While China is already among the world's most formidable threat actors, a focus on exploiting public-facing appliances makes its state-sponsored APTs more dangerous than ever.
Follow Dark Reading:
 November 16, 2023
LATEST SECURITY NEWS & COMMENTARY
Zero-Days in Edge Devices Become China's Cyber Warfare Tactic of Choice
While China is already among the world's most formidable threat actors, a focus on exploiting public-facing appliances makes its state-sponsored APTs more dangerous than ever.
21 Vulnerabilities Discovered in Crucial IT-OT Connective Routers
In this Black Hat Europe preview, devices bridging critical machinery with the wider Internet are exposed and subject to numerous supply chain-induced bugs.
Rackspace Ransomware Costs Soar to Nearly $12M
Rackspace's 2022 ransomware attack costs only continue to mount, with lawsuits in the offing — and show the long-tail costs of a cyberattack.
MOVEit Hackers Pivot to SysAid Zero-Day in Ransomware Attacks
The Cl0p ransomware group is actively exploiting a SysAid zero-day flaw after running rampant through enterprise systems using MOVEit file transfer bug.
'CitrixBleed' Linked to Ransomware Hit on China's State-Owned Bank
Meanwhile, CISA joins the call to patch CVE-2023-4966 immediately amid reports of mass-exploit activity; at least 5,000 orgs remain exposed.
'Hunters International' Cyberattackers Take Over Hive Ransomware
Hunters International appears to have acquired Hive ransomware from its original operators and may be seeking to cash in on the malware's reputation.
'BlazeStealer' Python Malware Allows Complete Takeover of Developer Machines
Checkmarx researchers warn that BlazeStealer can exfiltrate information, steal passwords, disable PCs, and take over webcams.
There's Only One Way to Solve the Cybersecurity Skills Gap
The cybersecurity skills gap is making businesses more vulnerable, but it won't be fixed by upskilling high-potential recruits alone.
SEC Suit Ushers in New Era of Cyber Enforcement
A federal push to enforce cybersecurity requirements is holding public companies and government contractors accountable as a matter of law and for national security.
Steps CISOs Should Take Before, During & After a Cyberattack
By creating a plan of action, organizations can better respond to attacks.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
How to Outsmart Malware Attacks That Can Fool Antivirus Protection
One of the main challenges for Android users is protecting themselves malicious applications that can damage devices or perform other harmful actions.

Navigating Tech Risks in Modern M&A Waters
Executives must rise to the challenge and take immediate action to grasp the intricacies of data, technology, and infrastructure within M&A.

Defending Against Attacks on Vulnerable IoT Devices
Organizations must approach cybersecurity as if they are defending themselves in a cyberwar.

MORE
EDITORS' CHOICE
Microsoft Zero-Days Allow Defender Bypass, Privilege Escalation
Another two bugs in this month's set of fixes for 63 CVEs were publicly disclosed previously but have not been exploited yet.
LATEST FROM THE EDGE

Name That Edge Toon: Out for the Count
Come up with a clever cybersecurity-related caption, and our panel of experts will reward the winner with a $25 Amazon gift card.
LATEST FROM DR TECHNOLOGY

First Wave of Vulnerability-Fixing AIs Available for Developers
GitHub joins a handful of startups and established firms in the market, but all the products are essentially "caveat developer" — let the developer beware.
LATEST FROM DR GLOBAL

Worldwide Hacktivists Take Sides Over Gaza, With Little to Show for It
Keyboard warriors are claiming to contribute to the Gaza war with OT attacks. You should be skeptical.
WEBINARS
  • Tricks to Boost Your Threat Hunting Game

    Proactive "threat hunting" is becoming a more common practice for organizations who know it is no longer enough to detect threats and defend against them. How do these enterprises build threat hunting programs? How do they staff them, and what ...

  • Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and Phishing

    Many of today's most damaging cyberattacks begin with a phishing lure delivered over corporate email. The attacks against Microsoft Exchange illustrated the extent of damage attackers can inflict by targeting enterprise email servers. Many enterprises still don't have a unified ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Software Vulnerabilities Are on the Decline, According to New Synopsys Research
Malwarebytes Labs Reveals 50% Uptick in Credit Card Skimming in Advance of the Holiday Shopping Season
ALTR Closes $25M Series C Financing
Beyond Identity Releases New Assessment to Guide Companies Toward Zero Trust
Stream Security Expands into CloudSecOps Market With Launch of Real-Time Cloud Security Solution
Egress and KnowBe4 Extend Partnership to Offer AI-based Adaptive Email Security and Training
MORE PRODUCTS & RELEASES
CURRENT ISSUE

Key DevSecOps Principles for Enterprise Mobile App Development
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us