Dark Reading Daily -- December 15, 2023

CEO of CyTaka says offensive actions would create a deterrent against cyberattacks.

LATEST SECURITY NEWS & COMMENTARY

Volt Typhoon-Linked SOHO Botnet Infects Multiple US Gov't Entities

Chinese threat actors are taking advantage of the poor state of edge security to breach both small and big fish.

New 'GambleForce' Threat Actor Behind String of SQL Injection Attacks

The fresh-faced cybercrime group has been using nothing but publicly available penetration testing tools in its campaign so far.

Zoom's Bug-Scoring System Prioritizes Riskiest Vulns for Cyber Teams

New vulnerability impact scoring system aims to help cyber defenders find threats and patch against bugs most likely to disrupt their environments.

Iran-Linked 'OilRig' Cyberattackers Target Israel's Critical Infrastructure, Over & Over

The prolific APT repeatedly compromised targets in healthcare, manufacturing, and government with new lightweight downloaders that blend into network traffic for evasion.

Safeguarding Our Children's Digital Future: A Call to Action

Frequent cyberattacks on America's schools are putting our children at risk. Urgent action is needed to protect students and families.

The Unlikely Romance of Hackers and Government Suitors

Very little modern federal infrastructure is managed by the government — putting a substantial portion of potentially targetable attack surfaces under oversight of federal contractors.

(Sponsored Article) 5 Fundamental Actions to Protect the SaaS Supply Chain

Effective third-party risk management is crucial for identifying and mitigating vulnerabilities in the SaaS supply chain.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
Global TeamCity Exploitation Opens Door to SolarWinds-Style Nightmare Russia's APT29 is going after a critical RCE flaw in the JetBrains TeamCity software developer platform, prompting governments worldwide to issue an urgent warning to patch. Ransomware Gangs Use PR Charm Offensive to Pressure Victims Threat actors are fully embracing the spin machine: rebranding, speaking with the media, writing detailed FAQs, and more, all in an effort to make headlines. Software & Security: How to Move Supply Chain Security Up the Agenda Getting more insight helps you to prioritize across all your systems, letting you drive more collaboration, real change, and real success for your teams. MORE

PRODUCTS & RELEASES

Swinfen Charitable Trust, UVA Health, Telemedicine AI, and MITRE Collaborate on Secure Global Health Telemedicine

Stamus Networks Supports NATO Red Teaming Cyber Exercise for the Fifth Consecutive Year

Survey: 90% of IT Pros Felt Prepared for a Password-Based Cyberattack, Yet More Than Half Fell Victim to One

BlackBerry Appoints John Giamatteo as CEO

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Attackers Target Microsoft Accounts to Weaponize OAuth Apps

After compromising Azure and Outlook user accounts, threat actors are creating malicious apps with high privileges to conduct cryptomining, phishing, and password spraying.

LATEST FROM THE EDGE

Tips for Modernizing SecOps Teams

Dark Reading's special report looks at ways security operations teams can improve their efficiency and effectiveness to address the latest threats.

LATEST FROM DR TECHNOLOGY

Confidential AI Protects Data and Models Across Clouds

Confidential AI integrates zero trust and confidential computing to guard data and models during inferencing, training, learning, and fine-tuning.

LATEST FROM DR GLOBAL

Israeli Company Hires Overseas Attackers in 'Hack-Back' Effort

CEO of CyTaka says offensive actions would create a deterrent against cyberattacks.

WEBINARS

Everything You Need to Know About DNS Attacks
SecOps & DevSecOps in the Cloud
Security teams today face the dual challenge of securing cloud-native applications as well as their software development processes that increasingly operate in the cloud. At the same time, attacks are rising against misconfigured cloud instances as well as a new ...

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

The State of Supply Chain Threats
How to Deploy Zero Trust for Remote Workforce Security
What Ransomware Groups Look for in Enterprise Victims
Ransomware attackers cast a wide net -- they just care about causing damage, making money, and gaining new victims. That means no organization is automatically immune to attack just because of its size or industry. Organizations need to take steps ...

View More Dark Reading Reports >>