Makers of vulnerable apps that are exploited in wide-scale supply chain attacks need to improve software security or face steep fines and settlement fees.
| | | LATEST SECURITY NEWS & COMMENTARY | | Software Makers May Face Greater Liability in Wake of MOVEit Lawsuit Makers of vulnerable apps that are exploited in wide-scale supply chain attacks need to improve software security or face steep fines and settlement fees. 'Play' Ransomware Group Targeting MSPs Worldwide in New Campaign Attackers use remote monitoring and management tools at MSPs to gain unfettered access to target networks. North Korea's Lazarus Group Used GUI Framework to Build Stealthy RAT The world's most notorious threat actor is using an unprecedented tactic for sneaking spyware into the IT networks of important companies. Ivanti Issues Fix for Critical Vuln in Its Sentry Gateway Technology Security vendor will not say if attackers are already actively exploiting the flaw, as some reports have claimed. CISA Committee Tackles Remote Monitoring and Management Protections CISA's public-private partnership produces RMM strategies to shore up critical infrastructure and to educate the MSPs that provide remote access to them. LinkedIn Suffers 'Significant' Wave of Account Hacks Users report losing access to their accounts, with some being pressured into paying a ransom to get back in or else face permanent account deletion. PowerShell Gallery Prone to Typosquatting, Other Supply Chain Attacks Microsoft is aware of the issue, but so far its attempts to address it don't appear to have worked, researchers say. DEF CON's AI Village Pits Hackers Against LLMs to Find Flaws Touted as the largest red teaming exercise against LLMs in history, the AI Village attracted more than 2,000 hackers and throngs of media. Researchers Trick an iPhone Into Faking Airplane Mode How mobile attackers could gaslight iPhone users, allowing the perfect cover for post-exploitation malicious activity. Name That Toon: Swift as an Arrow Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. Unveiling the Hidden Risks of Routing Protocols Neglecting security of Border Gateway Protocol (BGP) and other routing protocols has created multiple vulnerabilities that must be addressed. When Leadership Style Is a Security Risk Risk-aware leaders can be a cybersecurity advantage. Their flexible leadership style and emphasis on security first help set the tone and demonstrate a commitment to avoiding risk. Generative AI Is Scraping Your Data. So, Now What? AI innovation is moving faster than our laws and regulations, making it hard to decide whether Web or content scraping activity is good or bad, and what (if anything) you should do about it. MORE NEWS / MORE COMMENTARY | | |
|
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| | To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
