China's Storm-0558 accessed user emails at some 25 enterprise organizations earlier this year using forged tokens.
Follow Dark Reading:
 September 08, 2023
LATEST SECURITY NEWS & COMMENTARY
Microsoft ID Security Gaps That Let Threat Actor Steal Signing Key
China's Storm-0558 accessed user emails at some 25 enterprise organizations earlier this year using forged tokens.
NFL Security Chief: Generative AI Threats a Concern as New Season Kicks Off
Deepfake videos and audio of NFL players and phishing communications via ChatGPT-like tools are a worry, the NFL's CISO says.
North Korean Hackers Target Security Researchers — Again
This time, they're creating elaborate impostor profiles and using a fresh zero-day and a fake Windows tool to lure in the suspecting.
Peril vs. Promise: Companies, Developers Worry Over Generative AI Risk
Executives and developers believe AI can help businesses thrive, but worry that reliance on generative AI brings significant risks.
Weaponized Windows Installers Target Graphic Designers in Crypto Heist
Attackers use legitimate Windows installer to hide malicious scripts that install a backdoor and miners that leverage victims' graphics processing power.
How New SEC Rules Can Benefit Cybersecurity Teams
Securities and Exchange Commission rules elevate cybersecurity to a critical strategic concern and compel businesses to prioritize cyber resilience.
Does Generative AI Comply With Asimov's 3 Laws of Robotics?
Putting the top 10 generative AI tools to the ethical test reveals more about humanity than artificial intelligence.
Apple Hit By 2 No-Click Zero-Days in Blastpass Exploit Chain
Researchers at Citizen Lab recommend immediately updating any iPhones and iPads to the latest OSes.
(Sponsored Article) Malware Unleashed: Public Sector Hit in Sudden Surge, Reveals New Research
Report unmasks recent cybersecurity challenges for governments, healthcare, financial services, and vital infrastructure.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
W3LL Gang Compromises Thousands of Microsoft 365 Accounts
A secretive phishing cabal boasts a sophisticated affiliate network and a modular, custom toolset that's claiming victims on three continents.

Researchers Discover Critical Vulnerability in PHPFusion CMS
No patch is available yet for the bug, which can enable remote code execution under the correct circumstances.

Securing Your Legacy: Identities, Data, and Processes
Legacy systems of all kinds pose significant cybersecurity risks. Here's how to mitigate them.

MORE
EDITORS' CHOICE
AtlasVPN Linux Zero-Day Disconnects Users, Reveals IP Addresses
All it takes is a simple copy-paste to undo a VPN service used by millions worldwide.
LATEST FROM THE EDGE

Software Supply Chain Strategies to Parry Dependency Confusion Attacks
Bad actors practice to deceive package managers with a tangled web of methods. Here's how to hoist them by their own petard.
LATEST FROM DR TECHNOLOGY

Thoma Bravo's 'Practical' Decision to Merge ForgeRock Into Ping Identity
The private equity from has invested billions of dollars in identity and access management (IAM) but now it’s on Ping founder and CEO Andre Durand and his team to rationalize overlapping product lines.
LATEST FROM DR GLOBAL

Rwanda Launches Smart-City Investment Program
The ambitious move by the nation also comes with cybersecurity risks.
WEBINARS
  • The Evolution of the Vulnerability Landscape in 2023

    While this summer has been jokingly called "zero-day summer" by some, 2023 fits Mandiant observations that zero-day exploitation has been trending upward for the last few years. As shown in our zero-day trends blog post, Mandiant tracked 55 zero-day vulnerabilities that we ...

  • Passwords Are Passe: Next Gen Authentication for Today's Threats

    Cyber experts agree: end-user authentication needs more than the simple password. But what are the right tools and strategies for authentication in your organization? What does the world of passwordless look like for your organization? In this webinar, experts offer ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
CybeReady Provides Cybersecurity Awareness Month Kits As CISOs Defend Against AI Driven Attacks
IBM Addresses Data Incident for Janssen CarePath Database
IBM Expands Cloud Security and Compliance Center
Tuya Smart and Amazon Web Services Collaborate to Establish an IoT Security Lab
MORE PRODUCTS & RELEASES
CURRENT ISSUE

The Secrets of Successful SecOps Data Analytics
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us