A targeted attack aiming to exploit geopolitical relations between India and Europe delivers previously undocumented, uniquely evasive backdoor malware.
| | | LATEST SECURITY NEWS & COMMENTARY | | Cyberattackers Lure EU Diplomats With Wine-Tasting Offers A targeted attack aiming to exploit geopolitical relations between India and Europe delivers previously undocumented, uniquely evasive backdoor malware. 'Savvy Seahorse' Hackers Debut Novel DNS CNAME Trick Petty scammers have figured out how to leverage a core function of DNS in order to maintain scalable, stealthy, pliable malicious infrastructure. 'Voltzite' Zaps African Utilities as Part of Volt Typhoon's Onslaught The China-backed APT that's been trying to set itself up inside US critical infrastructure for the purpose of disrupting physical processes is deploying a similar playbook in Africa. eBay, VMware, McAfee Sites Hijacked in Sprawling Phishing Operation Trusted brands like The Economist are also among the 8,000 entities compromised by Operation SubdoMailing, which is at the heart of a larger operation of a single threat actor. LockBit's Leak Site Reemerges, a Week After 'Complete Compromise' Is LockBit dead? Law enforcement and the group itself seem to be telling conflicting stories. iSoon's Secret APT Status Exposes China's Foreign Hacking Machinations Chinese government agencies are paying an APT, masked as a legitimate company, to spy on foreign and domestic targets of political interest. Zero-Click Apple Shortcuts Vulnerability Allows Silent Data Theft Vulnerability CVE-2024-23204, affecting Apple's popular Shortcuts app, suggests a critical need for ongoing security awareness in the macOS and iOS ecosystem. NIST Releases Cybersecurity Framework 2.0 New guidance expands the framework to consider organizations beyond critical infrastructure; it also addresses governance and supply chain cybersecurity. China Launches New Cyber-Defense Plan for Industrial Networks Government will provide additional cybersecurity training and recruit additional cybersecurity talent in an effort to better secure its industrial sector from attacks. U-Haul Reports 67K Customers Impacted by Data Breach In the notice letter sent out to affected individuals, U-Haul notes that credit card information was not accessed in the breach. Orgs Face Major SEC Penalties for Failing to Disclose Breaches In what could be an enforcement nightmare, potentially millions of dollars in fines, reputational damage, shareholder lawsuits, and other penalties await companies that fail to comply with the SEC's new data-breach disclosure rules. What Companies & CISOs Should Know About Rising Legal Threats Litigation and regulatory enforcement are increasing risks for companies and cybersecurity leaders. Something must be done to protect the profession. Converging State Privacy Laws and the Emerging AI Challenge It's time for companies to look at what they're processing, what types of risk they have, and how they plan to mitigate that risk. The Next Gen of Cybersecurity Could Be Hiding in Big Tech Public-private partnerships, increasing cybersecurity budgets for public organizations, and retraining existing tech talent to make the jump to cyber will help ease the staffing crunch. 4 Key Steps to Reevaluate Your Cybersecurity Priorities Amid a spike in attacks, now is a good time for brands to strengthen their cybersecurity strategy. MORE NEWS / MORE COMMENTARY | | | | | | PRODUCTS & RELEASES | | Kaspersky Finds Attacks on Mobile Devices Significantly Increased in 2023 Fortress Information Security Deploys Automated Patch Notification and Authenticity Tool Pentera Launches Global Partner Program to Accelerate Growing Channel Delinea to Acquire Fastpath to Revolutionize Privileged Access and Identity Governance Beyond Identity Introduces Device360 for Security Risk Visibility Across All Devices Palo Alto Networks Launches Cortex Platform Offer Hack The Box Launches Certified Web Exploitation Expert As Demand for Risk Mitigation Grows Optiv Accepting Applications for $10K Scholarship MORE PRODUCTS & RELEASES |
|
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| | To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
