Dark Reading Weekly
Follow Dark Reading:
 July 18, 2024
LATEST SECURITY NEWS & COMMENTARY
SEXi Ransomware Rebrands as 'APT Inc.,' Keeps Old Methods
The cybercrime group demands ransoms of varying degrees, from thousands to even millions of dollars — in some cases, 2 bitcoin per encrypted customer.
Void Banshee APT Exploits Microsoft Zero-Day in Spear-Phishing Attacks
The threat group used CVE-2024-38112 and a "zombie" version of IE to spread Atlantida Stealer through purported PDF versions of reference books.
Iranian Cyber Threat Group Drops New Backdoor, 'BugSleep'
The group — which has targeted Israel, Saudi Arabia, and other nations — often uses spear phishing and legitimate remote management tools but is developing a brand-new homegrown toolset.
Security End-Run: 'AuKill' Shuts Down Windows-Reliant EDR Processes
Russian threat actor FIN17 has shifted gears multiple times in recent years, focusing now on helping ransomware groups be even more covertly effective.
Orgs Are Finally Making Moves to Mitigate GenAI Risks
With AI use ramping up rapidly, a growing number of enterprise security teams have begun putting controls in place to protect sensitive data from accidental exposure and leaks.
West African Crime Syndicate Taken Down by Interpol Operation
Law enforcement managed to arrest numerous members of Black Axe, a notorious group engaged in a wide variety of criminal activity.
Microsoft: Scattered Spider Widens Web With RansomHub & Qilin
The gang already uses varied tools in its attacks, such as phishing, SIM swapping, and MFA fatigue.
'Trial' DDoS Attacks on French Sites Portend Greater Olympics Threats
Russian hacktivists claim DDoS attacks against basic tourist websites. Is it real, or just smoke and mirrors?
Snowflake Account Attacks Driven by Exposed Legitimate Credentials
Credential management gets a boost with the latest infostealers' extortion campaign built on info stolen from cloud storage systems.
Name That Toon: Near Miss
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
7 Tips for Navigating Cybersecurity Risks in M&As
Careful planning and proactive measures can ensure smooth and secure transitions, paving the way for a successful merger or acquisition.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
DPRK Hackers Tweak Malware to Lure MacOS Users into Video Calls
North Korean espionage campaign delivers updated BeaverTail info stealer by spoofing legitimate video calling service, researcher finds.

Rite Aid Becomes RansomHub's Latest Victim After Data Breach
The breach affects older customer information involved in purchases made from June 6, 2017, up until July 30, 2018.

Cloud Security, PowerShell Expertise Emerge as Key SOC Analyst Skills
SOC analysts should also cultivate skills like incident handling and response, threat hunting, digital forensics, Python, and bash scripting.

MORE
PRODUCTS & RELEASES
Top 5 Mistakes Businesses Make When Implementing Zero Trust
QBE Insurance Launches Global Cyber Coverage With QCyberProtect
MxD Research Reveals Major Disconnect Between Perceived and Actual Cybersecurity Capabilities in US Manufacturing
BlueVoyant Unveils Edge Security Operations Platform
MORE PRODUCTS & RELEASES
EDITORS' CHOICE
Threat Actors Ramp Up Use of Encoded URLs to Bypass Secure Email
The tactic is not new, but there has been a steady increase in its use as of this spring.
LATEST FROM THE EDGE

Training at Black Hat to Focus on Equipping Cybersecurity Leaders With Soft Skills
A two-day presentation will examine the social-behavioral aspects of cybersecurity leadership to drive team success.
LATEST FROM DR TECHNOLOGY

Unprecedented: Cloud Giants, Feds Team on Unified Security Intelligence
The Cloud Safe Task Force aims to unite the US government and cloud service providers, like Amazon, Google, IBM, Microsoft, and Oracle, to provide a "National Cyber Feed": a continuous threat-monitoring tool for federal agencies.
LATEST FROM DR GLOBAL

Shadowroot Ransomware Lures Turkish Victims via Phishing Attacks
The ransomware is rudimentary with basic functionalities, likely having been created by an inexperienced developer — but it's effective at locking up files and sucking up memory capacity.
WEBINARS
  • Enhance Cloud Security with Cloud-Native Security

    In this webinar, learn how your current cloud security measures may be falling short as you shift to cloud-native, and what new tools and processes you will need to put in place to stay ahead of attackers.

  • Tales of a Modern Data Breach: The Rise of Mobile Attacks

    Modern breaches now happen in minutes, not months. Threat actors are exploiting the fact that mobile devices are more susceptible to social engineering, enabling them to gain direct access to cloud infrastructure with legitimate credentials and swiftly compromise data. Recent ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2024  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us