An individual in Turkey is behind a new information stealer that researchers have recently observed in multiple attacks.
| LATEST SECURITY NEWS & COMMENTARY | 'Styx Stealer' Blows Its Own Cover With Sloppy OpSec Mistake An individual in Turkey is behind a new information stealer that researchers have recently observed in multiple attacks. Critical, Actively Exploited Jenkins RCE Bug Suffers Patch Lag A 7-month-old bug in an OSS CI/CD server is still being actively exploited, thanks to spotty patching, CISA warns. Multiple Microsoft Apps for macOS Vulnerable to Library Injection Attacks Outlook, Teams, PowerPoint, OneNote, Excel, and Word undermine macOS's strict user permission-based privacy and security protections. Are 2024 US Political Campaigns Prepared for the Coming Cyber Threats? When it comes to this year's candidates and political campaigns fending off major cyberattacks, a lot has changed since the 2016 election cycle. Unfixed Microsoft Entra ID Authentication Bypass Threatens Hybrid IDs The attack affects organizations that have synced multiple on-premises Active Directory domains to a single Azure tenant. Every Google Pixel Phone Has a Verizon App that Doubles As a Backdoor What is a Verizon Wireless demo store app doing on non-Verizon phones, and why is it a vehicle to an attacker? Taiwan University Under Fire From Unique DLL Backdoor It's unclear who the "Msupedge" threat actors were or what the motive for the attack was. DARPA Aims to Ditch C Code, Move to Rust The Defense Advanced Research Projects Agency launches TRACTOR program to work with university and industry researchers on creating a translation system that can turn C code into secure, idiomatic Rust code. Deadbeat Dad Hacks State Registry to Fake His Own Death A Kentucky man used stolen doctor credentials to fake his own death certificate to avoid paying a six-figure child support debt. US Intelligence Blames Iran for Hack on Trump Campaign Feds confirmed Iran's involvement in the email attack against Roger Stone after Microsoft, Google reported Iranian APT action against both presidential campaigns. Chinese Threat Actors Use MSI Files to Bypass Windows, VT Detection Analysts have been picking up increased cases of malware delivery via Windows Installer files in Southeast Asia. Why Are Organizations Losing the Ransomware Battle? Institutionalizing and sustaining fundamental cybersecurity practices requires a commitment to ongoing vigilance, active management, and a comprehensive understanding of evolving threats. Name That Toon: Security Games Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. Beyond the Hype: Unveiling the Realities of WormGPT in Cybersecurity Though WormGPT tools may not be a major problem now, organizations can't let their guard down. MORE NEWS / MORE COMMENTARY | | | PRODUCTS & RELEASES | Malicious Links, AI-Enabled Tools, and Attacks on SMBs Among Top Cybersecurity Threats in H1 Mimecast Global Threat Intelligence Report IBM SkillsBuild Cybersecurity and Data Analytics Certificates to be Deployed in Community College Systems New ISAGCA Report Explores Zero-Trust Outcomes in OT Cybersecurity MORE PRODUCTS & RELEASES |
|
Dark Reading Weekly -- Published By Dark Reading Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here. | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | We take your privacy very seriously. Please review our Privacy Statement. |
|
|