Dark Reading Daily -- March 25, 2024

The attacker employed various techniques, including distributing malicious dependencies via a fake Python infrastructure linked to GitHub projects.

LATEST SECURITY NEWS & COMMENTARY

GitHub Developers Hit in Complex Supply Chain Cyberattack

The attacker employed various techniques, including distributing malicious dependencies via a fake Python infrastructure linked to GitHub projects.

Russian APT Releases More Deadly Variant of AcidRain Wiper Malware

New AcidPour variant can attack a significantly broader range of targets including IoT devices, storage area networks, and handhelds.

Apple Stingy With Details About Latest iOS Update

The security update comes just weeks after the release of iOS 17.4, but Apple has not included CVEs or information about the fixes.

Kenya to TikTok: Prove Compliance With Our Privacy Laws

Beleaguered social media platform now faces scrutiny by the Kenyan government over cybersecurity and data privacy.

8 Strategies for Enhancing Code Signing Security

Strong code-signing best practices are an invaluable way to build trust in the development process and enable a more secure software supply chain.

Japan Runs Inaugural Cyber Defense Drills with Pacific Island Nations

Kiribati, the Marshall Islands, Micronesia, Nauru, and Palau participate in the cybersecurity exercise held in Guam.

(Sponsored Article) On Whose Account? Challenges in Securing Non-Human Identities

Service accounts, API keys, and OAuth tokens are a growing attack vector for cybercriminals looking to penetrate organizations' defenses.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
Ivanti Keeps Security Teams Scrambling With 2 More Vulns Since the beginning of this year, the company has disclosed some seven critical bugs so far, almost all of which attackers have quickly exploited in mass attacks. Cyber Warfare: Understanding New Frontiers in Global Conflicts An arms race is developing between those using technology to target adversaries and those using it prevent attacks from succeeding. The New CISO: Rethinking the Role Rising cybersecurity demands are changing the role of the head security officer. CISOs need to make a list, check it at least twice, and document every step. Changing Concepts of Identity Underscore 'Perfect Storm' of Cyber-Risk Forgepoint Capital's Alberto Yépez discusses how the concept of identity is changing: It doesn't just mean "us" anymore. MORE

PRODUCTS & RELEASES

Deloitte Launches CyberSphere Platform to Simplify Cyber Operations for Clients

Pathlock Introduces Continuous Controls Monitoring to Reduce Time and Costs

Akamai Research Finds 29% of Web Attacks Target APIs

Kaspersky Identifies Three New Android Malware Threats

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

NIST's Vuln Database Downshifts, Prompting Questions About Its Future

NVD may be in peril, and while alternatives exist, enterprise security managers will need to plan accordingly to stay on top of new threats.

LATEST FROM THE EDGE

AWS CISO: Pay Attention to How AI Uses Your Data

Amazon Web Services CISO Chris Betz explains why generative AI is both a time-saving tool and a double-edged sword.

LATEST FROM DR TECHNOLOGY

Using East-West Network Visibility to Detect Threats in Later Stages of MITRE ATT&CK

Ensuring that traffic visibility covers both client-server and server-server communications helps NetOps teams analyze and spot potential threats early on, avoiding catastrophic effects.

LATEST FROM DR GLOBAL

United Arab Emirates Faces Intensified Cyber-Risk

The UAE leads the Middle East in digital-transformation efforts, but slow patching and legacy technology continue to thwart its security posture.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>