Dark Reading Daily -- October 02, 2024

The bug gives attackers a way to run arbitrary code on affected servers and take control of them.

LATEST SECURITY NEWS & COMMENTARY

Zimbra RCE Vuln Under Attack Needs Immediate Patching

The bug gives attackers a way to run arbitrary code on affected servers and take control of them.

Cyberattackers Use HR Targets to Lay More_Eggs Backdoor

The FIN6 group is the likely culprit behind a spear-phishing campaign that demonstrates a shift in tactics, from targeting job seekers to going after those who hire.

Gov't, Judicial IT Systems Beset by Access Control Bugs

Poor permission controls and user input validation is endemic to the platforms that protect Americans' legal, medical, and voter data.

LockBit Associates Arrested, Evil Corp Bigwig Outed

A global operation cuffed four LockBit suspects and offered more details into the org chart of Russia's infamous Evil Corp cybercrime gang.

Infrastructure vs. Runtime — Where Are Your Priorities?

Amid the noise of new solutions and buzzwords, understanding the balance between securing infrastructure and implementing runtime security is key to crafting an effective cloud strategy.

(Sponsored Article) 7 Preventable Mistakes Even Top Security Teams Make

Even the most seasoned security operations centers have bad habits that increase organizational inefficiencies, burnout, and risk.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
Overtaxed State CISOs Struggle With Budgeting, Staffing CISOs for US states face the same kinds of challenges those at private companies do: lots of work to handle, but not necessarily enough money or people to handle it sufficiently well. Treat Your Enterprise Data Like a Digital Nomad By combining agility with compliance, and security with accessibility, businesses will treat their data as a well-prepared traveler, ready for any adventure. DoJ Charges 3 Iranian Hackers in Political 'Hack & Leak' Campaign The cyberattackers allegedly stole information from US campaign officials only to turn around and weaponize it against unfavored candidates. Sloppy Entra ID Credentials Attract Hybrid Cloud Ransomware Microsoft warns that ransomware group Storm-0501 has shifted from buying initial access to leveraging weak credentials to gain on-premises access before moving laterally to the cloud. MORE

PRODUCTS & RELEASES

Kevin Mandia Joins Expel's Board of Directors

Palo Alto Networks and Deloitte Expand Strategic Alliance Globally

Apono Raises $15.5M Series A Funding for AI-driven, Least Privilege Solution Set

Darktrace Announces Formal Completion of its Acquisition by Thoma Bravo

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Calif. Gov. Vetoes AI Safety Bill Aimed at Big Tech Players

Critics viewed the bill as seeking protections against nonrealistic "doomsday" fears, but most stakeholders agree that oversight is needed in the GenAI space.

LATEST FROM THE EDGE

Normalizing Security Culture: You Don't Have to Get Ready If You Stay Ready

Prioritizing security as a critical element to an organization's effectiveness and success will reduce the risk of incidents, while benefiting the whole team and the organization's reputation.

LATEST FROM DR TECHNOLOGY

Dragos Expands ICS Platform With New Acquisition

The addition of Network Perception will provide Dragos with enhanced network visibility, compliance and segmentation analytics to the Dragos OT cybersecurity platform.

LATEST FROM DR GLOBAL

UAE, Saudi Arabia Become Plum Cyberattack Targets

Hacktivism-related DDoS attacks have risen 70% in the region, most often targeting the public sector, while stolen data and access offers dominate the Dark Web.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>