Kim Jong Un's Swiss Army knife APT continues to spread its tendrils around the world, showing it's not intimidated by the researchers closing in.
Follow Dark Reading:
 April 24, 2023
LATEST SECURITY NEWS & COMMENTARY
North Korea's Kimsuky APT Keeps Growing, Despite Public Outing
Kim Jong Un's Swiss Army knife APT continues to spread its tendrils around the world, showing it's not intimidated by the researchers closing in.
'EvilExtractor' All-in-One Stealer Campaign Targets Windows User Data
An uptick in EvilExtractor activity aims to compromise endpoints to steal browser from targets across Europe and the US, researchers say.
Shields Health Breach Exposes 2.3M Users' Data
The medical imaging firm's systems were compromised by a threat actor, exposing patients' driver's licenses and other identifying information.
The Tangled Web of IR Strategies
Attackers have their methods timed to the second, and they know they have to get in, do their damage, and get out quickly. CISOs today must detect and block in even less time.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Researchers Discover First-Ever Major Ransomware Targeting macOS
In targeting Apple users, LockBit is going where no major ransomware gang has gone before. But it's a warning shot, and Mac users need not worry yet.

Expert Insight: Dangers of Using Large Language Models Before They Are Baked
Today's LLMs pose too many trust and security risks.

GPT-4 Provides Improved Answers While Posing New Questions
As is typical with emerging technologies, both innovators and regulators struggle with developments in generative AI, much less the rules that should govern its use.

3CX Supply Chain Attack Tied to Financial Trading App Breach
Mandiant found that North Korea's UNC4736 gained initial access on 3CX's network when an employee downloaded a weaponized but legitimately-signed app from Trading Technologies.

Global Spyware Attacks Spotted Against Both New & Old iPhones
Campaigns that wielded NSO Group's Pegasus against high-risk users over a six-month period demonstrate the growing sophistication and relentless nature of spyware actors.

MORE
EDITORS' CHOICE
'GhostToken' Opens Google Accounts to Permanent Infection
A bug in how Google Cloud Platform handles OAuth tokens opened the door to Trojan apps that could access anything in users' personal or business Google Drives, Photos, Gmail, and more.
LATEST FROM THE EDGE

Shadow IT, SaaS Pose Security Liability for Enterprises
Software written or acquired outside of IT's purview is software that IT can't evaluate for security or compliance.
LATEST FROM DR TECHNOLOGY

Intel Prioritizes Security in Latest vPro Chips
While Intel is building more hardware protections directly into the chips, enterprises still need a strategy for applying security updates on these components.
WEBINARS
  • Why Threat Modeling Is Critical for Enterprise Cyber Defense

    As enterprises deal with multiple threats coming in different forms, security teams are shifting to a risk-based security to handle these challenges. One of the key tools is threat modeling, a process intended to help identify potential weaknesses and prioritize ...

  • What's "CNAPP-ening"? Bring Your Cloud Security into Focus!

    What's CNAPP-ening is your organization is churning out code every day to make your business more money, but traditional security approaches fail to provide adequate controls for cloud-native applications. Modernize your perspective by embracing an application-centric view of security in ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
  • Successfully Managing Identity in Modern Cloud and Hybrid Environments

    Cloud promised to simplify the security and management of enterprise systems. In many ways it has, but when it comes to identity management it's as complicated as ever. This report details how to get identity programs on track -- and ...

  • The 10 Most Impactful Types of Vulnerabilities for Enterprises Today

    The enterprise attack surface is constantly expanding. Enterprises have to think beyond zero day vulnerabilities. It's imperative security teams start looking at vulnerabilities in 5G, firmware, edge, and ICS/OT, among others. Managing system vulnerabilities is one of the old ...

  • The Promise and Reality of Cloud Security

    Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ...
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Infoblox Uncovers DNS Malware Toolkit & Urges Companies to Block Malicious Domains
Red Canary Announces Readiness
Bitsight Expands into Integrated Cyber-Risk Management
CrowdStrike Announces Managed XDR to Close the Cybersecurity Skills Gap, Expands MDR Portfolio
Coro Raises an Additional $75M Bringing the Total Raised to $155M in 12 Months
MORE PRODUCTS & RELEASES
MORE PRODUCTS & RELEASES
CURRENT ISSUE

The 10 Most Impactful Types of Vulnerabilities for Enterprises Today
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023   |   Informa Tech  |   Privacy Statement   |   Terms & Conditions  |  Contact Us