Dark Reading Daily -- February 28, 2024

Trusted brands like The Economist are also among the 8,000 entities compromised by Operation SubdoMailing, which is at the heart of a larger operation of a single threat actor.

LATEST SECURITY NEWS & COMMENTARY

eBay, VMware, McAfee Sites Hijacked in Sprawling Phishing Operation

Trusted brands like The Economist are also among the 8,000 entities compromised by Operation SubdoMailing, which is at the heart of a larger operation of a single threat actor.

Russia's 'Midnight Blizzard' Targets Service Accounts for Initial Cloud Access

CISA and its counterparts in the UK and other countries this week offered new guidance on how to deal with the threat actor's recent shift to cloud attacks.

Apple, Signal Debut Quantum-Resistant Encryption, but Challenges Loom

Apple's PQ3 for securing iMessage and Signal's PQXH show how organizations are preparing for a future in which encryption protocols must be exponentially harder to crack.

U-Haul Reports 67K Customers Impacted by Data Breach

In the notice letter sent out to affected individuals, U-Haul notes that credit card information was not accessed in the breach.

Mexico's 'Timbre Stealer' Campaign Targets Manufacturing

A new infostealer spreading to organizations across Mexico heralds 2024's fresh season of tax-themed phishing attacks.

What Companies & CISOs Should Know About Rising Legal Threats

Litigation and regulatory enforcement are increasing risks for companies and cybersecurity leaders. Something must be done to protect the profession.

(Sponsored Article) Defending Against Cyber Threats in the Age of AI

Changing threat landscapes and artificial intelligence's evolving role in cyber defense have important lessons for defending against attacks.

4 Ways Organizations Can Drive Demand for Software Security Training

Developer-driven security programs place the development team at the center of reducing vulnerabilities.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
LockBit's Leak Site Reemerges, a Week After 'Complete Compromise' Is LockBit dead? Law enforcement and the group itself seem to be telling conflicting stories. The Next Gen of Cybersecurity Could Be Hiding in Big Tech Public-private partnerships, increasing cybersecurity budgets for public organizations, and retraining existing tech talent to make the jump to cyber will help ease the staffing crunch. White House Urges Switching to Memory Safe Languages The Office of the National Cyber Director technical report focuses on reducing memory-safety vulnerabilities in applications and making it harder for malicious actors to exploit them. MORE

PRODUCTS & RELEASES

Kaspersky Finds Attacks on Mobile Devices Significantly Increased in 2023

Delinea to Acquire Fastpath to Revolutionize Privileged Access and Identity Governance

Optiv Accepting Applications for $10K Scholarship

Palo Alto Networks Launches Cortex Platform Offer

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

NIST Releases Cybersecurity Framework 2.0

New guidance expands the framework to consider organizations beyond critical infrastructure; it also addresses governance and supply chain cybersecurity.

LATEST FROM THE EDGE

Redesigning the Network to Fend Off Living-Off-the-Land Tactics

The growing threat of living-off-the-land tactics requires a rethink of network traffic visibility to prevent these types of attacks.

LATEST FROM DR TECHNOLOGY

Insurers Use Claims Data to Recommend Cybersecurity Technologies

Policy holders using certain technologies — such as managed detection and response (MDR) services, Google Workspace, and email security gateways — gain premium discounts from cyber insurers.

LATEST FROM DR GLOBAL

'Illusive' Iranian Hacking Group Ensnares Israeli, UAE Aerospace and Defense Firms

UNC1549, aka Smoke Sandstorm and Tortoiseshell, appears to be the culprit behind a cyberattack campaign customized for each targeted organization.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>