Dark Reading Daily -- September 19, 2024

Despite security updates to protect data, 45% of total enterprise instances of the cloud-based IT management platform leaked PII, internal system details, and active credentials over the past year.

LATEST SECURITY NEWS & COMMENTARY

Thousands of ServiceNow KB Instances Expose Sensitive Corporate Data

Despite security updates to protect data, 45% of total enterprise instances of the cloud-based IT management platform leaked PII, internal system details, and active credentials over the past year.

Contractor Software Targeted via Microsoft SQL Server Loophole

By accessing the MSSQL, threat actors gain admin-level access to the application, allowing them to automate their attacks.

Infostealers: An Early Warning for Ransomware Attacks

Can cyber defenders use the presence of infostealers as a canary in the coal mine to preempt ransomware attacks?

QR Phishing Scams Gain Motorized Momentum in UK

Criminal actors are finding their niche in utilizing QR phishing codes, otherwise known as "quishing," to victimize unsuspecting tourists in Europe and beyond.

Packed With Features, 'SambaSpy' RAT Delivers Hefty Punch

Thought to be Brazilian in origin, the remote access Trojan is the "perfect tool for a 21st-century James Bond."

How Shifts in Cyber Insurance Are Affecting the Security Landscape

Ultimately, the goal of businesses and cyber insurers alike is to build more resilient IT environments to avoid cyberattacks and the ransom, downtime, and reputation hit that come along with them.

FCC: AT&T Didn't Adequately Protect Customers' Cloud Data

Regulators fine AT&T $13 million for failing to protect customer information held by a third-party vendor, and extend consumer data protections to the cloud.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
'Marko Polo' Creates Globe-Spanning Cybercrime Juggernaut The Eastern European group is actively expanding its financial fraud activities, with its pipelines representing a veritable Silk Road for the transfer of cryptocurrency, and lucrative and exploitable data. The Current Cybersecurity Landscape: New Threats, Same Security Mistakes It is imperative to develop robust policies for new tech and future-proofing by favoring investments in security. RT News Hosted Russian Cyber Spy Unit, US Says US State Department warns that Kremlin-backed media outlets in democracies around the world are hiding Russian cyber spies and actively working to sow discord. 'CloudImposer' Flaw in Google Cloud Affected Millions of Servers Attackers could have exploited a dependency confusion vulnerability affecting various Google Cloud services to execute a sprawling supply chain attack via just one malicious Python code package. MORE

PRODUCTS & RELEASES

South Korea Digital Forensics Market to Hit US $3.52B by 2031

Cybersecurity Community Celebrates Documentary Premiere at Tampa Theatre

Over a Third of Cyberattacks Result in Job Losses

99% of Business Leaders Have Concerns About the Trustworthiness of Internal Data

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Zero-Click RCE Bug in macOS Calendar Exposes iCloud Data

A researcher bypassed the Calendar sandbox, Gatekeeper, and TCC in a chain attack that allowed for wanton theft of iCloud photos.

LATEST FROM THE EDGE

Ready to Rumble: US Women's Cyber Team Preps for Global CTF Contest

The 12-member group will compete at the first all-women's capture-the-flag competition this November at the Kunoichi Cyber Games in Tokyo.

LATEST FROM DR TECHNOLOGY

Startup Finds 'Hydden' Identities in IT Environment

Hydden's platform detects and classifies an organization's identities, accounts, and privileges, regardless of where they reside in the IT environment.

LATEST FROM DR GLOBAL

Phishing Espionage Attack Targets US-Taiwan Defense Conference

Hackers sent a convincing lure document, but after 20 years of similar attacks, the target organization was well prepared.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>