Dark Reading Daily -- February 16, 2024

"Voltzite," the APT's subset that focuses on OT networks and critical infrastructure, has also compromised targets in Africa.

LATEST SECURITY NEWS & COMMENTARY

Volt Typhoon Hits Multiple Electric Utilities, Expands Cyber Activity

"Voltzite," the APT's subset that focuses on OT networks and critical infrastructure, has also compromised targets in Africa.

Microsoft Exchange Server Flaw Exploited as a Zero-Day Bug

Microsoft has observed signs of active exploits targeting CVE-2024-2140.

iOS, Android Malware Steals Faces to Defeat Biometrics With AI Swaps

Southeast Asia is learning the hard way that biometric scans are nearly as easy to bypass as other kinds of authentication data, thanks to a creative banking Trojan.

Russian APT Turla Wields Novel Backdoor Malware Against Polish NGOs

A spate of recent cyber-espionage attacks showcases Turla's brand-new modular custom malware, and an expansion of the state-sponsored group's scope of targets.

AWS SNS Hijackings Fuel Cloud Smishing Campaign

Using a custom Python script to send bulk phishing messages with a USPS lure, the cyberattackers are posing a risk to consumer-facing organizations moving workloads to the cloud.

DoJ Breaks Russian Military Botnet in Fancy Bear Takedown

The feds disrupted a Russian intelligence SOHO router botnet notable for being built with Moobot malware rather than custom code.

Cybersecurity's Transformative Shift

The industry is evolving from one of conventional threat detection toward a strategy that emphasizes context and preempts user behavior.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
We're at a Pivotal Moment for AI and Cybersecurity But generative AI's ability to strengthen security and fortify defenses can keep bad actors in check. Prudential Files Voluntary Breach Notice With SEC The finance services giant says it was hacked — and reported the incident proactively before SEC requirements mandated it. It could be an anti-extortion move, or merely a brand protection effort. Attackers Exploit Microsoft Security-Bypass Zero-Day Bugs The Water Hydra cyberattacker group is one adversary using the zero-days to get past built-in Windows protections. CISO and CIO Convergence: Ready or Not, Here It Comes Recent shifts underscore the importance of collaboration and alignment between these two IT leaders for successful digital transformation. MORE

PRODUCTS & RELEASES

Critical Software Vulnerabilities Impacting Credit Unions Discovered by LMG Security Researcher

Surge in 'Hunter-Killer' Malware Uncovered by Picus Security

Cobalt's New Report Uncovers a Big Shift in Cybersecurity Strategy

Perforce to Acquire Delphix, Adding Enterprise Data Management Software to its DevOps Portfolio

JumpCloud's Q1 2024 SME IT Trends Report Reveals AI Optimism Tempered by Security Concerns

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Microsoft, OpenAI: Nation-States Are Weaponizing AI in Cyberattacks

It's not theoretical anymore: the world's major powers are working with large language models to enhance their offensive cyber operations.

LATEST FROM THE EDGE

Why Demand for Tabletop Exercises Is Growing

Tabletop exercises can be an effective and affordable way to test an organization's defense and response capabilities against cyberattack.

LATEST FROM DR TECHNOLOGY

CISA HBOM Framework Doesn't Go Far Enough

CISA's recently introduced framework for hardware bill of materials is an important step in addressing semiconductor risks. But further tracking beyond manufacturing is critical to its usefulness.

LATEST FROM DR GLOBAL

Cyberattack Disrupts German Battery-Production Lines

It's unclear what kind of cyberattack VARTA AG is facing, but it has shut down its systems until it can become operational again.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>