Dark Reading Daily -- October 01, 2024

Critics viewed the bill as seeking protections against nonrealistic "doomsday" fears, but most stakeholders agree that oversight is needed in the GenAI space.

LATEST SECURITY NEWS & COMMENTARY

Calif. Gov. Vetoes AI Safety Bill Aimed at Big Tech Players

Critics viewed the bill as seeking protections against nonrealistic "doomsday" fears, but most stakeholders agree that oversight is needed in the GenAI space.

Overtaxed State CISOs Struggle With Budgeting, Staffing

CISOs for US states face the same kinds of challenges those at private companies do: lots of work to handle, but not necessarily enough money or people to handle it sufficiently well.

Sloppy Entra ID Credentials Attract Hybrid Cloud Ransomware

Microsoft warns that ransomware group Storm-0501 has shifted from buying initial access to leveraging weak credentials to gain on-premises access before moving laterally to the cloud.

DoJ Charges 3 Iranian Hackers in Political 'Hack & Leak' Campaign

The cyberattackers allegedly stole information from US campaign officials only to turn around and weaponize it against unfavored candidates.

Elaborate Deepfake Operation Takes a Meeting With US Senator

The threat actors managed to gain access to Sen. Ben Cardin (D-Md.) by posing as a Ukrainian official, before quickly being outed.

UAE, Saudi Arabia Become Plum Cyberattack Targets

Hacktivism-related DDoS attacks have risen 70% in the region, most often targeting the public sector, while stolen data and access offers dominate the Dark Web.

Treat Your Enterprise Data Like a Digital Nomad

By combining agility with compliance, and security with accessibility, businesses will treat their data as a well-prepared traveler, ready for any adventure.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
Millions of Kia Vehicles Open to Remote Hacks via License Plate The vulnerability is the latest discovered in connected vehicles in recent years, and it points out the cyber dangers lurking in automotive APIs. Shadow AI, Data Exposure Plague Workplace Chatbot Use Productivity has a downside: A shocking number of employees share sensitive or proprietary data with the generational AI platforms they use, without letting their bosses know. Could Security Misconfigurations Become No. 1 in OWASP Top 10? As Superman has kryptonite, software has weaknesses — with misconfigurations leading the pack. Top Allies for Executives & Boards to Leverage During a Cyber Crisis It is imperative for executives and board members to know who their top allies are, and how to best leverage them to successfully navigate a crisis and minimize the harm caused by a breach. MORE

PRODUCTS & RELEASES

Stellar Cyber Secures National 'Don't Click It' Day

Cybersecurity Success Hinges on Full Organizational Support, New CompTIA Report Asserts

OneTrust Automates DORA ICT Risk Management and Compliance

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Novel Exploit Chain Enables Windows UAC Bypass

Adversaries can exploit CVE-2024-6769 to jump from regular to admin access without triggering UAC, but Microsoft says it's not really a vulnerability.

LATEST FROM THE EDGE

FERC Outlines Supply Chain Security Rules for Power Plants

The US Federal Energy Regulatory Commission spelled out what electric utilities should do to protect their software supply chains, as well as their network "trust zones."

LATEST FROM DR TECHNOLOGY

Reachability Analysis Pares Down Static Security-Testing Overload

For development teams awash in vulnerability reports, reachability analysis can help tame the chaos and offer another path to prioritize exploitable issues.

LATEST FROM DR GLOBAL

Meet UNC1860: Iran's Low-Key Access Broker for State Hackers

The group has used more than 30 custom tools to target high-value government and telecommunications organizations on behalf of Iranian intelligence services, researchers say.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>