A financially motivated threat actor uses known vulnerabilities, ordinary TTPs, and off-the-shelf tools to exploit the unprepared, highlighting the fact that many organizations still don't focus on the security basics.
Follow Dark Reading:
 September 22, 2023
LATEST SECURITY NEWS & COMMENTARY
'Gold Melody' Access Broker Plays on Unpatched Servers' Strings
A financially motivated threat actor uses known vulnerabilities, ordinary TTPs, and off-the-shelf tools to exploit the unprepared, highlighting the fact that many organizations still don't focus on the security basics.
MGM Restores Casino Operations 10 Days After Cyberattack
The lost revenue due to downtime for gaming and hotel bookings is difficult to ballpark.
Mysterious 'Sandman' APT Targets Telecom Sector With Novel Backdoor
The Sandman group's main malware is among the very few that use the Lua scripting language and its just-in-time compiler.
GitLab Users Advised to Update Against Critical Flaw Immediately
The bug has a CVSS score of 9.6 and allows unauthorized users to compromise private repositories.
Cisco Moves Into SIEM With $28B Deal to Acquire Splunk
Cisco's surprise agreement could reshape secure information and event management (SIEM) and extended detection and response (XDR) markets.
BBTok Banking Trojan Impersonates 40+ Banks to Hijack Victim Accounts
Attackers use convincing fake website interfaces and sophisticated geo-fencing to target users exclusively in Mexico and Brazil with a new variant of the malware.
Hikvision Intercoms Allow Snooping on Neighbors
The intercoms are used in thousands of apartments and offices across the world, and they can be used to spy on targets through the other devices they connect to.
T-Mobile Racks Up Third Consumer Data Exposure of 2023
The mobile company states that the issue was due to a glitch that occurred in an update.
Mastering Defense-in-Depth and Data Security in the Cloud Era
Though widely used in many organizations, the concept still requires adaptation when aimed at protecting against new types of attacks.
Understanding the Differences Between On-Premises and Cloud Cybersecurity
The nature of cloud environments means security and technical teams need a different mindset to understand and manage their new attack surface.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
China-Linked Actor Taps Linux Backdoor in Forceful Espionage Campaign
"SprySOCKS" melds features from multiple previously known badware and adds to the threat actor's growing malware arsenal, Trend Micro says.

How Choosing Authentication Is a Business-Critical Decision
MFA may go a long way in improving password security, but it's not foolproof.

Changing Role of the CISO: A Holistic Approach Drives the Future
The CISO's role has grown far beyond supervising Patch Tuesday to focus on prevention and response and to cover people, processes, and technology.

MORE
EDITORS' CHOICE
FBI, CISA Issue Joint Warning on 'Snatch' Ransomware-as-a-Service
The group's use of malware that forces Windows computers to reboot into Safe Mode before encrypting files is noteworthy, advisory says.
LATEST FROM THE EDGE

What Does Socrates Have to Do With CPM?
It's time to focus on the "P" in cybersecurity performance management.
LATEST FROM DR TECHNOLOGY

Secure Browser Tech Is Having a Moment
Cloud adoption is driving secure browsers' moment in the sun as rumors fly that Palo Alto Networks is looking to snap up Talon.
LATEST FROM DR GLOBAL

Growing Chinese Tech Influence in Africa Spurs 'Soft Power' Concerns
A working group is rolling out in developing parts of the world, in response to concerns about the amount of technology being rolled out and across Africa by Chinese companies.
WEBINARS
  • Securing Identities in the Cloud

    With enterprises increasingly shifting workloads to the cloud, they face different challenges including managing and securing user identities, as well as a web of machine identities. How do you map all of the identities that now reside in the cloud ...

  • Tips for A Streamlined Transition to Zero Trust

    From identifying the potential attack surface to determining policy, there is a clear path to zero trust and best practices to make the transition as smooth as possible - both for your organization and your customers. Zero trust is more ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
OPSWAT-Sponsored SANS 2023 ICS/OT Cybersecurity Report Reveals Vital Priorities to Mitigate Ongoing Threats
Salvador Technologies Wins Funding for $2.2M Cybersecurity Project From BIRD Foundation
83% of IT Security Professionals Say Burnout Causes Data Breaches
Omdia Research Finds Risk-Based Vulnerability Management Set to Encompass the Vulnerability Management Market by 2027
MORE PRODUCTS & RELEASES
CURRENT ISSUE

Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |   Informa Tech  |   Privacy Statement   |   Terms & Conditions  |  Contact Us