The LockBit group is using native IT management software to live off the land, planting and then spreading itself before deploying its ransomware.
Follow Dark Reading:
 September 21, 2023
LATEST SECURITY NEWS & COMMENTARY
LockBit Is Using RMMs to Spread Its Ransomware
The LockBit group is using native IT management software to live off the land, planting and then spreading itself before deploying its ransomware.
Okta Agent Involved in MGM Resorts Breach, Attackers Claim
ALPHV/BlackCat ransomware operators have used their leak site to "set the record straight" about the MGM Resorts cyberattack. Meanwhile, more attacks abusing Okta could be likely.
'Scattered Spider' Behind MGM Cyberattack, Targets Casinos
The ransomware group is a collection of young adults who also recently breached Caesars Entertainment and made a ransom score in the tens of millions.
FBI, CISA Issue Joint Warning on 'Snatch' Ransomware-as-a-Service
The group's use of malware that forces Windows computers to reboot into Safe Mode before encrypting files is noteworthy, advisory says.
China-Linked Actor Taps Linux Backdoor in Forceful Espionage Campaign
"SprySOCKS" melds features from multiple previously known badware and adds to the threat actor's growing malware arsenal, Trend Micro says.
Microsoft Azure Data Leak Exposes Dangers of File-Sharing Links
Shared Access Signature (SAS) link exposed a storage bucket with 38TB of private data, including passwords, Teams messages, and the backups of two Microsoft AI research employees' workstations.
Trend Micro Patches Zero-Day Endpoint Vulnerability
The critical vulnerability involves uninstalling third-party security products and has been used in cyberattacks.
How to Transform Security Awareness Into Security Culture
Leverage the human layer as a crucial cog in building cyber resilience within the organization.
How to Get Your Board on Board With Cybersecurity
CISOs can refine their soft skills to help get their cybersecurity best-practices message across. Steps include increasing staff incident-response training and staying current with the threat landscape.
Cybersecurity and Compliance in the Age of AI
It takes a diverse village of experts to enact effective cybersecurity guidelines, practices, and processes.
Name That Toon: Somewhere in Sleepy Hollow
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
Changing Role of the CISO: A Holistic Approach Drives the Future
The CISO's role has grown far beyond supervising Patch Tuesday to focus on prevention and response and to cover people, processes, and technology.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
How to Mitigate Cybersecurity Risks From Misguided Trust
Trust is the crucial bridge between security and people, but excessive or misguided trust can pose serious security risks.

How Choosing Authentication Is a Business-Critical Decision
MFA may go a long way in improving password security, but it's not foolproof.

Engineering-Grade OT Protection
The worst-case consequences of cyberattacks are sharply, qualitatively different on IT versus OT networks.

MORE
EDITORS' CHOICE
MGM, Caesars Face Regulatory, Legal Maze After Cyber Incidents
MGM and Caesars are putting new SEC incident disclosure regulations to a real-world test in the aftermath of twin cyberattacks on the casinos, as class-action lawsuits loom.
LATEST FROM THE EDGE

Will Generative AI Kill the Nigerian Prince Scam?
A linguist analyzes whether GPT will improve the notoriously agrammatical scam — or finally render it a thing of the past.
LATEST FROM DR TECHNOLOGY

Companies Explore Ways to Safeguard Data in the Age of LLMs
Generative AI models are forcing companies to become creative about how they keep employees from giving away sensitive data.
LATEST FROM DR GLOBAL

'ShroudedSnooper' Backdoors Use Ultra-Stealth in Mideast Telecom Attacks
The threat cluster hasn't been seen before, but its custom Windows server backdoors have researchers intrigued thanks to their extremely effective stealth mechanisms.
WEBINARS
  • Using AI in Application Security Tooling

    As AI continues to improve, security vendors are considering how they can use AI to protect applications. In web application and API security tooling used to protect production environments, AI/ML can be used to enhance and complement existing tactics ...

  • The Evolution of the Vulnerability Landscape in 2023

    While this summer has been jokingly called "zero-day summer" by some, 2023 fits Mandiant observations that zero-day exploitation has been trending upward for the last few years. As shown in our zero-day trends blog post, Mandiant tracked 55 zero-day vulnerabilities that we ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Omdia Research Finds Risk-Based Vulnerability Management Set to Encompass the Vulnerability Management Market by 2027
OneLayer Expands Its Private Cellular Network Security Solutions to Operations and Asset Management
Dig Security Enhances DSPM Platform to Secure Enterprise Data in On-Prem, File-Share Environments
83% of IT Security Professionals Say Burnout Causes Data Breaches
Bishop Fox Expands Leadership With First CISO and CTO
Niagara Networks and Scope Middle East Announce Strategic VAD Partnership
MORE PRODUCTS & RELEASES
CURRENT ISSUE

Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us