Dark Reading Daily -- March 11, 2024

The Midnight Blizzard APT is mounting a sustained, focused cyber campaign against the computing kahuna, using secrets it stole from emails back in January.

LATEST SECURITY NEWS & COMMENTARY

Russia-Sponsored Cyberattackers Infiltrate Microsoft's Code Base

The Midnight Blizzard APT is mounting a sustained, focused cyber campaign against the computing kahuna, using secrets it stole from emails back in January.

Japan Blames North Korea for PyPI Supply Chain Cyberattack

Open source software ecosystem compromise leaves developers in Asia and around the globe at risk.

CISO Corner: NSA Guidelines; a Utility SBOM Case Study; Lava Lamps

Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps.

Broke Cyber Pros Flock to Cybercrime Side Hustles

Burned-out cybersecurity professionals dealing with layoffs and stressful working conditions are increasingly finding a better way to earn a buck: cybercrime.

Stealth Bomber: Atlassian Confluence Exploits Drop Web Shells In-Memory

The proof-of-concept exploits for Atlassian Confluence would enable arbitrary code execution without requiring file system access.

Google Engineer Steals AI Trade Secrets for Chinese Companies

Chinese national Linwei Ding is accused of pilfering more than 500 files containing Google IP while affiliating with two China-based startups at the same time.

The Ongoing Struggle to Protect PLCs

A decade after Stuxnet, vulnerabilities in OT systems and programmable logic controllers remain exposed.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
How CISA Fights Cyber Threats During Election Primary Season Election cyber threats come from various places, including compromised voting machines, AI deepfakes, and potential physical harm to workers. But CISA has been working diligently with various public and private partners to stymie the risk. Don't Give Your Business Data to AI Companies Handing over your business data to artificial intelligence companies comes with inherent risks. Cyber Insurance Strategy Requires CISO-CFO Collaboration Cyber-risk quantification brings together the CISO's technical expertise and the CFO's focus on financial impact to develop a stronger and better understanding of what's at stake. 'The Weirdest Trend in Cybersecurity': Nation-States Returning to USBs USBs are fetch again, as major APTs from Russia, China, and beyond are turning to them for BYOD cyberattacks. MORE

PRODUCTS & RELEASES

Silence Laboratories Raises $4.1M Funding to Enable Privacy Preserving Collaborative Computing

Bipartisan Members of Congress Introduce Enhanced Cybersecurity for SNAP Act to Secure Food Benefits Against Hackers and Thieves

Veeam Launches Veeam Data Cloud

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

JetBrains TeamCity Mass Exploitation Underway, Rogue Accounts Thrive

Just one day after disclosure, adversaries began targeting the vulnerabilities to take complete control of affected instances of the popular developer platform.

LATEST FROM THE EDGE

Creating Security Through Randomness

How lava lamps, pendulums, and suspended rainbows keep the Internet safe.

LATEST FROM DR TECHNOLOGY

How to Ensure Open Source Packages Are Not Landmines

CISA and OpenSSF jointly published new guidance recommending technical controls to make it harder for developers to bring malicious software components into code.

LATEST FROM DR GLOBAL

South Korean Police Deploy Deepfake Detection Tool in Run-up to Elections

The nation's battle with political deepfakes may be a harbinger for what's to come in elections around the world this year.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>