Dark Reading Daily -- April 11, 2024

Much of the open source code embedded in enterprise software stacks comes from small, under-resourced, volunteer-run projects.

LATEST SECURITY NEWS & COMMENTARY

XZ Utils Scare Exposes Hard Truths About Software Security

Much of the open source code embedded in enterprise software stacks comes from small, under-resourced, volunteer-run projects.

Medusa Gang Strikes Again, Hits Nearly 300 Fort Worth Property Owners

Though a municipal agency assures the public that few are affected, hundreds have their data held ransom for $100,000 by the ransomware gang.

NSA Updates Zero-Trust Advice to Reduce Attack Surfaces

Agency encourages broader use of encryption, data-loss prevention, as well as data rights management to safeguard data, networks, and users.

TA547 Uses an LLM-Generated Dropper to Infect German Orgs

It's finally happening: Rather than just for productivity and research, threat actors are using LLMs to write malware. But companies need not worry just yet.

How Nation-State DDoS Attacks Impact Us All

Global organizations and geopolitical entities must adopt new strategies to combat the growing sophistication in attacks that parallel the complexities of our new geopolitical reality.

Cagey Phishing Campaign Delivers Multiple RATs to Steal Windows Data

Various anti-detection features, including the use of the ScrubCrypt antivirus-evasion tool, fuel an attack that aims to take over Microsoft Windows machines.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
Round 2: Change Healthcare Targeted in Second Ransomware Attack RansomHub, which is speculated to have some connection to ALPHV, has stolen 4TB of sensitive data from the beleaguered healthcare company. EV Charging Stations Still Riddled With Cybersecurity Vulnerabilities As more electric vehicles are sold, the risk to compromised charging stations looms large alongside the potential for major cybersecurity exploits. Why Liquid Cooling Systems Threaten Data Center Security & Our Water Supply We are potentially encroaching on a water supply crisis if data center operators, utilities, and the government don't implement preventative measures now. Frameworks, Guidelines & Bounties Alone Won't Defeat Ransomware We need more than "do-it-yourself" approaches to threats that clearly rise to the level of national security issues. MORE

PRODUCTS & RELEASES

MedSec Launches Cybersecurity Program For Resource-Constrained Hospitals

National Security Agency Announces Dave Luber As Director of Cybersecurity

Wiz Acquires Gem Security to Expand Cloud Detection and Response Offering

ESET Launches a New Solution for Small Office/Home Office Businesses

Veriato Launches Next Generation Insider Risk Management Solution

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Microsoft Patch Tuesday Tsunami: No Zero-Days, but an Asterisk

Microsoft patched a record number of 147 new CVEs this month, though only three are rated "Critical."

LATEST FROM THE EDGE

Tips for Securing the Software Supply Chain

Industry experts share how to implement comprehensive security strategies necessary to secure the software supply chain in Dark Reading's latest Tech Insights report.

LATEST FROM DR TECHNOLOGY

Selecting the Right Authentication Protocol for Your Business

Prioritizing security and user experience will help you build a robust and reliable authentication system for your business.

LATEST FROM DR GLOBAL

Japan, Philippines & US Forge Cyber Threat Intel-Sharing Alliance

Following the Volt Typhoon attacks on critical infrastructure in the region by China, the US reportedly will share cybersecurity threat information with both countries.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>