Dark Reading Daily -- August 22, 2024

A server-side request forgery (SSRF) bug in Microsoft's tool for creating custom AI chatbots potentially exposed info across multiple tenants within cloud environments.

LATEST SECURITY NEWS & COMMENTARY

Microsoft Copilot Studio Exploit Leaks Sensitive Cloud Data

A server-side request forgery (SSRF) bug in Microsoft's tool for creating custom AI chatbots potentially exposed info across multiple tenants within cloud environments.

'Styx Stealer' Blows Its Own Cover With Sloppy OpSec Mistake

An individual in Turkey is behind a new information stealer that researchers have recently observed in multiple attacks.

Deadbeat Dad Hacks State Registry to Fake His Own Death

A Kentucky man used stolen doctor credentials to fake his own death certificate to avoid paying a six-figure child support debt.

Taiwan University Under Fire From Unique DLL Backdoor

It's unclear who the "Msupedge" threat actors were or what the motive for the attack was.

Critical Thinking AI in Cybersecurity: A Stretch or a Possibility?

It might still sound far-fetched to say AI can develop critical thinking skills and help us make decisions in the cybersecurity industry. But we're not far off.

(Sponsored Article) Aligning Breaches With MITRE ATT&CK Threat Model

Mapping attacks to the MITRE matrix helps security professionals fine-tune their security roadmaps and better understand where to apply resources

MORE NEWS / MORE COMMENTARY


HOT TOPICS
Every Google Pixel Phone Has a Verizon App that Doubles As a Backdoor What is a Verizon Wireless demo store app doing on non-Verizon phones, and why is it a vehicle to an attacker? Name That Toon: Security Games Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. Human Nature Is Causing Our Cybersecurity Problem By moving beyond guidelines and enforcing accountability, encouraging innovation, and prioritizing the safety and well-being of our communities in the digital age, we can build a more secure software future. National Public Data Confirms Massive Breach Cyber incidents like this highlight the need for tougher action on companies that fail to adequately protect consumer data. MORE

PRODUCTS & RELEASES

Malicious Links, AI-Enabled Tools, and Attacks on SMBs Among Top Cybersecurity Threats in H1 Mimecast Global Threat Intelligence Report

IBM SkillsBuild Cybersecurity and Data Analytics Certificates to be Deployed in Community College Systems

New ISAGCA Report Explores Zero-Trust Outcomes in OT Cybersecurity

Mimecast Announces Acquisition of Aware, Doubles Down on AI-Powered Human Risk Management Capabilities

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Azure Kubernetes Bug Lays Open Cluster Secrets

Vulnerability gave attackers with access to a pod a way to obtain credentials and other secrets.

LATEST FROM THE EDGE

The Silver Bullet of MFA Was Never Enough

There is no such thing as a silver bullet in cybersecurity. No, not even multifactor authentication.

LATEST FROM DR TECHNOLOGY

Gartner Spotlights AI, Security in 2024 Hype Cycle for Emerging Tech

The technologies listed in Gartner's 2024 Hype Cycle for Emerging Technologies fall into four key areas: autonomous AI, developer productivity, total experience, and human-centric security and privacy programs.

LATEST FROM DR GLOBAL

Chinese Threat Actors Use MSI Files to Bypass Windows, VT Detection

Analysts have been picking up increased cases of malware delivery via Windows Installer files in Southeast Asia.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>