CISA has added CE-2024-40766 to its Known Exploited Vulnerabilities catalog.
Follow Dark Reading:
 September 10, 2024
LATEST SECURITY NEWS & COMMENTARY
Akira Ransomware Actors Exploit SonicWall Bug for RCE
CISA has added CE-2024-40766 to its Known Exploited Vulnerabilities catalog.
Gallup Poll Bugs Open Door to Election Misinformation
Researchers flagged a pair of Gallup polling site XSS vulnerabilities that could have allowed malicious actors to execute arbitrary code, access sensitive data, or take over a victim account.
300K Victims' Data Compromised in Avis Car Rental Breach
Though the company reports that data was exfiltrated in the breach, it has been remained tightlipped regarding the kind of data that was exposed.
Chinese Tag Team APTs Keep Stealing Asian Gov't Secrets
A PRC threat cluster known as "Crimson Palace" is demonstrating the benefits of having specialized units carry out distinct stages of a wider attack chain.
How to Establish & Enhance Endpoint Security
Endpoint security has been around for decades, but changes in device use and the quick evolution of new attacks have triggered the development of new security techniques.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Feds Warn on Russian Actors Targeting Critical Infrastructure
In the past, Putin's Unit 29155 has utilized malware like WhisperGate to target organizations, particularly those in Ukraine.

Using Transparency & Sharing to Defend Critical Infrastructure
No organization can single-handedly defend against sophisticated attacks. Governments and private sector entities need to collaborate, share information, and develop defenses against cyber threats

Commercial Spyware Use Roars Back Despite Sanctions
Vendors of mercenary spyware tools used by nation-states to track citizens and enemies have gotten savvy about evading efforts to limit their use.

Malvertising Campaign Builds a Phish for Lowe's Employees
Retail employees are being duped into divulging their credentials by typosquatting malvertisements.

The Role of Trust Anchors in Modern IT Security
To fully realize the benefits trust anchors provide, organizations need to implement processes and technologies that maintain the privacy and security of trust anchors and the personal data they contain.

MORE
PRODUCTS & RELEASES
HackerOne Appoints Kara Sprague As CEO
Kiteworks Bolsters Its Secure Data Collection Capabilities With 123FormBuilder Acquisition
Palo Alto Networks® Closes Acquisition of IBM's QRadar SaaS Assets
MORE PRODUCTS & RELEASES
EDITORS' CHOICE
Cybersecurity Talent Shortage Prompts White House Action
The Biden administration launches an initiative to encourage careers in cybersecurity, as businesses try new tactics to get unfilled IT security roles staffed.
LATEST FROM THE EDGE

10 Writing Tips for Cybersecurity Professionals
It takes more than technical knowledge to write about cybersecurity in a way people want to read. It takes creativity, discipline, and other key skills.
LATEST FROM DR TECHNOLOGY

Open Source Tool Allows Voters to Verify Election Results
The ElectionGuard project allows anyone — voters, campaign staffers, and election officials — to cryptographically verify ballots, a promise that may bolster faith in election integrity.
LATEST FROM DR GLOBAL

'TIDrone' Cyberattackers Target Taiwan's Drone Manufacturers
The Chinese-speaking group is launching sophisticated malware towards military and satellite targets globally.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2024  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us