Dark Reading Daily -- March 19, 2024

It remains unclear how long the IT services giant's systems were infiltrated and just how the cyberattack unfolded.

LATEST SECURITY NEWS & COMMENTARY

Fujitsu: Malware on Company Computers Exposed Customer Data

It remains unclear how long the IT services giant's systems were infiltrated and just how the cyberattack unfolded.

Chinese APT 'Earth Krahang' Compromises 48 Gov't Orgs on 5 Continents

The group uses pretty standard open source tooling and social engineering to burrow into high-level government agencies across the globe.

'Conversation Overflow' Cyberattacks Bypass AI Security to Target Execs

Credential-stealing emails are getting past artificial intelligence's "known good" email security controls by cloaking malicious payloads within seemingly benign emails. The tactic poses a significant threat to enterprise networks.

ML Model Repositories: The Next Big Supply Chain Attack Target

Machine-learning model platforms like Hugging Face are suspectible to the same kind of attacks that threat actors have executed successfully for years via npm, PyPI, and other open source repos.

Tracking Everything on the Dark Web Is Mission Critical

On the Dark Web, stolen secrets are your enemy, and context is your friend.

Brazilian Authorities Arrest Members of Banking Trojan Cybercrime Group

Interpol assisted in the operation, in which analysts identified Grandoreiro group members by analyzing and matching malware samples.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
ChatGPT vs. Gemini: Which Is Better for 10 Common Infosec Tasks? Compare how well OpenAI's and Google's generative AI products handle infosec professionals' top 10 tasks. Fortinet Warns of Yet Another Critical RCE Flaw CVE-2024-48788, like many other recent Fortinet flaws, will likely be an attractive target, especially for nation-state-backed actors. 3 Ways Businesses Can Overcome the Cybersecurity Skills Shortage With budget constraints and a limited supply of skilled talent, businesses need to get creative to defend against rampant cybersecurity threats. Alabama Under DDoS Cyberattack by Russian-Backed Hacktivists The hacktivist group Anonymous Sudan claims credit for a cyberattack that disrupted Alabama state government earlier this week. MORE

PRODUCTS & RELEASES

Saudi Arabia's National Cybersecurity Authority Announces the GCF Annual Meeting 2024

Red Canary Announces Full Coverage of All Major Cloud Providers

Nozomi Networks Secures $100M Investment to Defend Critical Infrastructure

Expel Releases Updated Toolkit in Response to NIST 2.0

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

6 CISO Takeaways From the NSA's Zero-Trust Guidance

All companies — not just federal agencies — should aim to adopt the "network and environment" pillar of the National Security Agency's zero-trust guidelines.

LATEST FROM THE EDGE

10 Tips for Better Security Data Management

CISOs must build out a security data management and security data architecture to get the most out of their security data for the least amount of investment.

LATEST FROM DR TECHNOLOGY

How to Ensure Open Source Packages Are Not Landmines

CISA and OpenSSF jointly published new guidance recommending technical controls to make it harder for developers to bring malicious software components into code.

LATEST FROM DR GLOBAL

North Korea-Linked Group Levels Multistage Cyberattack on South Korea

Kimsuky-attributed campaign uses eight steps to compromise systems — from initial execution to downloading additional code from Dropbox, and executing code to establish stealth and persistence.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>