December 22

News/Trends

• Microsoft Warns of New ‘FalseFont’ Backdoor Targeting the Defense Sector

• Experts Detail Multi-Million Dollar Licensing Model of Predator Spyware

• Operation RusticWeb: Rust-Based Malware Targets Indian Government Entities

• BattleRoyal Cluster Signals DarkGate Surge

• Decoy Microsoft Word Documents Used to Deliver Nim-Based Malware

• New Report: 85% Firms Face Cyber Incidents, 11% From Shadow IT

• Court of Justice of the European Union Rules That Fear May Constitute Damage Under the GDPR

• New JavaScript Malware Targeted 50,000+ Users at Dozens of Banks Worldwide

• Top 7 Trends Shaping SaaS Security in 2024

• US and Australia Warn of Play Ransomware Threat

• Technology Manufacturers Urged to Eliminate Passwords

Law/Policy

• New Rules in UK Could Reimburse Fraud Victims up to £415,000 ($525,000)

• FTC Proposes Tougher Children’s Data Privacy Rules for First Time in a Decade

• Digital Services Act’s Impact on Terms of Service

• What the SEC Weighed in Finalizing the Cyber Disclosure Rules

• China’s MIIT Introduces Color-Coded Action Plan for Data Security Incidents

Technical

• One for All, All for One: A Unified Evaluation Framework for Univariate DPA Attacks

• An Approach to Abstract Multi-stage Cyberattack Data Generation for ML-Based IDS in Smart Grids

• Android Malware Detection with Unbiased Confidence Guarantees

• Applications of Neural Network-Based AI in Cryptography

• Can Large Language Models Identify And Reason About Security Vulnerabilities? Not Yet.

• Discovering Malicious Signatures in Software from Structural Interactions

Report, blogs, podcasts

• Data Exfiltration Using Indirect Prompt Injection

• Cyberattack on Ukraine’s Kyivstar Seems to Be Russian Hacktivists

• Smashing Security podcast #353: Phone hacking, Piers Morgan, and Carole’s Christmas cockup

• Episode 254: Dennis Giese’s Revolutionary Robot Vacuum Liberation Movement

• What Role Does Cybersecurity Awareness Play in Education?

• GCHQ Christmas Codebreaking Challenge

• BlackCat Ransomware Raises Ante After FBI Disruption

• Sharing stories on the CyberTuesday podcast

• OpenAI Is Not Training on Your Dropbox Documents—Today

• News alert: Salvador Technologies raises $6M to empower cyber resilience in critical systems