Dark Reading Daily -- April 26, 2024

Attacks by a previously unknown threat actor leveraged two bugs in firewall devices to install custom backdoors on several government networks globally.

LATEST SECURITY NEWS & COMMENTARY

Cisco Zero-Days Anchor 'ArcaneDoor' Cyber-Espionage Campaign

Attacks by a previously unknown threat actor leveraged two bugs in firewall devices to install custom backdoors on several government networks globally.

The Biggest 2024 Elections Threat: Kitchen-Sink Attack Chains

Hackers can influence voters with media and breach campaigns, or try tampering with votes. Or they can combine these tactics to even greater effect.

Godfather Banking Trojan Spawns 1.2K Samples Across 57 Countries

Mobile malware-as-a-service operators are upping their game by automatically churning out hundreds of unique samples on a whim.

SolarWinds 2024: Where Do Cyber Disclosures Go From Here?

Get updated advice on how, when, and where we should disclose cybersecurity incidents under the SEC's four-day rule after SolarWinds, and join the call to revamp the rule to remediate first.

Digital Blitzkrieg: Unveiling Cyber-Logistics Warfare

Cyberattacks on logistics are becoming increasingly common, and the potential impact is enormous.

FTC Issues $5.6M in Refunds to Customers After Ring Privacy Settlement

The refunds will be made to individual affected customers through thousands of PayPal payments, available to be redeemed for a limited time.

Chinese Keyboard Apps Open 1B People to Eavesdropping

Eight out of nine apps that people use to input Chinese characters into mobile devices have weakness that allow a passive eavesdropper to collect keystroke data.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
Iran Dupes US Military Contractors, Gov't Agencies in Years-Long Cyber Campaign A state-sponsored hacking team employed a clever masquerade and elaborate back-end infrastructure as part of a five-year info-stealing campaign that compromised the US State and Treasury Departments, and hundreds of thousands of accounts overall. 2023: A 'Good' Year for OT Cyberattacks Attacks increased by "only" 19% last year. But that number is expected to grow significently. Lessons for CISOs From OWASP's LLM Top 10 It's time to start regulating LLMs to ensure they're accurately trained and ready to handle business deals that could affect the bottom line. Siemens Working on Fix for Device Affected by Palo Alto Firewall Bug Growing attacks targeting the flaw prompted CISA to include it in the known exploited vulnerabilities catalog earlier this month. MORE

PRODUCTS & RELEASES

KnowBe4 to Acquire Egress

Black Girls Do Engineer Signs Education Partnership Agreement With NSA

CompTIA Supports Department of Defense Efforts to Strengthen Cyber Knowledge and Skills

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Patch Now: CrushFTP Zero-Day Cloud Exploit Targets US Orgs

An exploit for the vulnerability allows unauthenticated attackers to escape a virtual file system sandbox to download system files and potentially achieve RCE.

LATEST FROM THE EDGE

How Boards Can Prepare for Quantum Computers

Quantum computing on the level that poses a threat to current cybersecurity measures is still years off. Here's what enterprises can do now to avoid future disruptions.

LATEST FROM DR TECHNOLOGY

Chip Giants Finalize Specs Baking Security into Silicon

Caliptra 1.0 offers a blueprint for integrating security features directly into microprocessors.

LATEST FROM DR GLOBAL

PCI Launches Payment Card Cybersecurity Effort in the Middle East

The payment card industry pushes for more security in financial transactions to help combat increasing fraud in the region.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>