Dark Reading Daily -- August 28, 2023

Follow Dark Reading:

August 28, 2023

LATEST SECURITY NEWS & COMMENTARY

China Unleashes Flax Typhoon APT to Live Off the Land, Microsoft Warns

The cyber-espionage group has created a stealthy, hard-to-mitigate network of persistent access across a range of organizations, but the endgame is unclear.

'Whiffy Recon' Malware Transmits Device Location Every 60 Seconds

Deployed by the infamous SmokeLoader botnet, the location-tracking malware could be used for a host of follow-on cyberattacks or even physical targeting.

Is Bias in AI Algorithms a Threat to Cloud Security?

Using AI for threat detection and response is essential — but it can't replace human intelligence, expertise, and intuition.

Luna Grabber Malware Targets Roblox Gaming Devs

Roblox gaming developers are lured in by a package that claims to create useful scripts to interact with the Roblox website, for example by “promot(ing) users, shout events, and so on, or to create Discord utiltiies (sic) to manage their community.”

MORE NEWS / MORE COMMENTARY


HOT TOPICS
eBay Users Beware Russian 'Telekopye' Telegram Phishing Bot Thanks to a simple Telegram bot that democratizes phishing, ordinary Russians can conduct full-fledged phishing attacks with zero technical know-how. Threat Actor Exploits Zero-Day in WinRAR to Target Crypto Accounts Attacks targeting the now-patched bug have been going on since at least April 2023, security vendor says. Name That Toon: Swift as an Arrow Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. 5 Best Practices for Implementing Risk-First Cybersecurity Embracing a risk-first mindset empowers organizations to make informed decisions, strengthen security, safeguard valuable assets, and reduce financial impact. What the Hive Ransomware Case Says About RaaS and Cryptocurrency Hive tells us a lot about ransomware-as-a-service trends and the best ways to defend against attacks. 5 Early Warning Indicators That Are Key to Protecting National Secrets The Defense Department must modernize user activity monitoring by prioritizing data that can be used early to proactively mitigate insider risk. MORE

EDITORS' CHOICE

Ransomware With an Identity Crisis Targets Small Businesses, Individuals

TZW is the latest version of Adhubllka, which has been active since 2019 but has gone largely unreported due to its lower ransom demands.

LATEST FROM THE EDGE

Vendors Training AI With Customer Data Is an Enterprise Risk

While Zoom has scrapped plans to harvest customer content for use in its AI and ML models, the incident should raise concerns for enterprises and consumers a like.

LATEST FROM DR TECHNOLOGY

NIST Publishes First Draft Standards for Post-Quantum Cryptography

Publication of the first draft PQC standards opens a 90-day period for public comment and paves the way for interoperability testing.

LATEST FROM DR GLOBAL

The Gulf's Dizzying Tech Ambitions Present Risk & Opportunity

Threats and opportunities abound for the UAE and Gulf states, so can they deal with being a cybersecurity stronghold?

WEBINARS

The Evolution of the Vulnerability Landscape in 2023
While this summer has been jokingly called "zero-day summer" by some, 2023 fits Mandiant observations that zero-day exploitation has been trending upward for the last few years. As shown in our zero-day trends blog post, Mandiant tracked 55 zero-day vulnerabilities that we ...
Managing Security In a Hybrid Cloud Environment
Many enterprises have embraced hybrid- and multi-clouds. They spread their workloads across private data centers and public cloud, or across multiple cloud providers. How do you manage security when the tools are all different? How do you enforce security controls ...

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

How to Use Threat Intelligence to Mitigate Third-Party Risk
The report discusses the various steps of a continuous third-party intelligence lifecycle: Data collection, Data classification, Data storage, Data analysis, reporting, dissemination, continuous monitoring, data governance, and choosing the right technology stack. The report also includes information about how attackers ...
Successfully Managing Identity in Modern Cloud and Hybrid Environments
Cloud promised to simplify the security and management of enterprise systems. In many ways it has, but when it comes to identity management it's as complicated as ever. This report details how to get identity programs on track -- and ...
The Promise and Reality of Cloud Security
Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ...

View More Dark Reading Reports >>

PRODUCTS & RELEASES

Genworth Financial Under Investigation for Data Breach

Cypago Raises $13M and Unveils its Cyber GRC Automation (CGA) Platform to Simplify GRC Processes

Malwarebytes Announces Acquisition of Online Privacy Company Cyrus

Black Hat USA 2023 Closes on Record-Breaking Event in Las Vega

MORE PRODUCTS & RELEASES

CURRENT ISSUE

What Ransomware Groups Look for in Enterprise Victims
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES

Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.