In targeting Apple users, LockBit is going where no major ransomware gang has gone before. But it's a warning shot, and Mac users need not worry yet.
Follow Dark Reading:
 April 20, 2023
LATEST SECURITY NEWS & COMMENTARY
Researchers Discover First-Ever Major Ransomware Targeting macOS
In targeting Apple users, LockBit is going where no major ransomware gang has gone before. But it's a warning shot, and Mac users need not worry yet.
Recycled Core Routers Expose Sensitive Corporate Network Info
Researchers are warning about a dangerous wave of unwiped, secondhand core-routers found containing corporate network configurations, credentials, and application and customer data.
Killnet Boss Exposes Rival Leader in Kremlin Hacktivist Beef
Killnet's leader outs the identity of the new Anonymous Russia leader, in an effort to consolidate power among pro-Russia cybercriminals.
Majority of US IT Pros Told to Keep Quiet About Data Breaches
To report or not report? While more than half of all companies have suffered a data breach, 71% of IT professionals say they have been told to not report an incident, which could mean legal jeopardy.
3 Flaws, 1 War Dominated Cyber-Threat Landscape in 2022
Attackers continued to favor software exploits, phishing, and stolen credentials as initial-access methods last year, as Log4j and the Russia-Ukraine cyber conflict changed the threat landscape.
APT41 Taps Google Red-Teaming Tool in Targeted Info-Stealing Attacks
China-linked APT41 group targeted a Taiwanese media organization and an Italian job agency with standard, open source penetration test tools, in a change in strategy.
Russian SolarWinds Culprits Launch Fresh Barrage of Espionage Cyberattacks
The threat group behind the SolarWinds supply chain attacks is back with new tools for spying on officials in NATO countries and Africa.
Western Digital Hackers Demand 8-Figure Ransom Payment for Data
Western Digital has yet to comment on claims that the breach reported earlier this month led to data being stolen.
New Mirai Variant Employs Uncommon Tactics to Distribute Malware
RapperBot's initial infection tactic is one example of the different methods attackers are using to distribute malware.
Super-Yacht Specialist Lürssen in Dry Dock After Ransomware Attack
The ransomware attack proves that even the wealthiest cannot buy their immunity from threat actors.
Google Issues Emergency Chrome Update for Zero-Day Bug
Because the security vulnerability is under active exploit, Google isn't releasing full details of the flaw while users could remain vulnerable.
How to Prevent 2 Common Attacks on MFA
MFA isn't immune from the tug of war between attackers and defenders.
How to Define Tier-Zero Assets in Active Directory Security
There are plenty of AD objects and groups that should be considered tier zero in every environment, but some will vary among organizations.
Name That Toon: Lucky Charm
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Top 5 Data Security RSAC 2023 Sessions to Attend
A little preconference reconnoitering of upcoming seminars, keynotes, and track sessions makes plotting your days easier. Here's one attendee's list.

Beyond CVEs: The Key to Mitigating High-Risk Security Exposures
Use ongoing exposure management to parse the riskiest exposures and probable attack paths, then identify and plug the choke points.

MORE
EDITORS' CHOICE
7 Sizzling Sessions to Check Out at RSA Conference 2023
Here are some of the most interesting, can't-miss sessions at the upcoming show in San Francisco.
LATEST FROM THE EDGE

How CISOs Can Craft Better Narratives for the Board
Communicating cyber-risk upward to the C-suite and board takes simplification and a better understanding of the audience.
LATEST FROM DR TECHNOLOGY

How Zero Trust Can Protect Systems Against Generative AI Agents
Researchers explore a love-hate relationship with AI tools like ChatGPT, which can be used to both attack and defend more efficiently.
WEBINARS
  • Puzzled by Patching: Solve Endpoint Pains

    In this webinar, you'll learn critical steps to improve your security posture and reduce patching complexity so that your IT team can do more with less while keeping security at the forefront. Now is the time to slay the time-consuming ...

  • How to Accelerate XDR Outcomes: Bridging the Gap Between Network and Endpoint

    Adversaries are moving faster than ever, with modern attacks coming from all fronts across network, endpoint, and other domains. In 2022, the average breakout time declined from 98 minutes to 84 minutes, highlighting the imperative for IT and security teams to act quickly ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
  • Successfully Managing Identity in Modern Cloud and Hybrid Environments

    Cloud promised to simplify the security and management of enterprise systems. In many ways it has, but when it comes to identity management it's as complicated as ever. This report details how to get identity programs on track -- and ...

  • Shoring Up the Software Supply Chain Across Enterprise Applications

    Supply chain security attacks are growing at an alarming pace, and things are going to keep getting worse until DevSecOps teams get on the same page. A little help from the feds could also be welcome Modern-day software development depends ...

  • 10 Hot Talks From Black Hat USA 2022

    Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ...
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Coro Raises an Additional $75M Bringing the Total Raised to $155M in 12 Months
CrowdStrike Announces Managed XDR to Close the Cybersecurity Skills Gap, Expands MDR Portfolio
Cyberattacks Can Cost Enterprises Up to 30% of Operating Income According to ThreatConnect
Akamai Technologies to Acquire API Security Company Neosec
KnowBe4 Phishing Test Results Reveal IT and Online Services Emails Drive Dangerous Attack Trend
Netwrix Annual Security Survey: 68% of Organizations Experienced a Cyberattack Within the Last 12 Months
Marlinspike Adds Charles Carmakal to its Advisory Board
Report: Over Half of North American Consumers Are Open to Passwordless
MORE PRODUCTS & RELEASES
CURRENT ISSUE

Successfully Managing Identity in Modern Cloud and Hybrid Environments
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us