Trend Micro Patches Zero-Day Endpoint Vulnerability
The critical vulnerability involves uninstalling third-party security products and has been used in cyberattacks.
https://www.darkreading.com/endpoint/trend-micro-patches-zero-day-endpoint-vulnerability
MGM, Caesars Face Regulatory, Legal Maze After Cyber Incidents
MGM and Caesars are putting new SEC incident disclosure regulations to a real-world test in the aftermath of twin cyberattacks on the casinos, as class-action lawsuits loom.
https://www.darkreading.com/attacks-breaches/mgm-caesars-regulatory-legal-maze-cyber-incidents
Qatar Cyber Chiefs Warn on Mozilla RCE Bugs
The WebP vulnerability affects multiple browsers besides Firefox and Thunderbird, with active exploitation ongoing.
https://www.darkreading.com/dr-global/qatar-cyber-chiefs-warn-mozilla-rce-bugs
Name That Toon: Somewhere in Sleepy Hollow
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
https://www.darkreading.com/application-security/name-that-toon-somewhere-in-sleepy-hollow
Clorox Sees Product Shortages Amid Cyberattack Cleanup
Everyone's favorite pandemic-era brand is experiencing store shortages in the wake of a cyberattack that impacted its global production lines — and there's no timeline for normal operations to resume.
https://www.darkreading.com/ics-ot/clorox-sees-product-shortages-amid-cyberattack-cleanup
CapraRAT Impersonates YouTube to Hijack Android Devices
Pakistani threat group Transparent Tribe targets military and diplomatic personnel in India and Pakistan with romance-themed lures in the latest spyware campaign.
https://www.darkreading.com/endpoint/caprarat-impersonates-youtube-hijack-android-devices
Engineering-Grade OT Protection
The worst-case consequences of cyberattacks are sharply, qualitatively different on IT versus OT networks.
https://www.darkreading.com/ics-ot/engineering-grade-ot-protection
'ShroudedSnooper' Backdoors Use Ultra-Stealth in Mideast Telecom Attacks
The threat cluster hasn't been seen before, but its custom Windows server backdoors have researchers intrigued thanks to their extremely effective stealth mechanisms.
Omdia Research Finds Risk-based Vulnerability Management Set to Encompass the Vulnerability Management Market by 2027
Niagara Networks and Scope Middle East Announce Strategic VAD Partnership
Payment Card-Skimming Campaign Now Targeting Websites in North America
"Silent Skimmer" is a technically complex campaign that has successfully targeted online businesses in the Asia Pacific region for over a year.
Microsoft Azure Data Leak Exposes Dangers of File-Sharing Links
Shared Access Signature (SAS) link exposed a storage bucket with 38TB of private data, including passwords, Teams messages, and the backups of two Microsoft AI research employees' workstations.
https://www.darkreading.com/cloud/microsoft-azure-data-leak-exposes-dangers-of-file-sharing-links
LockBit Is Using RMMs to Spread Its Ransomware
The LockBit group is using native IT management software to live off the land, planting and then spreading itself before deploying its ransomware.
https://www.darkreading.com/threat-intelligence/lockbit-using-rmms-spread-ransomware
Security Conferences Keep Us Honest
Conferences are where vendors and security researchers meet face to face to address problems and discuss solutions — in public.
https://www.darkreading.com/edge-articles/security-conferences-keep-us-honest
Companies Explore Ways to Safeguard Data in the Age of LLMs
Generative AI models are forcing companies to become creative in how they keep employees from giving away sensitive data.
https://www.darkreading.com/dr-tech/companies-explore-ways-to-safeguard-data-in-the-age-of-llms
How to Get Your Board on Board With Cybersecurity
CISOs can refine their soft skills to help get their cybersecurity best-practices message across. Steps include increasing staff incident-response training and staying current with the threat landscap...
Dragos Raises $74M in Latest Funding Round
The funds will be used to expand its global presence beyond Europe and the US.
https://www.darkreading.com/ics-ot/dragos-raises-74m-in-latest-funding-round
A Playbook for Bridging Africa's Cybersecurity Skills Shortage
A pledge to solve the skills and talent shortage by the US government has seen one Nigerian company join the effort and aid Africa.
https://www.darkreading.com/dr-global/playbook-for-bridging-africas-cybersecurity-skills-shortage
Supporting Africa's Cybersecurity Talent Makes the World Safer
The global infosec community needs to help African nations defend against growing threats.
https://www.darkreading.com/dr-global/supporting-africa-cybersecurity-talent-makes-world-safer
AI in Software Development: The Good, the Bad, and the Dangerous
Just like with using open source, organizations need to be diligent about testing AI components and understanding where and how it is used in their software.