March 15

News/Trends

• GhostRace – New Data Leak Vulnerability Affects Modern CPUs

• Malicious Python Packages Target Crypto Wallet Recovery Passwords

• Cloud Account Attacks Surged 16-Fold in 2023

• RedCurl Cybercrime Group Abuses Windows PCA Tool for Corporate Espionage

• Ande Loader Malware Targets Manufacturing Sector in North America

• Google Paid $10m in Bug Bounties to Security Researchers in 2023

• Embracing the Cloud: Revolutionizing Privileged Access Management with One Identity PAM Essentials

• New Research Exposes Security Risks in ChatGPT Plugins

• Lawmakers Slam UK Government’s “Ostrich Strategy” for Cybersecurity

• DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack

Law/Policy

• EU Parliament Adopts AI Act

• New DOD Cyber Policy Office Opening Soon, Sources Say

• FCC Adopts Voluntary ‘Cyber Trust Mark’ Labeling Rule for IoT Devices

• ODNI Releases New Open-Source Intelligence Strategy With Limited Details

• Bills Targeting Data Brokers and TikTok Approved in House Committee

• US Federal Budget Proposes $27.5B for Cybersecurity

Technical

• Privacy Preserving Anomaly Detection on Homomorphic Encrypted Data from IoT Sensors

• Skeptic: Automatic, Justified and Privacy-Preserving Password Composition Policy Selection

• Reflection of Federal Data Protection Standards on Cloud Governance

• REPQC: Reverse Engineering and Backdooring Hardware Accelerators for Post-quantum Cryptography

Report, blogs, podcasts

• New Report Suggests Surge in SaaS Assets, Employee Data Sharing

• Scareware scam: Restoro and Reimage fined $26 million by FTC

• How Advances in AI are Impacting Business Cybersecurity

• Improving C++

• Smashing Security podcast #363: Stuck streaming sticks, TikTok conspiracies, and spying cars

• BSAM: Open-Source Methodology for Bluetooth Security Assessment

• US Intelligence Predicts Upcoming Cyber Threats for 2024

• Patch Tuesday, March 2024 Edition

• Using LLMs to Unredact Text

• Incognito Darknet Market Mass-Extorts Buyers, Sellers