Dark Reading Daily -- August 26, 2024

The disclosure of CVE-2024-28987 means that, in two weeks, there have been two critical bugs and corresponding patches for SolarWinds' less-often-discussed IT help desk software.

LATEST SECURITY NEWS & COMMENTARY

Patch Now: Second SolarWinds Critical Bug in Web Help Desk

The disclosure of CVE-2024-28987 means that, in two weeks, there have been two critical bugs and corresponding patches for SolarWinds' less-often-discussed IT help desk software.

Constantly Evolving MoonPeak RAT Linked to North Korean Spying

The malware is a customized variant of the powerful open source XenoRAT information stealing malware often deployed by Kimsuky and other DPRK APTs.

NIST Hands Off Post-Quantum Cryptography Work to Cyber Teams

The release of new NIST quantum-proof cryptography standards signals it's time for cybersecurity teams to get serious about preparing for the rise of quantum threats.

Liverpool Fans Take English Premier League Title for Ticket Scams

Ticket scams are costing football fans close to £200 a season, on average, according to a report.

C-Suite Involvement in Cybersecurity Is Little More Than Lip Service

Collaboration with security teams, making cybersecurity a core principle of business strategy, and investing in defenses better position organizations to thwart threats and ensure business continuity.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
NSA Issues Tips for Better Logging, Threat Detection in LotL Incidents The guidance is part of a coordinated, global effort to eradicate living-off-the-land techniques used against critical infrastructure. Why End of Life for Applications Is the Beginning of Life for Hackers In the next year, more than 35,000 applications will move to end-of-life status. To manage risk effectively, we need to plan ahead. Infostealers Waltz Through macOS to Grab Crypto Wallets, Browser Creds Ironically, Macs' lower risk profile may make them more susceptible to any given threat than the average Windows or Linux system. Critical Thinking AI in Cybersecurity: A Stretch or a Possibility? It might still sound far-fetched to say AI can develop critical thinking skills and help us make decisions in the cybersecurity industry. But we're not far off. MORE

PRODUCTS & RELEASES

Pluralsight Releases Courses to Help Cyber Pros Defend Against Volt Typhoon Hacker Group

Malicious Links, AI-Enabled Tools, and Attacks on SMBs Among Top Cybersecurity Threats in H1 Mimecast Global Threat Intelligence Report

IBM SkillsBuild Cybersecurity and Data Analytics Certificates to be Deployed in Community College Systems

New ISAGCA Report Explores Zero-Trust Outcomes in OT Cybersecurity

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Slack Patches AI Bug That Let Attackers Steal Data From Private Channels

A prompt injection flaw in the AI feature of the workforce collaboration suite makes malicious queries of data sources appear legitimate.

LATEST FROM THE EDGE

The Silver Bullet of MFA Was Never Enough

There is no such thing as a silver bullet in cybersecurity. No, not even multifactor authentication.

LATEST FROM DR TECHNOLOGY

Researchers Highlight How Poisoned LLMs Can Suggest Vulnerable Code

CodeBreaker technique can create code samples that poison the output of code-completing large language models, resulting in vulnerable — and undetectable — code suggestions.

LATEST FROM DR GLOBAL

India's Critical Infrastructure Suffers Spike in Cyberattacks

The financial and government sectors have come under increasing attacks in India, with the Reserve Bank of India (RBI) warning banks to double down on cybersecurity.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>