Dark Reading Daily -- January 14, 2025

According to the tech giant, it has observed a threat group seeking out vulnerable customer accounts using generative AI, then creating tools to abuse these services.

LATEST SECURITY NEWS & COMMENTARY

Microsoft Cracks Down on Malicious Copilot AI Use

According to the tech giant, it has observed a threat group seeking out vulnerable customer accounts using generative AI, then creating tools to abuse these services.

Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results

Threat actors are targeting people searching for pirated or cracked software with fake downloaders that include infostealing malware such as Lumma and Vidar.

Cloud Attackers Exploit Max-Critical Aviatrix RCE Flaw

The security vulnerability tracked as CVE-2024-50603, which rates 10 out of 10 on the CVSS scale, enables unauthenticated remote code execution on affected systems, which cyberattackers are using to plant malware.

Telefonica Breach Exposes Jira Tickets, Customer Data

The Hellcat ransomware group has stolen roughly 5,000 documents, potentially containing confidential information, from the telecom giant's internal database.

The Shifting Landscape of Open Source Security

By focusing on vigilant security practices, responsible AI deployment, and alignment with global regulatory standards, the OSS community can make 2025 a transformative year for security.

(Sponsored Article) 5 Reasons It's Time to Unify Your Tool Set

Security operations platforms claim they can resolve challenges of efficiency and siloed security. Is it time for to consider making the switch?

MORE NEWS / MORE COMMENTARY


HOT TOPICS
Fake CrowdStrike 'Job Interviews' Become Latest Hacker Tactic Cybercriminals are luring victims into downloading the XMRig cryptomining malware via convincing emails, inviting them to schedule fake interviews using a malicious link. Threat Actors Exploit a Critical Ivanti RCE Bug, Again New year, same story. Despite Ivanti's commitment to secure-by-design principles, threat actors — possibly the same ones as before — are exploiting its edge devices for the nth time. The Path Toward Championing Diversity in Cybersecurity Education To build a truly inclusive and diverse cybersecurity workforce, we need a comprehensive approach beyond recruitment and retention. New AI Challenges Will Test CISOs & Their Teams in 2025 CISOs need to recognize the new threats AI can present — while also embracing AI-powered solutions to stay ahead of those threats. MORE

PRODUCTS & RELEASES

Grupo Bimbo Ventures Announces Investment in NanoLock Security

K2 Secures Navy SeaPort Next Generation Contract

CISA Releases the Cybersecurity Performance Goals Adoption Report

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Banshee 2.0 Malware Steals Apple's Encryption to Hide on Macs

The most recent iteration of the open source infostealer skates by antivirus programs on Macs, using an encryption mechanism stolen from Apple's own antivirus product.

LATEST FROM THE EDGE

Name That Edge Toon: Greetings and Salutations

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card.

LATEST FROM DR TECHNOLOGY

1Password Acquires SaaS Access Management Provider Trelica

The deal will enhance 1Password Extended Access Management offering with capabilities to address challenges around software-as-a-service sprawl and shadow IT.

LATEST FROM DR GLOBAL

Chinese APT Group Is Ransacking Japan's Secrets

Since 2019, MirrorFace has been stealing information from myriad Japanese organizations to gain leverage over Japan in the event of hostilities between the two countries, experts said.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>