Data De-Identification: Balancing Privacy, Efficacy & Cybersecurity
Companies must do a delicate dance between consumer privacy protection, upholding their product's efficacy, and de-risking cyber breaches to run the business.
https://www.darkreading.com/risk/data-de-identification-balancing-privacy-efficacy-cybersecurity-
Balancing Simplicity and Security in the Digital Experience
New data shows consumer preferences for security in digital experiences and indicates ways businesses can best protect digital identity in today's digital world.
https://www.darkreading.com/cloud/balancing-simplicity-and-security-in-the-digital-experience
Generative AI Takes on SIEM
IBM joins Crowdstrike and Microsoft is releasing AI models to cloud-native SIEM platforms.
https://www.darkreading.com/emerging-tech/generative-ai-takes-on-siem
Exploit for Critical Windows Defender Bypass Goes Public
Threat actors were actively exploiting CVE-2023-36025 in Windows SmartScreen as a zero-day vulnerability before Microsoft patched it in November.
https://www.darkreading.com/vulnerabilities-threats//exploit-critical-windows-defender-bypass-public
Kiteworks' Maytech Acquisition Reaffirms Commitment to UK Market
Fake Browser Updates Targeting Mac Systems With Infostealer
A pervasive ClearFake campaign targeting Windows systems with Atomic Stealer has expanded its social engineering scams to MacOS users, analysts warn.
Hack The Box Launches 5th Annual University CTF Competition
Web Shells Gain Sophistication for Stealth, Persistence
A favorite post-exploitation tool continues to gain sophistication, with one recent example adding disguised log-in pages, credential stealing, and information gathering via services such as VirusTota...
https://www.darkreading.com/cloud/web-shells-sophistication-stealth-persistence
Proof of Concept Exploit Publicly Available for Critical Windows SmartScreen Flaw
Threat actors were actively exploiting CVE-2023-36025 before Microsoft patched it in November.
Researchers Undermine 'Windows Hello' on Lenovo, Dell, Surface Pro PCs
Biometric security on PCs isn't quite as bulletproof as you might think, as the line between sensors and host computers can be tampered with.
Qatar Cyber Agency Runs National Cyber Drills
Qatari organizations participate in cybersecurity exercises to hone their incident response plans and processes.
https://www.darkreading.com/dr-global/qatar-cyber-agency-runs-national-cyber-drills
Mideast Oil & Gas Facilities Could Face Cyber-Related Energy Disruptions
The Israel-Gaza conflict could expose the region's oil and gas operations to renewed cyberattacks, with global ramifications.
https://www.darkreading.com/dr-global/mideast-oil-gas-facilities-could-face-cyber-energy-disruptions
Idaho National Nuclear Lab Targeted in Major Data Breach
The laboratory operates a major test reactor, tests advanced nuclear energy concepts, and conducts research involving hydrogen production and bioenergy.
https://www.darkreading.com/ics-ot/idaho-national-nuclear-lab-targeted-in-major-data-breach
3 Ways to Stop Unauthorized Code From Running in Your Network
As organizations increasingly rely on AI-developed code, they must put guardrails in place to prevent major cybersecurity risks related to malicious code.
https://www.darkreading.com/risk/3-ways-to-stop-unauthorized-code-from-running-in-your-network
Scattered Spider Hops Nimbly From Cloud to On-Prem in Complex Attack
The actor behind the high-profile MGM incident jumps across segmentations in under an hour, in a ransomware attack spanning Okta, Citrix, Azure, SharePoint, and more.
https://www.darkreading.com/cloud/scattered-spider-hops-nimbly-cloud-on-prem-complex-attack
Rootkit Turns Kubernetes From Orchestration to Subversion
Kubernetes compromises have usually led to attackers creating cryptomining containers, but the outcomes could be much worse, say researchers presenting at the Black Hat Europe conference.
https://www.darkreading.com/black-hat/rootkit-turns-kubernetes-from-orchestration-to-subversion
The Persian Gulf's March to the Cloud Presents Global Opportunities
Loosening attitudes about cloud security are expected to create a nearly $10 billion public cloud market in the Middle East by 2027.
https://www.darkreading.com/dr-global/persian-gulfs-march-to-cloud-presents-global-opportunities
The 7 Deadly Sins of Security Awareness Training
Stay away from using these tactics when trying to educate employees about risk.
https://www.darkreading.com/edge/the-7-deadly-sins-of-security-awareness-training
Citrix Bleed Bug Inflicts Mounting Wounds, CISA Warns
Patch or isolate now: Organizations in every sector run the risk of hemorrhaging data as opportunistic attacks from LockBit ransomware and others grow.
Exploit for Critical Windows Defender Bypass Goes Public
Threat actors were actively exploiting CVE-2023-36025 in Windows SmartScreen as a zero-day vulnerability before Microsoft patched it in November.
https://www.darkreading.com/vulnerabilities-threats/exploit-critical-windows-defender-bypass-public