The China-backed APT that's been trying to set itself up inside US critical infrastructure for the purpose of disrupting physical processes is deploying a similar playbook in Africa.
Follow Dark Reading:
 February 29, 2024
LATEST SECURITY NEWS & COMMENTARY
'Voltzite' Zaps African Utilities as Part of Volt Typhoon's Onslaught
The China-backed APT that's been trying to set itself up inside US critical infrastructure for the purpose of disrupting physical processes is deploying a similar playbook in Africa.
Echoes of SolarWinds in New 'Silver SAML' Attack Technique
A successor to the "Golden SAML" tactic used in the SolarWinds campaign, this new technique taps SAML response forgery to gain illegitimate access to apps and services.
US Government Expands Role in Software Security
The White House Office of the National Cyber Director puts software developers on notice, calling for a move to memory-safe programming languages and the development of security metrics.
Meet 'XHelper,' the All-in-One Android App for Global Money Laundering
User-friendly apps allow anybody to serve as traffickers for cybercrime syndicates.
Cyberattackers Lure EU Diplomats With Wine-Tasting Offers
A targeted attack aiming to exploit geopolitical relations between India and Europe delivers previously undocumented, uniquely evasive backdoor malware.
'Savvy Seahorse' Hackers Debut Novel DNS CNAME Trick
Petty scammers have figured out how to leverage a core function of DNS in order to maintain scalable, stealthy, pliable malicious infrastructure.
Converging State Privacy Laws and the Emerging AI Challenge
It's time for companies to look at what they're processing, what types of risk they have, and how they plan to mitigate that risk.
(Sponsored Article) Transform Your Security Operations Center With AI
Attackers aren't slowing down and are using new methods to infiltrate orgs. To limit their impact, automation in the SOC is more critical now than ever.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Russia's 'Midnight Blizzard' Targets Service Accounts for Initial Cloud Access
CISA and its counterparts in the UK and other countries this week offered new guidance on how to deal with the threat actor's recent shift to cloud attacks.

U-Haul Reports 67K Customers Impacted by Data Breach
In the notice letter sent out to affected individuals, U-Haul notes that credit card information was not accessed in the breach.

What Companies & CISOs Should Know About Rising Legal Threats
Litigation and regulatory enforcement are increasing risks for companies and cybersecurity leaders. Something must be done to protect the profession.

4 Ways Organizations Can Drive Demand for Software Security Training
Developer-driven security programs place the development team at the center of reducing vulnerabilities.

MORE
PRODUCTS & RELEASES
Kaspersky Finds Attacks on Mobile Devices Significantly Increased in 2023
Fortress Information Security Deploys Automated Patch Notification and Authenticity Tool
Delinea to Acquire Fastpath to Revolutionize Privileged Access and Identity Governance
Pentera Launches Global Partner Program to Accelerate Growing Channel
MORE PRODUCTS & RELEASES
EDITORS' CHOICE
eBay, VMware, McAfee Sites Hijacked in Sprawling Phishing Operation
Trusted brands like The Economist are also among the 8,000 entities compromised by Operation SubdoMailing, which is at the heart of a larger operation of a single threat actor.
LATEST FROM THE EDGE

Privacy Beats Ransomware as Top Insurance Concern
Despite ransomware losses remaining high, privacy violations have quickly risen to second in a list of expected cyber insurance claims costs.
LATEST FROM DR TECHNOLOGY

Insurers Use Claims Data to Recommend Cybersecurity Technologies
Policy holders using certain technologies — such as managed detection and response (MDR) services, Google Workspace, and email security gateways — gain premium discounts from cyber insurers.
LATEST FROM DR GLOBAL

'Illusive' Iranian Hacking Group Ensnares Israeli, UAE Aerospace and Defense Firms
UNC1549, aka Smoke Sandstorm and Tortoiseshell, appears to be the culprit behind a cyberattack campaign customized for each targeted organization.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2024  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us