The company said the rogue update that caused disruptions on a global scale resulted from a "perfect storm" of issues.
Follow Dark Reading:
 September 26, 2024
LATEST SECURITY NEWS & COMMENTARY
CrowdStrike Offers Mea Culpa to House Committee
The company said the rogue update that caused disruptions on a global scale resulted from a "perfect storm" of issues.
Third Ivanti Bug Comes Under Active Exploit, CISA Warns
Though the critical vulnerability was patched in August, Ivanti is reminding customers to update as soon as possible as attacks from unauthenticated threat actors start circulating.
Microsoft Trims Cloud Cyberattack Surface in Security Push
The company has jettisoned hundreds of thousands of unused apps and millions of unused tenants as part of its Secure Future Initiative.
Critical Automated Tank Gauge Bugs Threaten Gas Infrastructure
The security vulnerabilities could lead to everything from gas spills to operations data disclosure, affecting gas stations, airports, military bases, and other hypersensitive locations.
LinkedIn Addresses User Data Collection for AI Training
The company announced an update to its privacy policy, acknowledging it is using customer data to train its AI models.
Vice Society Pivots to Inc Ransomware in Healthcare Attack
Inc ransomware — one of the most popular among cybercriminals today — meets healthcare, the industry sector most targeted by RaaS.
Zero-Click MediaTek Bug Opens Phones, Wi-Fi to Takeover
Critical-rated CVE-2024-20017 allows remote code execution (RCE) on a range of phones and Wi-Fi access points from a variety of OEMs.
China's 'Earth Baxia' Spies Exploit Geoserver to Target APAC Orgs
The APT group uses spear-phishing and a vulnerability in a geospatial data-sharing server to compromise organizations in Taiwan, Japan, the Philippines, and South Korea.
1 PoC Exploit for Critical RCE Flaw, but 2 Patches From Veeam
The first patch lets threat actors with low-level credentials still exploit the vulnerability, while the second fully resolves the flaw.
How Russia, China & Iran Are Targeting US Elections
While these threats remain a valid concern, US government agencies have doubled down on their assurances to the American public that election infrastructure is secure.
Managing Cyber-Risk Is No Different Than Managing Any Business Risk
A sound cyber-risk management strategy analyzes all the business impacts that may stem from an attack and estimates the related costs of mitigation versus the costs of not taking action.
Data Security Posture Management: Accelerating Time to Value
Data discovery and classification are foundational for data security, data governance, and data protection.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Dark Reading Confidential: Pen-Test Arrests, 5 Years Later
Episode 3: On Sept. 11, 2019, two cybersecurity pros, Gary De Mercurio and Justin Wynn, were arrested in Dallas County, Iowa, and forced to spend the night in jail — just for doing their jobs. Despite the charges against them being dropped, that night five years ago continues to haunt De Mercurio and Wynn. In this episode, the pair and Coalfire CEO Tom McAndrew share how the fallout has shaped their lives and careers as well as how it has transformed physical penetration tests.
An AI-Driven Approach to Risk-Scoring Systems in Cybersecurity
By enhancing threat detection, enabling real-time risk assessment, and providing predictive insights, AI is empowering organizations to build more robust defenses against cyber threats.

GenAI in Cybersecurity: Insights Beyond the Verizon DBIR
The lack of abundant data on AI-enabled attacks in official reports shouldn't prevent us from preparing for and mitigating potential future threats.

US May Be Losing the Race for Global AI Leadership
To maintain AI leadership, Congress and regulatory agencies must recognize that our foreign competitors are working to surpass us.

MORE
PRODUCTS & RELEASES
CrowdStrike Expands Cybersecurity Startup Accelerator With AWS and NVIDIA
Abstract Security Expands Multi-Cloud Security Operations
South Korea Digital Forensics Market to Hit US $3.52B by 2031
MORE PRODUCTS & RELEASES
EDITORS' CHOICE
China's 'Salt Typhoon' Cooks Up Cyberattacks on US ISPs
The state-sponsored advanced persistent threat (APT) is going after high-value communications service provider networks in the US, potentially with a dual set of goals.
LATEST FROM THE EDGE

Target Practice: Honing Critical Skills on Cyber Ranges
Cyber ranges are a great way for cyber professionals to keep up on emerging threats and new technologies — while having a little fun.
LATEST FROM DR TECHNOLOGY

Security Concerns Plague Emerging Chip Architecture
The RISC-V chip architecture is gaining popularity worldwide, but the fact that it is easy to modify the processor design means it is also easy to introduce hard-to-patch vulnerabilities in the chips.
LATEST FROM DR GLOBAL

Meet UNC1860: Iran's Low-Key Access Broker for State Hackers
The group has used more than 30 custom tools to target high-value government and telecommunications organizations on behalf of Iranian intelligence services, researchers say.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2024  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us