The 3 Most Prevalent Cyber Threats of the Holidays
Chaos and volume of holiday season sales make a perfect storm of threat opportunity. Companies need to prepare — and practice! — action plans, identify key stakeholders, and consider cyber insurance.
https://www.darkreading.com/vulnerabilities-threats/3-most-prevalent-cyber-threats-holidays
Pro-Iran Attackers Access Multiple Water Facility Controllers
Multiple agencies warn that attackers have been active since Nov. 22, targeting operational technology (OT) across the US.
Human-Centric Security Model Meets People Where They Are
Instead of fighting workarounds that compromise security, a human-centered system fixes the process issues that prompt people to work dangerously.
ProvenRun Secures €15M Series A to Accelerate its Growth
https://www.darkreading.com/ics-ot-security/provenrun-secures-15m-series-a-to-accelerate-its-growth
Cybersixgill Announces Identity Intelligence Module for Threat Analysis
CISOs See Software Supply Chain Security As Bigger Blind Spot Than GenAI: Cycode
Medical Imaging Patients Exposed in Cyber Incident
Unauthorized actors accessed patient information, including exam and procedure details, scans, and Social Security numbers.
Russia's 'Star Blizzard' APT Upgrades its Stealth, Only to Be Unmasked Again
A state-sponsored Scooby Doo villain has once again been thwarted by those meddling researchers.
https://www.darkreading.com/threat-intelligence/russia-star-blizzard-apt-upgrades-stealth-unmasked
Researchers Show How to Use One LLM to Jailbreak Another
"Tree of Attacks With Pruning" is the latest in a growing string of methods for eliciting unintended behavior from a large language model.
https://www.darkreading.com/cyber-risk/researchers-show-how-to-use-one-llm-to-jailbreak-another
Proxy Trojan Targets macOS Users for Traffic Redirection
Apple users who end up with the Trojan on their machines face a number of bad outcomes, including potential criminal liability.
Ransomware, Data Breaches Inundate OT & Industrial Sector
Because of the criticality of remaining operational, industrial companies and utilities are far more likely to pay, attracting even more threat groups and a focus on OT systems.
https://www.darkreading.com/ics-ot-security/ransomware-data-breaches-inundate-ot-industrial-sector
'HeadCrab' Malware Variants Commandeer Thousands of Servers
New techniques in a second variant of the malware improved functionality and communication commands.
As SAT Goes Digital, Schools Must Prepare for Disruption
Local school districts nationwide need to ensure the basic security and readiness of their network infrastructure before spring 2024.
https://www.darkreading.com/vulnerabilities-threats/sat-goes-digital-schools-must-prepare
Krasue RAT Uses Cross-Kernel Linux Rootkit to Attack Telecoms
A stealthy malware is infecting the systems of telecoms and other verticals in Thailand, remaining under the radar for two years after its code first appeared on VirusTotal.
https://www.darkreading.com/threat-intelligence/krasue-rat-cross-kernel-linux-rootkit-telecom
Iran Threatens Israel's Critical Infrastructure With 'Polonium' Proxy
Cyber mimics life, as Iran uses Lebanese hackers to attack its bête noire.
4 Metrics That Help CISOs Become Strategic Partners With the Board
To demonstrate the CISO role's value, frame your work using metrics that align with the most critical parts of every business: risk, growth, expenses, and people.
Dragos Expands Defense Program for Small Utilities
The Dragos Community Defense Program provides small water, gas, and electric utilities with access to the Dragos Platform, training resources, and threat intelligence.
https://www.darkreading.com/ics-ot-security/dragos-expands-defense-program-for-small-utilities
DTEX Systems Appoints Mandiant Global CTO Marshall Heilman As CEO
Cloudbrink Presents Firewall-As-Service for the Hybrid Workplace
Patch Now: Critical Atlassian Bugs Endanger Enterprise Apps
Four RCE vulnerabilities in Confluence, Jira, and other platforms, allow instance takeover and environment infestation.