Threat actor "Velvet Ant" has been exploiting a vulnerability in Cisco's NX-OS Software for managing a variety of switches, executing commands and dropping custom malware.
Follow Dark Reading:
 July 03, 2024
LATEST SECURITY NEWS & COMMENTARY
Patch Now: Cisco Zero-Day Under Fire From Chinese APT
Threat actor "Velvet Ant" has been exploiting a vulnerability in Cisco's NX-OS Software for managing a variety of switches, executing commands and dropping custom malware.
Passkey Redaction Attacks Subvert GitHub, Microsoft Authentication
Adversary-in-the-middle attacks can strip out the passkey option from login pages that users see, leaving targets with only authentication choices that force them to give up credentials.
Fintech Frenzy: Affirm & Others Emerge as Victims in Evolve Breach
A ransomware attack has become a supply chain issue, thanks to the victim's partnerships with other financial services companies.
PTC License Server Bug Needs Immediate Patch Against Critical Flaw
Creo Elements/Direct License Servers, which enable industrial design and modeling software, are exposed to the Internet, leaving critical infrastructure vulnerable to remote code execution.
Stress-Testing Our Security Assumptions in a World of New & Novel Risks
Categorizing and stress-testing fundamental assumptions is a necessary exercise for any leader interested in ensuring long-term security and resilience in the face of an uncertain future.
Cyber Workforce Numbers Rise for Larger Organizations
Some organizations are also reaching record-high levels of cyber maturity, at 80% to 90%.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Dark Reading Confidential: Meet the Ransomware Negotiators
Episode 2: Incident response experts-turned-ransomware negotiators Ed Dubrovsky, COO and managing partner of CYPFER, and Joe Tarraf, chief delivery officer of Surefire Cyber, explain how they interact with cyber threat actors who hold victim organizations' systems and data for ransom. Among their fascinating stories: how they negotiated with cybercriminals to restore operations in a hospital NICU where lives were at stake, and how they helped a church, where the attackers themselves "got a little religion."

Prudential Data Breach Victim Count Soars to 2.5M
The company seemingly underestimated the severity of the breach after originally providing a head count of roughly 36,000 impacted individuals.

Thinking About Security, Fast & Slow
To be effective, managing risk demands both fast responses and strategic thinking.

'RegreSSHion' Bug Threatens Takeover of Millions of Linux Systems
The high-severity CVE-2024-6387 in OpenSSH is a reintroduction of a 2006 flaw, and it allows unauthenticated RCE as root.

MORE
PRODUCTS & RELEASES
Odaseva Raises $54M Series C Round to Expand Product Offerings and Continue Category Leadership
Interlock Launches ThreatSlayer Web3 Security Extension and Incentivized Crowdsourced Internet Security Community
Implementing Zero Trust and Mitigating Risk: ISC2 Courses to Support Your Development
MORE PRODUCTS & RELEASES
EDITORS' CHOICE
Apple CocoaPods Bugs Expose Millions of Apps to Code Injection
Critical dependency manager supply chain vulnerabilities have exposed millions and millions of devices to arbitrary malware for the better part of decade.
LATEST FROM THE EDGE

What Cybersecurity Defense Looks Like for School Districts
Dark Reading chats with Johnathan Kim, director of technology at the Woodland Hills School District in North Braddock, Penn., about why cybercriminals target schools — and what they can do about it.
LATEST FROM DR TECHNOLOGY

3 Ways to Chill Attacks on Snowflake
Multifactor authentication is a good first step, but businesses should look to collect and analyze data to hunt for threats, manage identities more closely, and limit the impact of attacks.
LATEST FROM DR GLOBAL

South Africa National Healthcare Lab Still Reeling From Ransomware Attack
The cyberattack disrupted national laboratory services, which could slow response to disease outbreaks such as mpox, experts warn.
WEBINARS
  • Search Capabilities with PostgreSQL: From Standard to Semantic

    In the digital age, the ability to sift through vast amounts of text data efficiently and effectively is crucial. PostgreSQL, a robust open-source relational database, offers various search functionalities that cater to multiple needs, from simple pattern matching to linguistic ...

  • Generative AI: Use Cases and Risks in 2024

    This webinar reviews use cases and risks in the leading generative AI applications and models, including market favorites ChatGPT, DALL-E 2, and AutoGPT.
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2024  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us