Dark Reading Daily -- March 14, 2024

Service accounts, API keys, and OAuth tokens are a growing attack vector for cybercriminals looking to penetrate organizations' defenses.

LATEST SECURITY NEWS & COMMENTARY

Patch Now: Kubernetes RCE Flaw Allows Full Takeover of Windows Nodes

Attackers can remotely execute code with system privileges by exploiting a vulnerability in the source code of the open source container management system.

ChatGPT Spills Secrets in Novel PoC Attack

Research is latest in a growing body of work to highlight troubling weaknesses in widely used generative AI tools.

Nissan Oceania Breached; 100K People Affected Down Under

A possible ransomware attack has exposed government and personal data of Australians and New Zealanders, encompassing the carmaker's customers, dealers, and employees.

Heated Seats? Advanced Telematics? Software-Defined Cars Drive Risk

Carmakers are offering all kinds of over-the-air subscriptions and features, many of which benefit the businesses that use them. But this also opens up a wider attack surface for vehicle attackers.

Why You Need to Know Your AI's Ancestry

Securing AI can't wait an hour, let alone a decade.

Yacht Retailer MarineMax Files 'Cyber Incident' with SEC

The Florida-based boat purveyor's operations were seemingly minimally disrupted and "not material," but it's filing an SEC notice anyway.

(Sponsored Article) On Whose Account? Challenges in Securing Non-Human Identities

Service accounts, API keys, and OAuth tokens are a growing attack vector for cybercriminals looking to penetrate organizations' defenses.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
'Magnet Goblin' Exploits Ivanti 1-Day Bug in Mere Hours A prolific but previously hidden threat actor turns public vulnerabilities into working exploits before companies have time to patch. How to Identify a Cyber Adversary: Standards of Proof Identifying the who, what, and how behind a cyberattack is crucial for preventing future strikes. Google's Gemini AI Vulnerable to Content Manipulation Like ChatGPT and other GenAI tools, Gemini is susceptible to attacks that can cause it to divulge system prompts, reveal sensitive information, and execute potentially malicious actions. Name That Toon: Keys to the Kingdom Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. MORE

PRODUCTS & RELEASES

Codezero Raises $3.5M Seed Funding From Ballistic Ventures to Secure Multicloud Application Development

Claroty Launches Advanced Anomaly Threat Detection for Medigate

Claroty Team82: 63% of Known Exploited Vulnerabilities Tracked by CISA Are on Healthcare Organization Networks

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Microsoft Discloses Critical Hyper-V Flaws in Low-Volume Patch Update

Microsoft has disclosed fewer flaws and zero-days in the first three months of 2024 compared with the first quarter of the prior four years.

LATEST FROM THE EDGE

10 Tips for Better Security Data Management

CISOs must build out their security data management and security data architecture to get the most out of their security data for the least amount of investment.

LATEST FROM DR TECHNOLOGY

Google's Post-Quantum Upgrade Doesn't Mean We're All Protected Yet

Just because Google has put in the work to quantum-proof Chrome doesn't mean post-quantum security is all set.

LATEST FROM DR GLOBAL

150K+ UAE Network Devices & Apps Found Exposed Online

Misconfigurations, insecure services leave United Arab Emirates organizations and critical infrastructure vulnerable to bevy of cyber threats.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>