GitLab Releases Updates to Address Critical Vulnerabilities
Two vulnerabilities are critical, and three others are determined to be of high, medium, and low severity.
CISA Adds 9.8 'Critical' Microsoft SharePoint Bug to its KEV Catalog
It's a tale as old as time: an old, long-since patched vulnerability that remains actively exploited.
SEC X Account Hack Draws Senate Outrage
Senators from both parties called the Securities and Exchange Commission's lack of MFA "inexcusable" and demand investigation into the regulator's cybersecurity lapse.
https://www.darkreading.com/cyberattacks-data-breaches/sec-x-account-crypto-hack-draws-senate-ire-
Hyundai MEA X Account Hacked, Followed by Crypto Promotion
Attackers hit more X accounts to promote Overworld Bitcoin registration.
Cybersecurity Incidents Consistently Increase in UAE
Malicious insider threats are increasingly becoming a cause for concern among businesses in the United Arab Emirates.
Your Cybersecurity Budget Is a Horse's Rear End
Are historical budget constraints limiting your cybersecurity program? Don't let old saws hold you back. It's time to revisit your budget with revolutionary future needs front of mind.
https://www.darkreading.com/ics-ot-security/your-cybersecurity-budget-is-horses-rear-end
Taking a Page From Data Scientists for Better Security
A security data lake approach can help your enterprise get a better handle on the massive proliferation of data.
https://www.darkreading.com/cloud-security/taking-a-page-from-data-scientists-for-better-security
FBI Warns More Election "Chaos" in 2024
FBI Director Christopher Wray says to have confidence in the American election system but to expect ongoing information warfare, pointing to China as most formidable threat actor.
https://www.darkreading.com/cloud-security/fbi-warns-more-election-chaos-in-2024
The Future of IT: Info-Tech LIVE 2024 Conference Announced for September
Info-Tech Research Group has announced the return of Info-Tech LIVE for 2024, an event for IT leaders, exhibitors, and media to explore emerging technology trends and innovative insights.
Mandiant, SEC Lose Control of X Accounts Without 2FA
Crypto hacks on Mandiant and SEC X accounts are the predictable result of the social media platform's upcharge for basic cybersecurity protections, experts say.
Move Over, APTs: Cybercriminals Now Target Critical Infrastructure Too
Danish energy sector attacks attributed to Russia's Sandworm APT turn out to be the work of a new concern: cyber opportunists.
OpenAI's New GPT Store May Carry Data Security Risks
Third-party developers of custom GPTs (mostly) aren't able to see your chats, but they can access, store, and potentially utilize some other kinds of personal data you share.
https://www.darkreading.com/cyber-risk/openai-new-gpt-store-data-security-risks
Volt Typhoon Ramps Up Malicious Activity Against Critical Infrastructure
The Chinese state-sponsored APT has compromised as many as 30% of Cisco legacy routers on a SOHO botnet that multiple threat groups use.
Ivanti Researchers Report Two Critical Zero-Day Vulnerabilities
Patches will be available in late January and February, but until then, customers must take mitigation measures.
UAE Faces Fresh Plague of Phishing Scams, Poisoned Searches
Dubai Police are issuing warnings about highly indexed websites that mimic popular online destinations, like the city's travel card top-up site.
https://www.darkreading.com/cyberattacks-data-breaches/uae-phishing-scams-poisoned-searches
Critical Start Implements Cyber Risk Assessments With Peer Benchmarking and Prioritization Engine
Claroty Welcomes Former US National Cyber Director Chris Inglis to Advisory Board
Orca Security Appoints Raf Chiodo As Chief Revenue Officer
Fake Recruiters Defraud Facebook Users via Remote-Work Offers
Scammers are targeting multiple brands with "job offers" on Meta's social media platform, that go as far as to offer what look like legitimate job contracts to victims.
Anonymous Sudan Launches Cyberattack on Chad Telco
Hacktivists attack infrastructure, including routers, network administration systems, and devices.