Windows Remoting • False File Immutability • Evernote & Universal RCE • Reverse engineering .NET • Global AppSec 2024 Lisbon • CVE-2021-40444, MSHTML Find more exciting materials inside this version. Read the full publication here. ----- → If your Company / Project / Community wants to become a partner of Cyber Security News... Please, do not hesitate to contact us by sending a direct message: @cybersecadmin ----- @Cyber_Security_Channel

Cybersecurity Stakes Higher Than Ever at Paris Olympics 2024 As the world gears up for the Paris Olympic Games 2024, attention turns to the athletic feats that will be on display and the massive cybersecurity challenges of hosting such a high-profile international event. With nearly 3 million spectators expected to attend the 329 events held over a 6-week period, spending an estimated $4 billion... The stakes for cybersecurity are higher than ever. Olympics have increasingly become a major target for cyber attacks. The Tokyo Olympics 2021 saw a staggering 450 million attempted cyberattacks – a 2.5x increase from the London Olympic Games 2012. For bad actors, the Olympics present an enticing combination of factors: — Large crowds — Limited physical presence — Highly distributed events staff — Zero margin for error and downtime @Cyber_Security_Channel

A Hacker Posted Nearly 10 Billion Passwords Online — Likely the Biggest Leak Ever The report claimed that not all the passwords in the file appeared to be new which means that they have been leaked previously and this increases the chance of “credential stuffing.” As per the practice, a bad actor can take a user’s known password and try to reuse it to break into other accounts in their name, Cybernews, a cybersecurity-focused news outlet, explained. Cyber_Security_Channel