Disguised as harmless PDF documents, LNK files trigger a PowerShell script, initiating a Rust-based injector called Freeze[.]rs and a host of malware infections.
Follow Dark Reading:
 August 14, 2023
LATEST SECURITY NEWS & COMMENTARY
XWorm, Remcos RAT Evade EDRs to Infect Critical Infrastructure
Disguised as harmless PDF documents, LNK files trigger a PowerShell script, initiating a Rust-based injector called Freeze[.]rs and a host of malware infections.
Security Pressures Mount Around AI's Promises & Peril
Both threats to enterprises and career opportunities are being created by the escalation of generative AI and ChatGPT, warns Maria 'Azeria' Markstedter.
As Phishing Gets Even Sneakier, Browser Security Needs to Step Up
Perception Point's Din Serussi says browser extensions can help mitigate more sophisticated phishing techniques.
Threat Intelligence Efforts, Investment Lagging, Says Opswat
In an annual survey, 62% of respondents admited their threat intel efforts need stepping up.
Rhysida Ransomware Trains Its Sights on Healthcare Operations
The new group has already made an impact in multiple countries and industries, including a multistate hospital chain in the US.
What CISA and NSA Guidance Means for Critical Infrastructure Security
Strategically investing in solutions that meet you where you are makes all the difference in staying secure from cyber threats.
Disposed-of Gadgets Can Lead to Wi-Fi Network Hacks, Kaspersky Says
Wi-Fi settings are easily stolen when old gadgets are gotten rid of, which puts end users in the crosshairs for network attacks.
Major Police Breach Endangers Safety of Officers & Civilians
A mistake snowballs into a serious political issue as the safety of police officers in Northern Ireland is compromised in an accidental data leak.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
EvilProxy Cyberattack Flood Targets Execs via Microsoft 365
A campaign sent 120,000 phishing emails in three months, circumventing MFA to compromise cloud accounts of high-level executives at global organizations

CISA: 'Whirlpool' Backdoor Sends Barracuda ESG Security Down the Drain
Researchers have observed China's UNC4841 dropping the backdoor on Barracuda's email security appliances, in a spiraling cyber-espionage campaign.

Cybersecurity: It's Time to Trust the Machines
When it comes to cybersecurity automation, the pluses outweigh the minuses.

Navigating Cybersecurity's Seas: Environmental Regulations, OT & the Maritime Industry's New Challenges
Stringent efficiency measures in new environmental regulations create an unintended consequence for the shipping industry: increased cybersecurity risks in operational technology systems.

MORE
EDITORS' CHOICE
Dell Credentials Bug Opens VMware Environments to Takeover
Decoding private keys from even one Dell customer could give attackers control over VMware environments across all organizations running the same programs.
LATEST FROM THE EDGE

What's in New York's 'First-Ever' Cyber Strategy?
Governor Kathy Hochul has made cybersecurity a key priority, with New York's first chief cyber officer, Colin Ahern, leading the effort.
LATEST FROM DR TECHNOLOGY

New LLM Tool Seeks and Remediates Vulnerabilities
Vicarius launches vuln_GPT, which it says will generate and execute scripts to ameliorate flaws such as the TETRA backdoor.
LATEST FROM DR GLOBAL

Raft of TETRA Zero-Day Vulnerabilities Endanger Industrial Communications
Further TETRA-related vulnerabilities have been disclosed in base stations that run and decrypt the worldwide communications protocol for industrial systems.
WEBINARS
  • Protecting the Database: How to Secure Your Enterprise Data

    For many enterprises, the "crown jewels" are found in their database applications - virtual "crown jewels" of data in traditional database applications that are often linked to the Internet. What are the chief threats to today's databases? How can you ...

  • Where and When Automation Makes Sense For Enterprise Cybersecurity

    A shortage of skilled IT security professionals has made it tempting to try to automate everything. But security teams have to be able to determine which tasks are safe to automate. How does emerging automation technology work, and how can ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
  • How to Use Threat Intelligence to Mitigate Third-Party Risk

    The report discusses the various steps of a continuous third-party intelligence lifecycle: Data collection, Data classification, Data storage, Data analysis, reporting, dissemination, continuous monitoring, data governance, and choosing the right technology stack. The report also includes information about how attackers ...

  • Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks

    The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ...

  • How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment

    Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ...
View More Dark Reading Reports >>
PRODUCTS & RELEASES
DARPA Taps RTX to Attune AI Decisions to Human Values
Fortinet Announces Free Security Awareness Curriculum for K-12 Students Tied to White House's Cyber Initiatives
SecurityGen Study Highlights Hidden Threat to 5G Mobile Networks From GTP-Based Cyberattacks
Osano Secures $25M Series B to Advance Data Privacy Platform
MORE PRODUCTS & RELEASES
CURRENT ISSUE

The Secrets of Successful SecOps Data Analytics
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |   Informa Tech  |   Privacy Statement   |   Terms & Conditions  |  Contact Us