Daily Briefing for 10.31.24

Attacks, Threats, and Vulnerabilities

Government Organizations Face Surge in Malware and DDoS Attacks, Raising Alarms Over Potential Election Disruption (SonicWall) Newest report highlights some escalating risks to critical infrastructure as election day approaches

GreyNoise Intelligence Discovers Zero-Day Vulnerabilities in Live Streaming Cameras with the Help of AI (GreyNoise Blog) GreyNoise has discovered previously undisclosed zero-day vulnerabilities in IoT-connected live streaming cameras, leveraging AI to catch an attack before it could escalate. This marks one of the first instances where threat detection has been augmented by AI to discover zero-day vulnerabilities.

Inside a Firewall Vendor's 5-Year War With the Chinese Hackers Hijacking Its Devices (WIRED) Sophos went so far as to plant surveillance “implants” on its own devices to catch the hackers at work—and in doing so, revealed a glimpse into China's R&D pipeline of intrusion techniques.

Every Doggo Has Its Day: Unleashing the Xiū Gǒu Phishing Kit | Netcraft (Netcraft) Key data  This article explores Netcraft’s research into Xiū gǒu (修狗), a phishing kit in use since at least September 2024 to deploy phishing campaigns ...

Don't Let Scammers Steal Your Holiday Cheer: New Norton Report Reveals Nearly Half of U.S. Consumers Were Targeted by a Scam While Online Shopping (Gen Digital Newsroom) Norton's Cyber Safety Sunday Helps Shoppers Stay Safe Ahead of the Peak Holiday Shopping Season TEMPE, Ariz. and PRAGUE, Oct. 29, 2024 /PRNewswire/ -- Holiday shopping is in full swing, with over...

MacOS Malware Surges as Corporate Usage Grows (Trellix) With more corporate users, the platform has become increasingly attractive to criminals, ranging from eCrime all the way to Advanced Persistent Threat (APT) actors.

Forescout Vedere Labs Unveils Riskiest Connected Medical Devices (Forescout) Report Identifies 162 Vulnerabilities, Potentially Exposing Patient Data, Disrupting Healthcare Operations, and Posing Risks to Patient Safety

Trends

Latest ISC2 Study Finds that AI Viewed as Catalyst for Career Growth, Stronger Security Despite Slowing Growth in Cybersecurity Workforce (PR Newswire) /PRNewswire/ -- ISC2 – the world's leading nonprofit member organization for cybersecurity professionals – today released the 2024 ISC2 Cybersecurity Workforce...

Veracode Research Highlights Financial Sector’s Escalating Security Debt (BusinessWire) State of Software Security Report Finds Half of Financial Organizations Have High-Severity Security Flaws in Their Apps

2024 Trustwave Risk Radar Report: Cyber Threats to the Retail Sector (Trustwave) The 2024 Trustwave Risk Radar Report: Retail Sector reveals that cybercriminals have sharpened their tactics, utilizing ransomware and phishing attacks.

Traceable Releases 2025 State of API Security Report: API Breaches Persist as Fraud, Bot Attacks, and Generative AI Increase Risks (Traceable) 57% of Organizations Suffer API-related Breaches; Fraud, Bot Attacks, and Generative AI Applications Exploit API Vulnerabilities as Traditional Defenses Fail

Products, Services, and Solutions

Oasis Security Launches Industry-First Non-Human Identity Ownership Discovery Engine (PR Newswire) /PRNewswire/ -- Oasis Security, the leading provider of Non-Human Identity Management (NHIM) solutions, announced today an industry-first NHI Ownership...

Keyfactor Recognized as the Leader in PKI-as-a-Service by Frost & Sullivan (BusinessWire) Digital Trust Leader Secures Top Spot in the 2024 Frost Radar™ Out of 20 PKIaaS Vendors Considered

Seemplicity Announces Next Evolution of RemOps Platform with AI-Powered Capabilities (PR Newswire) /PRNewswire/ -- Seemplicity, the industry's leading Remediation Operations (RemOps) platform provider, today announced the next generation of its flagship...

LogicGate Further Empowers Customers with New Record Linking Recommendations and AI Text Assistant Features through Risk Cloud Spark AI (PR Newswire) /PRNewswire/ -- LogicGate, the holistic GRC experts delivering leading solutions for cyber, governance, risk, and compliance leaders, is excited to empower...

Trulioo Instant Results Capability Accelerates Identity Matching by 56% (BusinessWire) Verification Platform Reinforces Industry Leadership With 33% Year-Over-Year Increase in Enterprise Transaction Volume

TRM Labs and Flashpoint Join Forces to Enhance Visibility into Cyberattacks Involving Cryptocurrencies (GlobeNewswire News Room) TRM Labs and Flashpoint have announced a strategic partnership to strengthen cybersecurity efforts by integrating Flashpoint’s threat intelligence into...

watchTowr Partners with Orange to Redefine External Attack Surface Management for Strategic Enterprise Customers (BusinessWire) New Partnership Focuses on APAC Region with Plans for Global Expansion

Technologies, Techniques, and Standards

Inside the counter-offensive tactics, techniques, and procedures used to neutralize China-based threats (Sophos) In the story, we disclose how the attackers used a series of campaigns with novel exploits and customized malware to conduct surveillance, sabotage, and cyberespionage.

Intel Co-Develops One of Three New Post-Quantum Crypto Standards Released by NIST (Intel) Manoj Sastry is a senior principal research scientist at Intel Labs. Highlights The U.S. National Institute of Standards and Technology (NIST) released three post-quantum cryptography standards designed to provide data security and withstand future adversarial attacks from quantum computers. Inte...

Securing the Core: Why Operating System Hardening is Vital for Cybersecurity  (VERITI) Veriti’s latest research reveals how attackers exploit OS vulnerabilities. Discover OS hardening techniques to protect against advanced tactics from threats like Magic Hound and Quasar RAT.

Legislation, Policy, and Regulation

Agencies face ‘inflection point’ ahead of looming zero-trust deadline, CISA official says (CyberScoop) Shelly Hartsook said she’s seen promising data on implementation of security protocols ahead of next week’s due date for agencies to submit updated plans.

For a complete running list of events, please visit the Event Tracker.

Events

Pacific Hackers Conference (Mountain View, California, USA, Nov 2, 2024) Pacific Hacker Conference is an information security and hacking conference that gathers the brightest minds in cybersecurity and hacking from Silicon Valley and beyond. Focusing on cutting-edge techniques, research, and developments, we aim to create an environment where knowledge is shared and connections are made. Our audience ranges from security professionals, researchers, and ethical hackers to industry decision-makers. We keep the conference small, allowing us to provide what other Cons leave out.

SecureWorld Seattle (Bellevue, Washington, USA, Nov 6 - 7, 2024) Join your regional cybersecurity community for high-quality, affordable training and collaboration. Earn 12-18 CPE credits through 30+ educational sessions learning from local and nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays—all while networking with peers in InfoSec.

Beyond Earth Symposium (Washington, DC, USA, Nov 12 - 13, 2024) The acceleration of space innovations that will enable space migration is outpacing public policy and international law regimes. Beyond Earth Institute’s mission is to create a policy and legal framework to support the robust development of an in-space economy and the expansion of human civilization beyond Earth. At the Beyond Earth Symposium 2024, we will wrestle with the critical current issues of the day and delve into the bleeding edge issues that must be moved to the center of international debate. What we do in a post-ISS era is an urgent, immediate concern. Policies that can foster the creation of a lunar-based economy are equally important. Let’s be bold together! Join stakeholders from across the industry, government, and international sector for this third annual Beyond Earth Symposium. Momentum is building to transform policy and legal landscape to enable a space migration future. Dare to be part of this work.

SecureWorld Midwest Virtual Conference (Virtual, Nov 13, 2024) Join with cybersecurity professionals for training and information sharing through an interactive online experience. Earn 6 CPE credits learning from nationally recognized industry leaders. The agenda offers 12+ educational presentations, including panel discussions, breakout sessions, and keynotes. Connect with your peers in the Networking Lounge, enter to win prizes, and see demos and resources from top solution vendors in the Exhibitor Hall.

CYBERSAT24 (Reston, Virginia, USA, Nov 18 - 20, 2024) CyberSat Summit has been at the forefront of the satellite industry’s burgeoning cybersecurity landscape since the event’s launch in 2017. Initially run as a single annual event, it morphed into two separate events in recent years – CyberLEO and CyberSatGov. This was done in response to changing market conditions, most notably the huge growth of LEO satellites and the corresponding rise of commercial interest in space. While CyberSatGov and CyberLEO were successful independently, the continued demand for LEO architectures and the ever-increasing collaboration between government and industry meant that these conversations needed to happen under one roof. As a result, 2024 will feature a single CyberSat event in November, where for the first time in its 7-year history, we will nearly double the event’s content offerings to include two concurrent tracks – one track titled “Space Infrastructure” and the second track titled “Space Data & Technology.” The “Space Infrastructure” track will continue CyberSat’s legacy focus on the overall satellite cybersecurity ecosystem and the protection of tangible assets like ground systems and satellite components, while the new “Space Data & Technology” track will focus on emerging technologies and the protection of space’s intangible assets like data. Keynotes, and a handful of general sessions, will contain talks that apply to all attendees.