Dark Reading Daily -- October 28, 2024

Four companies — Avaya, Check Point, Mimecast, and Unisys — have been charged by the SEC for misleading disclosures in the aftermath of the 2020 SolarWinds compromise.

LATEST SECURITY NEWS & COMMENTARY

SEC Fines Companies Millions for Downplaying SolarWinds Breach

Four companies — Avaya, Check Point, Mimecast, and Unisys — have been charged by the SEC for misleading disclosures in the aftermath of the 2020 SolarWinds compromise.

Russia's APT29 Mimics AWS to Steal Windows Credentials

Kremlin intelligence carried out a wide-scale phishing campaign in contrast to its usual, more targeted operations.

UnitedHealth Reveals 100M Compromised in Change Healthcare Breach

Eight months after the breach occurred, Change Healthcare has finally sent out millions of notices of compromised data to affected individuals.

LinkedIn Hit With $335M Fine for Data Privacy Violations

The networking company found liable for illegally gathering user data for targeted advertising by the Irish Data Protection Commission.

Cybersecurity Isn't Easy When You're Trying to Be Green

Renewable energy firms deal with a large cyberattack surface area, given the distributed nature of power generation and more pervasive connectivity.

My Journey From the Air Force to Cybersecurity

Cybersecurity is mission-driven, meaningful work that coincides with the service branches' goals to protect, defend, and create a safer world.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
AWS's Predictable Bucket Names Make Accounts Easier to Crack Amazon's open source Cloud Development Kit generates dangerously predictable naming patterns that could lead to an account takeover. Why Cybersecurity Acumen Matters in the C-Suite Until CEOs and boards prioritize learning more about mitigating threats, organizations are leaving themselves and their businesses open to the potential for disaster. Cisco ASA, FTD Software Under Active VPN Exploitation Unauthenticated threat actors can remotely cause a denial-of-service (DoS) cyberattack within the Remote Access VPN software in Cisco's ASA and Firepower software. Lazarus Group Exploits Chrome Zero-Day in Latest Campaign The North Korean actor is going after cryptocurrency investors worldwide leveraging a genuine-looking game site and AI-generated content and images. MORE

PRODUCTS & RELEASES

American Water Under Investigation for Cyberattack Potentially Affecting 14M Customers

Grip Security Releases 2025 SaaS Security Risks Report

Jake Williams Joins Hunter Strategy As VP of RND & Managing Director of Hunter Labs

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Critical Bug Exploited in Fortinet's Management Console

An attacker compromised one of Fortinet's most sensitive products and mopped up all kinds of reconnaissance data helpful for future mass device attacks.

LATEST FROM THE EDGE

'Shift Left' Gets Pushback, Triggers Security Soul Searching

A government report's criticism of the 100x metric often used to justify fixing software earlier in development fuels a growing debate over pushing responsibility for secure code onto developers.

LATEST FROM DR TECHNOLOGY

Open Source LLM Tool Sniffs Out Python Zero-Days

Vulnhuntr is a Python static code analyzer that uses Claude AI to find and explain complex, multistep vulnerabilities.

LATEST FROM DR GLOBAL

'Prometei' Botnet Spreads Its Cryptojacker Worldwide

The Russian-language malware primarily enlists computers to mine Monero, but theoretically it can do worse.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>