With sufficient privileges in Active Directory, attackers only have to create an "ESX Admins" group in the targeted domain and add a user to it.
Follow Dark Reading:
 July 31, 2024
LATEST SECURITY NEWS & COMMENTARY
Ransomware Gangs Exploit ESXi Bug for Instant, Mass Encryption of VMs
With sufficient privileges in Active Directory, attackers only have to create an "ESX Admins" group in the targeted domain and add a user to it.
Cyberattackers Accessed HealthEquity Customer Info via Third Party
Data thieves heisted the HSA provider's data repository for 4.5 million people's HR information, including employer and dependents intel.
Criminal Hackers Add GenAI Credentials to Underground Markets
According to the study, around 400 stolen GenAI credentials are being sold by threat actors per day.
Dynamically Evolving SMS Stealer Threatens Global Android Users
A network of more than 2,600 Telegram bots has helped exfiltrate one-time passwords and data from devices for more than two years.
India-Linked SideWinder Group Pivots to Hacking Maritime Targets
The nation-state espionage group known for attacking Pakistan has expanded its reach to targets in Egypt and Sri Lanka.
The CrowdStrike Meltdown: A Wake-up Call for Cybersecurity
The incident serves as a stark reminder of the fragility of our digital infrastructure. By adopting a diversified, resilient approach to cybersecurity, we can mitigate the risks and build a more secure digital future.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
OAuth+XSS Attack Threatens Millions of Web Users With Account Takeover
An attack flow that combines API flaws within "log in with" implementations and Web injection bugs could affect millions of websites.

Patch Now: ServiceNow Critical RCE Bugs Under Active Exploit
One threat actor claims to have already gathered email addresses and associated hashes from more than 110 remote IT management databases.

7 Sessions Not to Miss at Black Hat USA 2024
This year's conference will be a treasure trove of insights for cybersecurity professionals.

Unexpected Lessons Learned From the CrowdStrike Event
How your organization can leverage the disruptive CrowdStrike update to become more resilient.

MORE
PRODUCTS & RELEASES
Heimdal Security Presents its Latest Report on Brute-Force Cyberattacks
Cowbell Secures $60 Million Series C Funding From Zurich Insurance Group
Lakera Raises $20M Series A to Secure Generative AI Applications
MORE PRODUCTS & RELEASES
EDITORS' CHOICE
Make Your Voice Heard!
Tell Dark Reading about your cybersecurity budget challenges and concerns, such as a rise in cyberattacks, ransomware, or attacks on software supply chains and partners. Take our survey, and you could could win one of 10 $50 Amazon gift cards to be given away through a random drawing.

LATEST FROM THE EDGE

Training at Black Hat to Focus on Equipping Cybersecurity Leaders With Soft Skills
A two-day presentation will examine the social-behavioral aspects of cybersecurity leadership to drive team success.
LATEST FROM DR TECHNOLOGY

Clutch Security Launches With NHI Platform
Clutch Security is the latest cybersecurity startup looking to secure and manage non-human identity.
LATEST FROM DR GLOBAL

'Zeus' Hacker Group Strikes Israeli Olympic Athletes in Data Leak
Security presence has been heightened in Paris to ensure that the Games are safe, and Israeli athletes have been provided with even more protection.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2024  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us