Dark Reading Daily -- September 03, 2024

LATEST SECURITY NEWS & COMMENTARY

'Voldemort' Malware Curses Orgs Using Global Tax Authorities

The global malware campaign (that must not be named?) is targeting organizations by impersonating tax authorities, and using custom tools like Google Sheets for command and control.

Commercial Spyware Vendors Have a Copycat in Top Russian APT

Russia's Midnight Blizzard infected Mongolian government websites to try to compromise the devices of visitors, using watering-hole tactics.

Ransomware Gangs Pummel Southeast Asia

Successful ransomware attacks against organizations in Asia continue at peak levels in 2024 following a wave of high-profile data breaches last year.

Why Identity Teams Need to Start Reporting to the CISO

Identity management sits with IT for good reason, but now that identity is the common denominator in every attack, it's time identity security was owned by a leader with a security background, like the CISO.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
PoC Exploit for Zero-Click Vulnerability Made Available to the Masses The exploit can be accessed on GitHub and makes it easier for the flaw to be exploited by threat actors. Hundreds of LLM Servers Expose Corporate, Health & Other Online Data LLM automation tools and vector databases can be rife with sensitive data — and vulnerable to pilfering. Why LLMs Are Just the Tip of the AI Security Iceberg With the right processes and tools, organizations can implement advanced AI security frameworks that make hidden risks visible, enabling security teams to track and address them before impact. Exploited: CISA Highlights Apache OFBiz Flaw After PoC Emerges The vulnerability carries nearly the highest score possible on the CVSS scale, at 9.8, impacting a system used by major companies around the world. How Telecom Vulnerabilities Can Be a Threat to Cybersecurity Posture Telecom-based attacks such as SMS toll fraud and 2FA hijacking have evolved into a mainstream concern for CISOs. MORE

PRODUCTS & RELEASES

Cobalt Appoints Sonali Shah as CEO

AuthenticID Unveils Enhanced Smart ReAuth™ for Instant Biometric Reauthentication

SANS Institute Unveils Critical Infrastructure Strategy Guide for 2024

77% of Educational Institutions Spotted a Cyberattack Within the Last 12 Months

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Iran's 'Fox Kitten' Group Aids Ransomware Attacks on US Targets

In a joint advisory, CISA and the FBI described the activity as a likely attempt by the group to monetize access to networks it already has compromised.

LATEST FROM THE EDGE

NASA Focuses on Cybersecurity of Its Mission-Critical Software

The software verification and validation efforts helps NASA improve the safety and cost-effectiveness of its mission-critical software. Cybersecurity is now part of the evaluation.

LATEST FROM DR TECHNOLOGY

Check Point, Cisco Boost AI Investments With Latest Deals

Cisco's deal to acquire Robust Intelligence will make it possible to use red-team algorithms to assess risk in AI models and applications, while Check Point's acquisition of Cyberint will add threat intelligence to its SOC platform.

LATEST FROM DR GLOBAL

South Korean APT Exploits 1-Click WPS Office Bug, Nabs Chinese Intel

The most popular office software suite in China actually has two critical vulnerabilities, which allowed hackers the opportunity for remote code execution. Time to patch.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>