The previously unknown malware (aka Hidden Shovel) is a ghost in the machine: It silently attacks kernel drivers to shut down security defense systems and thus evade detection.
Follow Dark Reading:
 May 23, 2024
LATEST SECURITY NEWS & COMMENTARY
Novel EDR-Killing 'GhostEngine' Malware Is Built for Stealth
The previously unknown malware (aka Hidden Shovel) is a ghost in the machine: It silently attacks kernel drivers to shut down security defense systems and thus evade detection.

YouTube Becomes Latest Battlefront for Phishing, Deepfakes
Personalized phishing emails with fake collaboration opportunities and compromised video descriptions linking to malware are just some of the new tricks.
The Fall of the National Vulnerability Database
Since its inception, three key factors have affected the NVD's ability to classify security concerns — and what we're experiencing now is the result.
Iran APTs Tag Team Espionage, Wiper Attacks Against Israel & Albania
Scarred Manticore is the smart, sophisticated one. But when Iran needs something destroyed, it hands the keys over to Void Manticore.

Critical Netflix Genie Bug Opens Big Data Orchestration to RCE
The severe security vulnerability (CVE-2024-4701, CVSS 9.9) gives remote attackers a way to burrow into Netflix's Genie open source platform, which is a treasure trove of information and connections to other internal services.
Microsoft Has Yet to Patch 7 Pwn2Own Zero-Days
A number of serious Windows bugs still haven't made their way into criminal circles, but that won't remain the case forever — and time is running short before ZDI releases exploit details.
US AI Experts Targeted in SugarGh0st RAT Campaign
Researchers believe the attacker is likely China-affiliated, since a previous version of the malware was used by a China nation-state attack group.
400K Linux Servers Recruited by Resurrected Ebury Botnet
Cryptocurrency theft and financial fraud are the new M.O. of the 15-year-old malware operation that has hit organizations around the globe.
Google Pitches Workspace as Microsoft Email Alternative, Citing CSRB Report
The new Secure Alternative Program from Google aims to entice customers away from Exchange Online and break Microsoft's dominance in the enterprise.
Name That Toon: Buzz Kill
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
Trends at the 2024 RSA Startup Competition
Startups at Innovation Sandbox 2024 brought clarity to artificial intelligence, protecting data from AI, and accomplishing novel security solutions with new models.
Preparing Your Organization for Upcoming Cybersecurity Deadlines
Federal and state regulators have introduced new rules and mandates aimed at holding organizations accountable when it comes to cybersecurity. Here's how to get ready.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Whose Data Is It Anyway? Equitable Access in Cybersecurity
Cybersecurity cannot be solely about defending against threats; it must also empower organizations with their data.

Can Cybersecurity Be a Unifying Factor in Digital Trade Negotiations?
As we face continued headwinds on provisions like data flows and e-customs duties, further progress is both needed and achievable in digital trade policy.

What American Enterprises Can Learn From Europe's GDPR Mistakes
As the US braces for a data privacy overhaul, companies need to update data practices, train staff, and ensuring compliance from the outset to avoid Europe's costly missteps.
MORE
PRODUCTS & RELEASES
NRECA Receives $4M in DOE Funding to Boost Electric Co-op Cybersecurity Preparedness
ZeroRisk Cybersecurity Expands Global Presence With US Launch
Data Breach Response Provider, CyEx, Acquires Settlement Administrator, Simpluris Inc.
MORE PRODUCTS & RELEASES
EDITORS' CHOICE
Critical Bug Allows DoS, RCE, Data Leaks in All Major Cloud Platforms
An on-by-default endpoint in ubiquitous logging service Fluent Bit contains an oversight that hackers can toy with to rattle most any cloud environment.
LATEST FROM THE EDGE

Transforming CISOs Into Storytellers
Faced with chilling new SEC rules, chief information security officers are learning soft skills to help them better communicate cybersecurity concerns with the C-suite.
LATEST FROM DR TECHNOLOGY

Picking the Right Database Tech for Cybersecurity Defense
Graph and streaming databases are helping defenders deal with complex, real-time threat and cybersecurity data to find weak points before attackers.
LATEST FROM DR GLOBAL

Chinese 'ORB' Networks Conceal APTs, Render Static IoCs Irrelevant
Mandiant warns that defenders must rethink how to thwart Chinese cyber-espionage groups now using professional "infrastructure-as-a-service" operational relay box networks of virtual private servers as well as hijacked smart devices and routers.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2024  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us