Organizations running Linux distributions need to prepare to defend their systems against ransomware attacks. Steps to ensure resiliency and basics such as access control reduce major disruptions.
Follow Dark Reading:
 July 20, 2023
LATEST SECURITY NEWS & COMMENTARY
Linux Ransomware Poses Significant Threat to Critical Infrastructure
Organizations running Linux distributions need to prepare to defend their systems against ransomware attacks. Steps to ensure resiliency and basics such as access control reduce major disruptions.
Rogue Azure AD Guests Can Steal Data via Power Apps
A few default guest setting manipulations in Azure AD and over-promiscuous low-code app developer connections can upend data protections.
Attackers Exploit Citrix Zero-Day Bug to Pwn NetScaler ADC, Gateway
Citrix is urging organizations to immediately patch the unauthenticated RCE vulnerability.
Microsoft Relents, Offers Free Critical Logging to All 365 Customers
Industry pushback prompts Microsoft to drop premium pricing for access to cloud logging data.
Google Cloud Build Flaw Enables Privilege Escalation, Code Tampering
Google's fix to the Bad.Build flaw only partially addresses the issue, say security researchers who discovered it.
WormGPT Cybercrime Tool Heralds an Era of AI Malware vs. AI Defenses
A black-hat alternative to GPT models specifically designed for malicious activities like BEC, malware, and phishing attacks is here, and will push organizations to level up with generative AI themselves.
China's APT41 Linked to WyrmSpy, DragonEgg Mobile Spyware
Nation-states see the opportunity in targeting people directly through their mobile phones, in this case with sophisticated Android surveillanceware.
Microsoft 'Logging Tax' Hinders Incident Response, Experts Warn
A recent email compromise by Chinese APT group Storm-0558 highlights a lack of access to security logging by many Microsoft 365 license holders, prompting calls from researchers to abolish it.
Pernicious Rootkits Pose Growing Blight On Threat Landscape
Attackers show renewed relentlessness in exploiting OS vulnerabilities that also circumvent defense and detection measures.
Hacker Infected & Foiled by Own Infostealer
A prolific threat actor has been operating on Russian-language forums since 2020, but then he accidentally infected his own computer and sold off its contents to threat researchers.
11M HCA Healthcare Patients Impacted by Data Breach
The hackers posted up for sale stolen HCA Healthcare data on Dark Web forum.
If George Washington Had a TikTok, What Would His Password Be?
Artificial intelligence can be tricked into making password-based authentication even weaker.
Name That Toon: Shark Sighting
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Reducing Security Debt in the Cloud
Security debt exists in on-premises data centers as well as in cloud platforms — but preventing it from accumulating in the cloud requires different skills, processes, and tools.

Electrical Grid Stability Relies on Balancing Digital Substation Security
Because digital substations are critical elements of electrical systems, they are a prime target for sophisticated cyberattacks.

3 Ways AI Could Improve Authentication
As companies navigate how to protect themselves from the onslaught of increasingly sophisticated fraud threats, artificial intelligence will be a critical piece of next-gen authentication.

MORE
EDITORS' CHOICE
5 Major Takeaways From Microsoft's July Patch Tuesday
July's updates contained 100+ patches and security policy notes, leaving vulnerability management teams stressed and scrambling to prioritize. We're here to help find some zen.
LATEST FROM DR TECHNOLOGY

Black Hat Offers Pen-Testing Certification Exam
The new independent exam track at Black Hat USA will feature an opportunity for attendees to take a practical exam to be certified in penetration testing.
LATEST FROM THE EDGE

How Hackers Can Hijack a Satellite
We rely on them for communications, military activity, and everyday tasks. How long before attackers really start to look up at the stars?
LATEST FROM DR GLOBAL

Study: Africa Cybersecurity Improves but Lacks Cross-Border Frameworks
While cybersecurity preparedness in Africa is on the upswing, the continent still lacks agreements on international security standards and sharing threat intel.
WEBINARS
  • Where and When Automation Makes Sense For Enterprise Cybersecurity

    A shortage of skilled IT security professionals has made it tempting to try to automate everything. But security teams have to be able to determine which tasks are safe to automate. How does emerging automation technology work, and how can ...

  • Finding a Backup Strategy That Works For You

    You've been hit with a ransomware, DDoS, natural disaster, or destructive cyberattack. One of the first questions: can we get our data back? Good back-ups are key to business continuity and disaster recovery, but backing up your data in preparation ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
KnowBe4 Partners With Egress to Enhance Organizations' Inbound and Outbound Email Security Defenses
HyperSense Fraud Management Now Available on Google Cloud
Netcraft Secures First Funding With Over $100M From Spectrum Equity
Checkmarx Announces CheckAI Plugin for ChatGPT to Detect and Prevent Attacks Against ChatGPT-Generated Code
Netskope Launches Managed Service Provider Program
Cloud Range Appoints Cybersecurity Leader Galina Antova to Board of Directors
Graylog Acquires Resurface.io's API Security Solution
MORE PRODUCTS & RELEASES
CURRENT ISSUE

How to Use Threat Intelligence to Mitigate Third-Party Risk
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us