DataBreachToday.com

US to Advocate for Human Rights Safeguards from Supporting Member Nations
The United States will support a controversial cybercrime convention initially proposed by Russia that is currently making its way through the United Nations, officials told reporters, while seeking out human rights assurances from supporting member nations.

Malware Spotted Masquerading as Avast Antivirus
Android Spynote malware is masquerading as antivirus software to exploit Android processes to infiltrate devices, seize control and steal sensitive information from unsuspecting users. A report from Cyfirma shows the malware disguising itself as "Avast Mobile Security" in a recent campaign.

UK Government Agencies, Google Join Group that Promotes
Two British government agencies and computing giant Google joined the CHERI Alliance, a group dedicated to promoting a hardware architecture that prevents buffer overflows and heap use-after-free vulnerabilities. Adoption of the architecture is miniscule.

Snyk Boosts API Security with Enhanced Dynamic App Security Testing Capabilities
By buying DAST provider Probely, Snyk bolsters its platform with advanced API security testing for early SDLC stages. This acquisition aims to help developers identify and reduce vulnerabilities in AI-driven and API-heavy applications. Full integration into Snyk's platform is slated for early 2025.

Georgia-Based Memorial Hospital and Manor Among Embargo Group's Latest Victims
Embargo, a newcomer group to the ransomware scene, is threatening to begin publishing 1.15 terabytes of data belonging to a small rural Georgia hospital and nursing home attacked last week unless a ransom is paid before Tuesday. Experts say the double extortion gang disables victims' security tools.

Experts Warn of Intensifying Global Cyber Threats During a Second Trump Presidency
The United States could see an ever-increasing level of global cybersecurity threats as former President Donald Trump returns to office, experts told Information Security Media Group, with foreign adversaries poised to potentially exploit the politically charged transition period.

Developers' Credentials Stolen via Typosquatted ‘Fabric’ Library
A malicious Python package that mimics a popular SSH automation library has been live on PyPi since 2021 and delivers payloads that steal credentials and create backdoors. The package steals AWS access and secret keys, sending them to a remote server operated through a VPN in Paris

Anastasia Georgievskaya, CEO of Haut.AI, on How AI Is Transforming Skincare
Anastasia Georgievskaya, CEO and co-founder of Estonia-based Haut.AI, discusses the challenges of blending artificial intelligence with traditional skincare expertise and how Haut.AI is shaping a privacy-conscious future in beauty. Georgievskaya is also a research scientist at Beauty.AI.

UN Members Urge Better Critical Infrastructure Resilience to Counter Threats
With ransomware attacks on the rise and healthcare getting pummeled more than ever, a coalition of UN members urged countries to focus on collective critical infrastructure defense, while a senior White House official slammed Russia for continuing to harbor the criminals involved.

Financial Services Experts Call for Stronger Focus on Third-Party Risk Management
Financial services leaders and cybersecurity experts said at Information Security Media Group’s 2024 Financial Services Summit that third-party vendor security risks required the need for proactive, multi-layered security frameworks to combat the growing threat landscape.

New AWS-Hosted Solution to Integrate Claude With Palantir AI Platform
Palantir, Anthropic and AWS are developing an AI platform for U.S. defense, using Claude models to enhance decision-making, detect trends and speed document processing. The Biden administration has promoted the adoption of AI for national security.

ML, NLP Tools Collect More Personal Information Than Required, U.K. Regulator Says
Artificial intelligence tools currently used by organizations in the United Kingdom to screen job applicants pose privacy risks and are susceptible to bias and accuracy issues, the U.K. Information Commissioner's Office found. The ICO focused on machine learning and natural language processing.

Also: Potential Government Policy Changes; AI-Driven Zero-Day Discoveries
In the latest weekly update, ISMG editors discussed how the recent election results may reshape U.S. cybersecurity policy and healthcare privacy under HIPAA and the groundbreaking role of artificial intelligence in Google’s recent discovery of a critical zero-day vulnerability.

Google Designates Entrust 'Untrustworthy' After Years of 'Concerning Behaviors'
What's the worst-case scenario for a certificate authority? Citing years of "concerning behaviors," Google and Mozilla are set to treat all new digital certificates issued with Entrust as "untrustworthy," and have urged users to obtain new certificates from a trusted CA.

CISA Adds Critical Palo Alto Flaw to Vulnerability Catalog After Attack Discovery
The Cybersecurity and Infrastructure Security agency warned Palo Alto Networks that a critical vulnerability the technology giant previously patched has been actively exploited since then, according to a new advisory, potentially exposing configuration secrets and credentials.

New CEO Manny Rivelo Focuses on Security, Acquisitions to Empower MSPs, SMBs
New ConnectWise CEO Manny Rivelo is prioritizing security and new acquisitions, aiming to provide MSPs with a streamlined, multi-tenant platform. His vision offers an integrated approach to securing SMBs amid a dynamic threat landscape with capabilities like backup, MDR and managed SIEM.

HHS Alerts on Scattered Spider, Living of the Land, Miracle Exploit, F5 Attacks
Federal authorities are warning the healthcare sector of an array of cyberthreats - including Scattered Spider hacks, living-off-the-land attacks, and bad actors looking to exploit weaknesses such as F5 misconfigurations and also so-called "Miracle Exploit" flaws in some Oracle software.

Noka 'Is Aware of Reports'
Finnish telecommunications equipment manufacturer Nokia is investigating the alleged posting of source code data on a criminal hacking forum. A hacker going by the handle of "IntelBroker" on Thursday posted what he said is a trove of "Nokia-related source code."