Dark Reading Daily -- November 21, 2024

Though information regarding the exploits is limited, the company did report that Intel-based Mac systems have been targeted by cybercriminals looking to exploit CVE-2024-44308 and CVE-2024-44309.

LATEST SECURITY NEWS & COMMENTARY

Apple Urgently Patches Actively Exploited Zero-Days

Though information regarding the exploits is limited, the company did report that Intel-based Mac systems have been targeted by cybercriminals looking to exploit CVE-2024-44308 and CVE-2024-44309.

China's 'Liminal Panda' APT Attacks Telcos, Steals Phone Data

In US Senate testimony, a CrowdStrike exec explained how this advanced persistent threat penetrated telcos in Asia and Africa, gathering SMS messages, unique identifiers, and other metadata along the way.

'Water Barghest' Sells Hijacked IoT Devices for Proxy Botnet Misuse

An elusive, sophisticated cybercriminal group has used known and zero-day vulnerabilities to compromise more than 20,000 SOHO routers and other IoT devices so far, and then puts them up for sale on a residential proxy marketplace for state-sponsored cyber-espionage actors and others to use.

Alleged Ford 'Breach' Encompasses Auto Dealer Info

Cybersecurity investigators found the leaked data to be information from a third party, not Ford itself, that is already accessible to the public and not sensitive in nature.

Small US Cyber Agencies Are Underfunded & That's a Problem

If the US wants to maintain its lead in cybersecurity, it needs to make the tough funding decisions that are demanded of it.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
Salt Typhoon Hits T-Mobile as Part of Telecom Attack Spree The company says no sensitive data was stolen, but federal agencies claim otherwise. CISA and FBI sources said attackers accessed all records of specific customers and the private communications of targeted individuals. Russian Ransomware Gangs on the Hunt for Pen Testers In further proof of the professionalization of Russian cybercriminal groups, ransomware gangs have been posting job ads for security positions such as pen testers, looking to boost their ransomware deployment operations. Name That Toon: Meeting of Minds Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card. We Can Do Better Than Free Credit Monitoring After a Breach Individual companies and entire industries alike must take responsibility for protecting customer data — and doing the right thing when they fail. MORE

PRODUCTS & RELEASES

Security Industry Association Announces SIA RISE Scholarship Awardees

Kyndryl & Microsoft Unveil New Services to Advance Cyber Resilience for Customers

Akamai Reports Third Quarter 2024 Financial Results

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Linux Variant of Helldown Ransomware Targets VMware ESXi Systems

Since surfacing in August, the likely LockBit variant has claimed more than two dozen victims and appears poised to strike many more.

LATEST FROM THE EDGE

SWEEPS Educational Initiative Offers Application Security Training

The secure coding curriculum, funded by a $2.5 million grant, is available for students and professionals at all stages of their careers.

LATEST FROM DR TECHNOLOGY

RIIG Launches With Risk Intelligence Solutions

RIIG is a risk intelligence and cybersecurity solutions provider offering open source intelligence solutions designed for zero-trust environments.

LATEST FROM DR GLOBAL

African Reliance on Foreign Suppliers Boosts Insecurity Concerns

Recent backdoor implants and cyber-espionage attacks on their supply chains have African organizations looking to diversify beyond Chinese, American tech vendors.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>