Dark Reading Daily -- September 23, 2024

The company announced an update to its privacy policy, acknowledging it is using customer data to train its AI models.

LATEST SECURITY NEWS & COMMENTARY

LinkedIn Addresses User Data Collection for AI Training

The company announced an update to its privacy policy, acknowledging it is using customer data to train its AI models.

Citrine Sleet Poisons PyPI Packages With Mac & Linux Malware

A North Korean advanced persistent threat (APT) actor (aka Gleaming Pisces) tried to sneak simple backdoors into public software packages.

Ivanti's Cloud Service Appliance Attacked via Second Vuln

The critical bug, CVE-2024-8963, can be used in conjunction with the prior known flaw to achieve remote code execution (RCE).

Zero-Click MediaTek Bug Opens Phones, Wi-Fi to Takeover

Critical-rated CVE-2024-20017 allows remote code execution (RCE) on a range of phones and Wi-Fi access points from a variety of OEMs.

China's 'Earth Baxia' Spies Exploit Geoserver to Target APAC Orgs

The APT group uses spear-phishing and a vulnerability in a geospatial data-sharing server to compromise organizations in Taiwan, Japan, the Philippines, and South Korea.

GenAI in Cybersecurity: Insights Beyond the Verizon DBIR

The lack of abundant data on AI-enabled attacks in official reports shouldn't prevent us from preparing for and mitigating potential future threats.

(Sponsored Article) Defending Nations: 3 Strategic Shifts to Evolve Government Cyber Defense

To safeguard national security, governments must evolve in three areas to protect against a constantly evolving threat landscape.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
GitLab Warns of Max Severity Authentication Bypass Bug Company urges organizations using self-hosting GitLab instances to apply updates for CVE-2024-45409 as soon as possible. 1 PoC Exploit for Critical RCE Flaw, but 2 Patches From Veeam The first patch lets threat actors with low-level credentials still exploit the vulnerability, while the second fully resolves the flaw. An AI-Driven Approach to Risk-Scoring Systems in Cybersecurity By enhancing threat detection, enabling real-time risk assessment, and providing predictive insights, AI is empowering organizations to build more robust defenses against cyber threats. How Shifts in Cyber Insurance Are Affecting the Security Landscape Ultimately, the goal of businesses and cyber insurers alike is to build more resilient IT environments to avoid cyberattacks and the ransom, downtime, and reputation hit that come along with them. MORE

PRODUCTS & RELEASES

Abstract Security Expands Multi-Cloud Security Operations

CrowdStrike Expands Cybersecurity Startup Accelerator With AWS and NVIDIA

c/side Lands $6M to Combat Rising Browser Supply Chain Attacks

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Vice Society Pivots to Inc Ransomware in Healthcare Attack

Inc ransomware — one of the most popular among cybercriminals today — meets healthcare, the industry sector most targeted by RaaS.

LATEST FROM THE EDGE

Coalition for Secure AI Promotes Safe, Ethical AI Development

The Coalition for Secure AI (CoSAI) has expanded its roster of members with the addition of threat intelligence management, collaboration, and response orchestration vendor Cyware.

LATEST FROM DR TECHNOLOGY

Mastercard's Recorded Future Deal Furthers Its AI Security Goals

Mastercard's $2.65 billion deal to acquire the threat intelligence provider will boost the credit-card company's AI-based cybersecurity protection capabilities.

LATEST FROM DR GLOBAL

Phishing Espionage Attack Targets US-Taiwan Defense Conference

Hackers sent a convincing lure document, but after 20 years of similar attacks, the target organization was well prepared.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>