A recent campaign shows that the politically motivated threat actor has more tricks up its sleeve than previously known, targeting a critical exploit and wiping logs to cover their tracks.
Follow Dark Reading:
 June 27, 2023
LATEST SECURITY NEWS & COMMENTARY
China's 'Volt Typhoon' APT Turns to Zoho ManageEngine for Fresh Cyberattacks
A recent campaign shows that the politically motivated threat actor has more tricks up its sleeve than previously known, targeting a critical exploit and wiping logs to cover their tracks.
Trojanized Super Mario Installer Goes After Gamer Data
A legitimate installer for the popular Nintendo game infects Windows machines with various malware, including a cryptominer and an infostealer, again showcasing the importance of remote worker security hygiene.
It's Open Season on Law Firms for Ransomware & Cyberattacks
Law firms have an ethical responsibility to protect their clients' sensitive information, but a recent swell of cyberattacks does not seem to be enough to convince law firms to shore up cybersecurity.
3 Steps to Successfully & Ethically Navigate a Data Breach
In this day of "not if, but when" for breaches, transparency and full disclosure are important to salvage a company's reputation and keep public trust.
SolarWinds Execs Targeted by SEC, CEO Vows to Fight
CEO says SEC penalties related to the 2020 SolarWinds supply chain attacks are unwarranted and is ready to mount a defense to any legal actions against the company or its employees.
Twitter Celeb Account Hacker Heads to Jail for 5 Years
Extradited from Spain, PlugWalkJoe has been sentenced in US court and is now headed to federal prison on a raft of charges related to account hijacking and cyber stalking.
(Sponsored Article) The Key to Zero Trust Identity Is Automation
In a zero-trust world, a trusted identity is the key that unlocks access for people and devices to enter your enterprise’s key networks, systems, and resources.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Millions of Repos on GitHub Are Potentially Vulnerable to Hijacking
Many organizations are unwittingly exposing users of their code repositories to repojacking when renaming projects, a new study shows.

How Government Contractors & Agencies Should Navigate New Cyber Rules
The impending regulations highlight the increasing importance of enhanced network security and regulatory compliance across the government sector.

NSA: BlackLotus BootKit Patching Won't Prevent Compromise
It's unclear why the NSA issued in-depth mitigation guidance for the software boot threat now, but orgs should take steps to harden their environments.

MORE
EDITORS' CHOICE
Microsoft Teams Attack Skips the Phish to Deliver Malware Directly
Exploiting a flaw in how the app handles communication with external tenants gives threat actors an easy way to send malicious files from a trusted source to an organization's employees, but no patch is imminent.
LATEST FROM DR TECHNOLOGY

Cl0p in Your Network? Here's How to Find Out
Companies targeted by hacking groups with Cl0p ransomware typically have several chances to catch the attack prior to the payload being deployed, experts say.
LATEST FROM THE EDGE

Remediation Ballet Is a Pas de Deux of Patch and Performance
AI-generated code promises quicker fixes for vulnerabilities, but ultimately developers and security teams must balance competing interests.
WEBINARS
  • Finding the Right Role for Identity and Access Management in Your Enterprise

    End user credentials are essential to enabling your employees to gain access to the data and applications they need. Those credentials are also one of the most prized targets that attackers hope to gain. To enable user access and prevent ...

  • Making Sense of Security Operations Data

    Most security operations centers aren't suffering from not having enough data- they have too much. In this webinar, experts recommend tools and best practices for correlating information from multiple security systems so that your SOC team is focusing on the ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Genworth Financial Reports Data Breach Leaking SSNs Belonging to 2.7M Policyholders and Customers
Airgap Networks Acquires NetSpyGlass
Former Duo Security Co-Founder Jon Oberheide Joins DNSFilter Board of Directors
Silobreaker Unveils Geopolitical Threat Intelligence Capabilities With RANE at Infosecurity Europe 2023
MORE PRODUCTS & RELEASES
CURRENT ISSUE

How to Use Threat Intelligence to Mitigate Third-Party Risk
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us