Dark Reading Daily -- June 20, 2024

The service, likely a rebrand of a previous operation called "Caffeine," mainly targets financial institutions in the Americas and EMEA and uses malicious QR codes and other advanced evasion tactics.

LATEST SECURITY NEWS & COMMENTARY

'ONNX' MFA Bypass Targets Microsoft 365 Accounts

The service, likely a rebrand of a previous operation called "Caffeine," mainly targets financial institutions in the Americas and EMEA and uses malicious QR codes and other advanced evasion tactics.

Hackers Derail Amtrak Guest Rewards Accounts in Breach

The US passenger rail giant said attackers used previously compromised credentials to crack accounts and access a freight train of personal data.

France Seeks to Protect National Interests With Bid for Atos Cybersec

By offering to buy Atos' big data and cybersecurity operations. Paris is trying to make sure key technologies do not fall under foreign control.

Scattered Spider Pivots to SaaS Application Attacks

Microsoft last year described the threat actor — known as UNC3944, Scattered Spider, Scatter Swine, Octo Tempest, and 0ktapus — as one of the most dangerous current adversaries.

Cut & Paste Tactics Import Malware to Unwitting Victims

"ClearFake" and "ClickFix" attackers are tricking people into cutting and pasting malicious PowerShell scripts to infect their own machines with RATs and infostealers.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
Emojis Control the Malware in Discord Spy Campaign Pakistani hackers are spying (▀̿Ĺ̯▀̿ ̿) on the highly sensitive organizations in India by using emojis (Ծ_Ծ) as malicious commands (⚆ᗝ⚆) and the old Dirty Pipe Linux flaw. The Software Licensing Disease Infecting Our Nation's Cybersecurity Forcing Microsoft to compete fairly is the most important next step in building a better defense against foreign actors. Addressing Misinformation in Critical Infrastructure Security As the lines between the physical and digital realms blur, widespread understanding of cyber threats to critical infrastructure is of paramount importance. Name That Toon: Future Shock Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. Blackbaud Fined $6.75M After 2020 Ransomware Attack Threat actors were able to breach Blackbaud's systems and compromise sensitive data, largely because of the company's poor cybersecurity practices and lack of encrypted data, the AG said. MORE

PRODUCTS & RELEASES

DataBee Launches Innovations for Enhanced Threat Monitoring and Zero Trust Implementation

KnowBe4 Launches PhishER Plus Threat Intel Feature

Aim Security Closes $18M Series A to Secure Generative AI Enterprise Adoption

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Critical VMware Bugs Open Swaths of VMs to RCE, Data Theft

A trio of bugs could allow hackers to escalate privileges and remotely execute code on virtual machines deployed across cloud environments.

LATEST FROM THE EDGE

MITRE: US Government Needs to Focus on Critical Infrastructure

With the presidential election this year and an increase in cyberattacks and conflicts around the world, MITRE has outlined four important areas the incoming administration should focus on next year.

LATEST FROM DR TECHNOLOGY

Inside Baseball: The Red Sox Cloud Security Game

Inside the baseball team's strategy for building next-gen security operations through zero trust and initiatives aiming to safeguard team data, fan info, and the iconic Fenway Park — which, by the way, is now a smart stadium.

LATEST FROM DR GLOBAL

Singapore Extradites Suspected Cybercrime Scammers from Malaysia

Cops decimate cybercrime infrastructure used to steal data from nearly 2,000 people in Singapore last year.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>