The threat group used CVE-2024-38112 and a "zombie" version of IE to spread Atlantida Stealer through purported PDF versions of reference books.
Follow Dark Reading:
 July 17, 2024
LATEST SECURITY NEWS & COMMENTARY
Void Banshee APT Exploits Microsoft Zero-Day in Spear-Phishing Attacks
The threat group used CVE-2024-38112 and a "zombie" version of IE to spread Atlantida Stealer through purported PDF versions of reference books.
Security End-Run: 'AuKill' Shuts Down Windows-Reliant EDR Processes
Russian threat actor FIN17 has shifted gears multiple times in recent years, focusing now on helping ransomware groups be even more covertly effective.
Cloud Security, PowerShell Expertise Emerge as Key SOC Analyst Skills
SOC analysts should also cultivate skills like incident handling and response, threat hunting, digital forensics, Python, and bash scripting.
Microsoft: Scattered Spider Widens Web With RansomHub & Qilin
The gang already uses varied tools in its attacks, such as phishing, SIM swapping, and MFA fatigue.
IDF Has Rebuffed 3B Cyberattacks Since Oct. 7, Colonel Claims
Israel's military computer systems have been under constant barrage in recent months.
Shadowroot Ransomware Lures Turkish Victims via Phishing Attacks
The ransomware is rudimentary with basic functionalities, likely having been created by an inexperienced developer — but it's effective at locking up files and sucking up memory capacity.
Name That Toon: Near Miss
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
The Need to Recruit Cyber Talent in the Government
Bad actors are launching unprecedented waves of attacks against government agencies — and the federal government is woefully underprepared.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
AT&T Breach May Also Impact Millions of Boost, Cricket, H2O Customers
In the scrum, countless call and text records leaked, other cell companies caught strays, the DoJ became involved, and someone has already been arrested.

7 Tips for Navigating Cybersecurity Risks in M&As
Careful planning and proactive measures can ensure smooth and secure transitions, paving the way for a successful merger or acquisition.

SEXi Ransomware Rebrands as 'APT Inc.,' Keeps Old Methods
The cybercrime group demands ransoms of varying degrees, from thousands to even millions of dollars — in some cases, 2 bitcoin per encrypted customer.

GitLab Sends Users Scrambling Again With New CI/CD Pipeline Takeover Vuln
The bug (CVE-2024-6385) is similar — but not identical — to a critical flaw GitLab patched just two weeks ago.

MORE
PRODUCTS & RELEASES
BlueVoyant Unveils Edge Security Operations Platform
Secureworks Elevates State of Cybersecurity for Mid-Market Customers With Managed Detection and Response Offering
The Linux Foundation and OpenSSF Release Report on the State of Education in Secure Software Development
MORE PRODUCTS & RELEASES
EDITORS' CHOICE
'Trial' DDoS Attacks on French Sites Portend Greater Olympics Threats
Russian hacktivists claim DDoS attacks against basic tourist websites. Is it real, or just smoke and mirrors?
LATEST FROM THE EDGE

Defending OT Requires Agility, Proactive Controls
As attackers set their sights on infrastructure, security teams need to reduce risk levels without compromising operational agility.
LATEST FROM DR TECHNOLOGY

AI Consortium Plans Toolkit to Rate AI Model Safety
An AI consortium consisting of top tech companies will release a toolkit later this year for measuring the safety of generative AI models.
LATEST FROM DR GLOBAL

Singapore Banks Ditch One-Time Passwords
Retail banks in the nation-state will eliminate the use of one-time passwords (OTPs) by bank customers in an effort to thwart phishing.
WEBINARS
  • The CIOs Guide to Enhancing GRC in 2024

    When structured correctly, Governance, Risk, and Compliance (GRC) can enable enterprises to align IT and business goals, while mitigating risks and abiding by industry and government requirements. Effectively manage your resources and unify your enterprise by utilizing emerging technology that ...

  • Generative AI: Use Cases and Risks in 2024

    This webinar reviews use cases and risks in the leading generative AI applications and models, including market favorites ChatGPT, DALL-E 2, and AutoGPT.
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2024  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us