Some billion-dollar organizations have already been identified as victims of the prolific ransomware group's latest exploit, amidst ongoing attacks.
Follow Dark Reading:
 June 06, 2023
LATEST SECURITY NEWS & COMMENTARY
Microsoft Links MOVEit Attack to Cl0p as British Airways, BBC Fall
Some billion-dollar organizations have already been identified as victims of the prolific ransomware group's latest exploit, amidst ongoing attacks.
Mass Exploitation of Zero-Day Bug in MOVEit File Transfer Underway
With shades of the GoAnywhere attacks, a cyber threat actor linked to FIN11 is leveraging a bug in the widely used managed file transfer product to steal data from organizations in multiple countries.
ChatGPT Hallucinations Open Developers to Supply Chain Malware Attacks
Attackers could exploit a common AI experience — false recommendations — to spread malicious code via developers that use ChatGPT to create software.
Don't Overlook Twitter's Trove of Threat Intel for Enterprise Cybersecurity
Social media data can provide critical clues to help get ahead of the next cyberattack, experts say.
2.5M Impacted by Enzo Biochem Data Leak After Ransomware Attack
With the leak of information such as Social Security numbers, in addition to other protected information, 600,000 of the nearly 2.5 million affected are at risk for identity theft.
Gigabyte Slams Backdoor Shut With Attack-Killing BIOS Update
A firmware update for hundreds of Gigabyte PC models gets rid of a backdoor capability that could be hijacked by cybercriminals, the company says.
After 'Inception' Attack, New Due Diligence Requirements Are Needed
To stem supply chain attacks, forging a new dynamic of shared cybersecurity hygiene accountability is the right thing to do.
Moonlighter Satellite Offers In-Orbit Target for Space Hackers
Moonlighter, which offers red teams a chance at operational disruption, will be up for pwning at in August, timed with DEF CON.
(Sponsored Article) Top Cyberattacks Revealed in New Threat Intelligence Report
New report provides actionable intelligence about attacks, threat actors, and campaigns.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
PyPI's 2FA Requirements Don't Go Far Enough, Researchers Say
The Python Package Index will require developers to better secure their accounts as cyberattacks ramp up, but protecting the software supply chain will take more than that.

Streamers Ditch Netflix for Dark Web After Password Sharing Ban
Disgruntled users are pursuing offers for "full Netflix access" at steeply discounted rates.

Where SBOMs Stand Today
It's been two years since Executive Order 14028. By using SBOMs as a standard, organizations can manage software risks, protect their reputation, and improve their cybersecurity posture.

MORE
EDITORS' CHOICE
Apple Zero-Days, iMessage Used in 4-Year, Ongoing Spying Effort
Russia's FSB intelligence agency says the zero-click attacks range far beyond Kaspersky, and it has blamed them on the United States' NSA. Those allegations are thus far uncorroborated.
LATEST FROM DR GLOBAL

Undetected Attacks Against Middle East Targets Conducted Since 2020
Targeted attacks against Saudi Arabia and other Middle East nations have been detected with a tool that's been in the wild since 2020.
LATEST FROM THE EDGE

Name That Edge Toon: Spring Chickens
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.
LATEST FROM DR TECHNOLOGY

Rebinding Attacks Persist With Spotty Browser Defenses
DNS rebinding attacks are not often seen in the wild, which is one reason why browser makers have taken a slower approach to adopting the web security standard.
WEBINARS
  • Here's What Zero Trust Really Means

    Credential theft, lateral movement and other cyberattack tricks have foiled perimeter security again and again. We know that the old philosophy of trusting everything and everyone inside a network is no longer sound. The zero-trust model - trust nothing, verify ...

  • Next-Generation Supply Chain Security

    Supply chain attacks are on the rise. Attackers are injecting malicious code into software and hardware components to create backdoors into the organization. As the Kaseya attack demonstrated, compromising a widely used product gives attackers privileged access into corporate networks. ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Red Sift Launches Relevance Detection as GPT-4-Powered Asset Discovery and Classification Solution
Tel Aviv Stock Exchange Selects CardinalOps to Reduce Risk of Breaches Due to Undetected Attacks
Cyversity and United Airlines to Provide Cybersecurity Training Scholarships to Cyversity Members
DNB Strengthens its Network Security Posture and Productivity With Ericsson Security Manager Solution
MORE PRODUCTS & RELEASES
CURRENT ISSUE

Everything You Need to Know About DNS Attacks
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us