The innocuously named Russian-sponsored cyber threat actor has combined critical and serious vulnerabilities in Windows and Firefox products in a zero-click code execution exploit.
Follow Dark Reading:
 November 27, 2024
LATEST SECURITY NEWS & COMMENTARY
'RomCom' APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor
The innocuously named Russian-sponsored cyber threat actor has combined critical and serious vulnerabilities in Windows and Firefox products in a zero-click code execution exploit.
Geico, Travelers Fined $11.3M for Lax Data Security
New York state regulators punish insurers after cybercriminals illegally access customer info they then used to file scam unemployment claims during the COVID-19 pandemic.
Salt Typhoon Builds Out Malware Arsenal With GhostSpider
The APT, aka Earth Estries, is one of China's most effective threat actors, performing espionage for sometimes years on end against telcos, ISPs, and governments before being detected.
OpenSea Phishers Aim to Drain Crypto Wallets of NFT Enthusiasts
Cyberattackers have been targeting the online NFT marketplace with emails claiming to make an offer to a targeted user; in reality, clicking on a malicious link takes victims to a crypto-draining site.
Microsoft Finally Releases Recall as Part of Windows Insider Preview
The preview version now includes multiple security-focused additions Microsoft had promised to include, such as SecureBoot, BitLocker, and Windows Hello.
My Car Knows My Secrets, and I'm (Mostly) OK With That
Imagine your car gossiping to insurance companies about your lead foot, or data brokers peddling your daily coffee run. Welcome to the world of connected cars, where convenience and privacy are locked in a head-on collision.
(Sponsored Article) Are You Really Protected? The Myth of EDR-Driven Security
Cybercriminals have become adept at bypassing traditional defenses to move freely across the network, putting our security stack into question.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Ransomware Attack on Blue Yonder Hits Starbucks, Supermarkets
The incident is typical of the heightened threats organizations face during the holidays, when most companies reduce their security operations staff by around 50%.

Closing the Cybersecurity Career Diversity Gap
Diversity isn't just an issue of fairness — it's about operational excellence and ensuring we have the best possible teams defending our national security.

BlackBasta Ransomware Brand Picks Up Where Conti Left Off
New analysis says law enforcement efforts against Russian-language ransomware-as-a-service (RaaS) infrastructure helped consolidate influence behind BlackBasta, but some experts aren't so sure the brand means that much.

MORE
PRODUCTS & RELEASES
CyberRatings.org Announces Test Results for Cloud Service Provider Native Firewalls
CyCognito Report Highlights Rising Cybersecurity Risks in Holiday E-Commerce
Study Finds 76% of Cybersecurity Professionals Believe AI Should Be Heavily Regulated
MORE PRODUCTS & RELEASES
EDITORS' CHOICE
Fancy Bear 'Nearest Neighbor' Attack Uses Nearby Wi-Fi Network
In a "new class of attack," the Russian APT breached a target in Washington, DC, by credential-stuffing wireless networks in close proximity to it and daisy-chaining a vector together in a resourceful and creative way, according to researchers.
LATEST FROM THE EDGE

8 Tips for Hiring and Training Neurodivergent Talent
Neurodivergent talent can add so much to a cybersecurity team. How can companies ensure they have the right hiring and onboarding practices in place to ensure their success?
LATEST FROM DR TECHNOLOGY

AWS Rolls Out Updates to Amazon Cognito
Amazon Web Services' identity and access management platform has added new features that help developers implement secure, scalable, and customizable authentication solutions for their applications.
LATEST FROM DR GLOBAL

Israel Defies VC Downturn With More Cybersecurity Investments
With a focus on creating technologies for other markets, Israel continues to be a valued destination for venture capital in cybersecurity outside the US and Europe.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2024  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us