Mideast Retailers Dogged by Scam Facebook Pages Offering 'Investment' Opportunities

Around 900 pages were identified as using Arabic language and familiar brand names to snare users and steal their money and personal details — presenting big brand protection issues for retailers.

https://www.darkreading.com/dr-global/mideast-retailers-scam-facebook-pages-investment-opportunities

Cybersecurity and Compliance in the Age of AI

It takes a diverse village of experts to enact effective cybersecurity guidelines, practices, and processes.

https://www.darkreading.com/risk/cybersecurity-and-compliance-in-the-age-of-ai

'Scattered Spider' Behind MGM Cyberattack, Targets Casinos

The ransomware group is a collection of young adults, and also recently breached Caesars Entertainment and made a ransom score in the tens of millions range.

https://www.darkreading.com/attacks-breaches/-scattered-spider-mgm-cyberattack-casinos

Professional Sports: The Next Frontier of Cybersecurity?

Sports teams, major leagues, global sporting associations, and entertainment venues are all home to valuable personal and business data. Here's how to keep them safe.

https://www.darkreading.com/microsoft/are-professional-sports-the-next-frontier-of-cybersecurity-

Claroty Unveils Vulnerability & Risk Management Capabilities to Elevate Risk Reduction for Cyber-Physical Systems

https://www.darkreading.com/ics-ot/claroty-unveils-vulnerability-risk-management-capabilities-to-elevate-risk-reduction-for-cyber-physical-systems

NordVPN Launches Sonar to Prevent Phishing Attacks

https://www.darkreading.com/endpoint/nordvpn-launches-sonar-to-prevent-phishing-attacks

Kubernetes Admins Warned to Patch Clusters Against New RCE Vulns

All Windows endpoints within a vulnerable Kubernetes cluster are open to command injection attacks, new research finds.

https://www.darkreading.com/vulnerabilities-threats/kubernetes-admins-warned-to-patch-clusters-against-new-rce-vulns

Rail Cybersecurity Is a Complex Environment

CISOs in the rail industry must protect an older, more complex infrastructure than most industries. Here are some of the unique, high-stakes challenges.

https://www.darkreading.com/edge-articles/rail-cybersecurity-is-a-complex-environment

Federal Mandates on Medical-Device Cybersecurity Get Serious

In October, the US Food and Drug Administration will start rejecting medical devices that lack a secure design or a post-market cybersecurity plan.

https://www.darkreading.com/iot/federal-mandates-on-medical-device-cybersecurity-mandate-get-serious

Microsoft Azure HDInsight Plagued With XSS Vulnerabilities

To boot, the technology could be riddled with other flaws via its Apache services components, a security vendor says.

https://www.darkreading.com/application-security/microsoft-azure-hdinsight-xss-vulnerabilities

When LockBit Ransomware Fails, Attackers Deploy Brand-New '3AM'

Nothing good happens after 2 a.m., they say, especially when hackers have two kinds of ransomware at their disposal.

https://www.darkreading.com/attacks-breaches/when-lockbit-ransomware-fails-attackers-deploy-brand-new-3am

A 2-Week Prescription for Eliminating Supply Chain Threats

Giving users time to detect and then update hijacked packages can help developers avoid using malicious code in software development.

https://www.darkreading.com/attacks-breaches/2-week-supply-chain-threat

Cybersecurity Skills Gap: Roadies & Gamers Are Untapped Talent

Gamers and former sound engineers and roadies can help boost the cybersecurity talent pool. Their flexible mindset and attention to detail make them valuable resources.

https://www.darkreading.com/operations/cybersecurity-skills-gap-roadies-gamers-are-untapped-talent

Recent Rhysida Attacks Show Focus on Healthcare By Ransomware Actors

The operators of the Rhysida ransomware-as-a-service have claimed credit for a crippling attack on Mississippi's Singing River health system.

https://www.darkreading.com/attacks-breaches/recent-rhysida-attacks-show-focus-on-healthcare-sector-by-ransomware-actors

Microsoft Patches a Pair of Actively Exploited Zero-Days

Five critical bugs, zero-days exploited in the wild, Exchange Server, and more headline Microsoft's September 2023 Patch Tuesday release. Here's what to patch now.

https://www.darkreading.com/application-security/microsoft-patches-pair-of-actively-exploited-zero-days

China's Winnti APT Compromises National Grid in Asia for 6 Months

Attacks against critical infrastructure are becoming more commonplace and, if a recent PRC-sponsored attack is anything to go by, easier to pull off.

https://www.darkreading.com/ics-ot/chinas-winnti-apt-compromises-national-grid-in-asia-for-6-months

Critical Google Chrome Zero-Day Bug Exploited in the Wild

The security vulnerability could lead to arbitrary code execution by way of application crashing.

https://www.darkreading.com/vulnerabilities-threats/critical-google-chrome-zero-day-bug-exploited

Israeli Hospital Hit By Ransomware Attack, 1TB Data Stolen

Vital medical equipment was unaffected, but attackers stole and leaked lots of personal data.

https://www.darkreading.com/dr-global/israeli-hospital-hit-by-attackers-1tb-data-stolen

MGM Resorts Cyberattack Hobbles Las Vegas Strip Operations

Hospitality behemoth struggles to recover following a Sunday cyber incident that looks a lot like a ransomware attack.

https://www.darkreading.com/attacks-breaches/mgm-resorts-cyberattack-hobbles-las-vegas-strip-operations

IBM Adds Data Security Broker to Encrypt Data in Multiclouds

The new IBM Cloud Security Compliance Center includes a data security broker from Baffle to offer enterprises field and file level encryption of sensitive data.

https://www.darkreading.com/dr-tech/ibm-adds-data-security-broker-to-encrypt-data-in-multiclouds