The Russian APT behind the SolarWinds attacks exfiltrated data from HPE email accounts last May.
Follow Dark Reading:
 January 26, 2024
LATEST SECURITY NEWS & COMMENTARY
'Midnight Blizzard' Breached HPE Email Months Before Microsoft Hack
The Russian APT behind the SolarWinds attacks exfiltrated data from HPE email accounts last May.
Critical Cisco Unified Communications RCE Bug Allows Root Access
The vulnerability, tracked as CVE-2024-20253, makes enterprise communications infrastructure and customer service call centers sitting ducks for unauthenticated cyberattackers.
Google Kubernetes Clusters Suffer Widespread Exposure to External Attackers
Misunderstanding the permissions of an authentication group in Google Kubernetes Engine (GKE) opens millions of containers to anyone with a Google account.
Pwn2Own 2024: Tesla Hacks, Dozens of Zero-Days in Electrical Vehicles
Hacking teams pick apart electrical vehicles (EVs), exposing them for what they are: safety-critical computers without commensurate security.
Help Wanted From Convicted Cybercriminals
Rather than languishing in jail for their crimes, could former fraudsters turn to legitimate cybersecurity work? African cyber expert's recommendation resurrects that debate.
'CherryLoader' Malware Allows Serious Privilege Execution
A sporty, modular downloader allows hackers to cherry-pick their exploits — in this case, two powerful tools for gaining admin access in a Windows system.
Hackers Blast Violent Gaza Message at a Popular Israeli Movie Theater
A psyop targeting ordinary moviegoers is the latest in a string of similar attacks in the country since Oct. 7.
The CISO Role Undergoes a Major Evolution
Post-SolarWinds, it's no longer enough for chief information security officers to remain compliant and call it a day.
Protecting Children's Data Needs to Be a Priority for All
With rampant K-12 breaches fueling a fraud epidemic, cooperation and resolve are needed for progress.
(Sponsored Article) How to Protect Critical Infrastructure Access
Compliance and cybersecurity insurance force you to address standing privilege risks. Use identity and privilege management to do so.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Fortra Discloses Critical Auth Bypass Vuln in GoAnywhere MFT
PoC exploit code for flaw is publicly available, heightening breach risks for users of the managed file-transfer technology.

ChatGPT Cybercrime Discussions Spike to Nearly 3K Posts on Dark Web
And there were an additional 3,000 comments posted to the Dark Web about the sale of stolen ChatGPT accounts.

Filling the Cybersecurity Talent Gap
Veterans are ideal candidates to close the skills gap and create the industry needed to meet security threats head-on.

Time to Secure Cloud-Native Apps Is Now
While the challenges and risks associated with securing cloud-native environments are significant, with the right security measures and a focus on cybersecurity basics, organizations can effectively secure their cloud-native systems and development pipelines.

MORE
PRODUCTS & RELEASES
Darktrace and Garland Technology Collaborate to Help Businesses Secure Operational Technology Environments
SecurityScorecard Launches MAX
Peters and Braun Introduce Bipartisan Bill to Bolster Government's Cybersecurity Capabilities
MORE PRODUCTS & RELEASES
EDITORS' CHOICE
Atlassian Tightens API After Hacker Scrapes 15M Trello Profiles
The company hasn't taken full responsibility for the incident, even though allowing scraping paves the way for dangerous follow-on attacks.
LATEST FROM THE EDGE

Hook Younger Users With Cybersecurity Education Designed for Them
Security should not be treated as one-size-fits all, and that is doubly true when it comes to security awareness education. Training should be customized by age, learning styles, and preferred media if it is to be effective.
LATEST FROM DR TECHNOLOGY

Airline Gets SASE to Modernize Operations
Cathay, a travel lifestyle brand that includes the Cathay Pacific airline, had a growing cybersecurity problem made worse by its aging technology infrastructure. It solved part of the problem by replacing legacy technology with a modern one that has security built in.
LATEST FROM DR GLOBAL

Abu Dhabi Investment Firm Warns About Scam Efforts
A top financial entity warned that its brand is being used to spread cyber scams, as fraud efforts persist throughout the country.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2024  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us