The Water Hydra cyberattacker group is one adversary using the zero-days to get past built-in Windows protections.
Follow Dark Reading:
 February 14, 2024
LATEST SECURITY NEWS & COMMENTARY
Attackers Exploit Microsoft Security-Bypass Zero-Day Bugs
The Water Hydra cyberattacker group is one adversary using the zero-days to get past built-in Windows protections.
Ivanti Gets Poor Marks for Cyber Incident Response
Cascading critical CVEs, cyberattacks, and delayed patching are plaguing Ivanti VPNs, and forcing cybersecurity teams to scramble for solutions. Researchers are unimpressed.
Glupteba Botnet Adds UEFI Bootkit to Cyberattack Toolbox
A malware with every malicious feature in the book is adding new pages, with a fresh ability to invade the lowest levels of a Windows machine.
Hamas Cyberattacks Ceased After the Oct. 7 Terror Attack. But Why?
Hamas-linked threat actors have defied norms, with no discernible uptick in cyber operations prior to the group's attack in Israel — and a complete abandonment of them thereafter.
Ivanti VPN Flaw Exploited to Inject Novel Backdoor; Hundreds Pwned
A SAML vulnerability in Ivanti appliances has led to persistent remote access and full control for opportunistic cyberattackers.
BofA Warns Customers of Data Leak in Third-Party Breach
An attack on a technology partner claimed by LockBit ransomware exposed sensitive information, including Social Security numbers, of more than 57,000 banking customers.
FCC Requires Telecom & VoIP Providers to Report PII Breaches
The Commission's breach rules for voice and wireless providers, untouched since 2017, have finally been updated for the modern age.
Aircraft Leasing Company Acknowledges Cyberattack in SEC Filing
Black Basta ransomware claimed responsibility, but the company says its investigation is ongoing.
CISO and CIO Convergence: Ready or Not, Here It Comes
Recent shifts underscore the importance of collaboration and alignment between these two IT leaders for successful digital transformation.
Islamic Nonprofit Infiltrated for 3 Years With Silent Backdoor
Saudi Arabia charity was under surveillance with the modified reverse proxy tool, researchers discovered.
(Sponsored Article) Redefining Cyber Defense: Fighting Emerging Threats With AI
To combat the ever-evolving threat landscape, defenders need artificial intelligence (AI)-native technology.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Ongoing Azure Compromises Target Senior Execs, Microsoft 365 Apps
Attackers are breaching cloud environments and playing games with corporate Microsoft 365 apps, and further victims are likely to come.

It's Time to Rethink Third-Party Risk Assessment
Continuously evaluating and updating your third-party risk assessment can improve your security posture and ensure your company doesn't have the next headline-making incident.

How 'Big 4' Nations' Cyber Capabilities Threaten the West
Russia, China, Iran, and North Korea pose significant cyber threats to Western nations.

33M French Citizens Impacted in Country's Largest-Ever Breach
Viamedis and Almerys, two payment processors widely used by French health insurers, were victims of cyberattackers who struck five days apart.

MORE
PRODUCTS & RELEASES
OPSWAT Invests $10M in Scholarship Learning Program to Help Close Cybersecurity Skills Gap
Akto Launches Proactive GenAI Security Testing Solution
OpenText Joins the Joint Cyber Defense Collaborative to Enhance US Government Cybersecurity
ISC2 Collaborates With IBM to Launch Entry-Level Cybersecurity Certificate
BlackBerry Provides Update on Progress in Separation of Divisions and Path to Profitability
MORE PRODUCTS & RELEASES
EDITORS' CHOICE
Fortinet, Ivanti Keep Customers Busy With Yet More Critical Bugs
Brand-new vulnerabilities from both vendors this week — one exploited in the wild — add to a steady stream of critical security issues in the security platforms.
LATEST FROM THE EDGE

How Changes in State CIO Priorities for 2024 Apply to API Security
The National Association of State Chief Information Officers' top 10 list sheds light on where state and local governments need to direct their cybersecurity efforts. Here's what it means for application security.
LATEST FROM DR TECHNOLOGY

Forget Deepfakes or Phishing: Prompt Injection is GenAI's Biggest Problem
With prompt injection, AI puts new spin on an old security problem
LATEST FROM DR GLOBAL

Middle East & Africa CISOs Plan to Increase 2024 Budgets by 10%
New data shows higher-than-expected cybersecurity growth in the Middle East, Turkey, and Africa region, thanks to AI and other factors.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2024  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us