Daily operations at some 15,000 automotive dealers remain impacted as CDK works to restore its dealer management system, following what appears to be a ransomware attack last week.
Follow Dark Reading:
 June 27, 2024
LATEST SECURITY NEWS & COMMENTARY
CDK Attack: Why Contingency Planning Is Critical for SaaS Customers
Daily operations at some 15,000 automotive dealers remain impacted as CDK works to restore its dealer management system, following what appears to be a ransomware attack last week.
Dangerous AI Workaround: 'Skeleton Key' Unlocks Malicious Content
Microsoft, OpenAI, Google, and Meta GenAI models could be convinced to ditch their guardrails, opening the door to chatbots giving unfettered answers on building bombs, creating malware, and much more.
Apple AirPods Bug Allows Eavesdropping
The vulnerability affects not only AirPods, but also AirPods Max, Powerbeats Pro, Beats Fit Pro, and all models of AirPods Pro.
Fresh MOVEit Bug Under Attack Mere Hours After Disclosure
The high-severity CVE-2024-5806 allows cyberattackers to authenticate to the file-transfer platform as any valid user, with accompanying privileges.
Kaspersky's US Customers Face Tight Deadline Following Govt. Ban
After Sept. 29, 2024, organizations and individuals that continue using the vendor's products will no longer receive any updates or support.
Catching Up on Innovation With NIST CSF 2.0
The updated framework is an equalizer for smaller organizations to meet the industry at its breakneck pace of innovation.
High-Risk Overflow Bug in Intel Chips Likely Impacts 100s of PC Models
The old, but newly disclosed, vulnerability is buried deep inside personal computers, servers, and mobile devices, and their supply chains, making remediation a headache.
30M Potentially Affected in Tickettek Australia Cloud Breach
In an incident with direct parallels to the recent Ticketmaster compromise, an Aussie live events giant says it was breached via a third-party cloud provider, as ShinyHunters takes credit.
The NYSE's $10M Wake-up Call
The settlement between the SEC and the owner of the New York Stock Exchange is a critical reminder of the vulnerabilities within financial institutions' cybersecurity frameworks as well as the importance of regulatory oversight.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Diverse Cybersecurity Workforce Act Offers More Than Diversity Benefits
Our adversaries certainly have diversity — so cybersecurity teams need it, too.

Securing Customers' Trust With SOC 2 Type II Compliance
Audit compliance not only demonstrates commitment to data security and privacy but also builds trust with customers and stakeholders.

Key Takeaways From the British Library Cyberattack
Knowledge institutions with legacy infrastructure, limited resources, and digitized intellectual property must protect themselves from sophisticated and destructive cyberattacks.

MORE
PRODUCTS & RELEASES
CISOs Growing More Comfortable With Risk, But Better C-Suite Alignment Needed
Optiv Report Shows Nearly 60% Increase in Security Budgets as Most Organizations Report Cyber Breaches and Incidents
Akamai Completes Acquisition of API Security Company Noname
Abstract Security Announces General Availability of its AI-Powered Data Streaming Platform for Security
FS-ISAC Announces Appointments to Global Board of Directors
VicOne Solutions for Detection of Zero-Day Vulnerabilities and Contextualized Attack Paths
MORE PRODUCTS & RELEASES
EDITORS' CHOICE
Multifactor Authentication Is Not Enough to Protect Cloud Data
Ticketmaster, Santander Bank, and other large firms have suffered data leaks from a large cloud-based service, underscoring that companies need to pay attention to authentication.
LATEST FROM THE EDGE

Is Defense Winning? A Look at Decades of Playing Catch Up
In this Black Hat USA preview, scholar Jason Healey examines strategies for measuring and shifting the balance of cyber defense
LATEST FROM DR TECHNOLOGY

What Building Application Security Into Shadow IT Looks Like
AppSec is hard for traditional software development, let alone citizen developers. So how did two people resolve 70,000 vulnerabilities in three months?
LATEST FROM DR GLOBAL

'Snowblind' Tampering Technique May Drive Android Users Adrift
As cybersecurity's cat-and-mouse game starts to look more like Tom and Jerry, attackers develop a method for undermining Android app security with no obvious fix.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2024  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us