CSC Partners With NetDiligence to Help Mitigate Cyber Risks
https://www.darkreading.com/cyber-risk/csc-partners-with-netdiligence-to-help-mitigate-cyber-risks
United Nations Digging Into DPRK Crypto Cyberattacks Totaling $3B
The UN is reportedly investigating dozens of crypto cyberattacks suspected to have earned the North Korean regime billions to fund its nuclear program.
Bugcrowd Secures $102M in Strategic Growth Funding to Scale AI-Powered Crowdsourced Security Platform
US Govt. Offers Millions in Bounties to Find Hive Ransomware Actors
The move by the State Department complements a Hive infrastructure takedown by international law enforcement.
33M French Citizens Impacted in Country's Largest-Ever Breach
Viamedis and Almerys, two payment processors widely used by French health insurers, were victims of cyberattackers who struck five days apart.
https://www.darkreading.com/cloud-security/33m-french-citizens-countrys-largest-ever-breach
It's Time to Rethink Third-Party Risk Assessment
Continuously evaluating and updating your third-party risk assessment can improve your security posture and ensure your company doesn't have the next headline-making incident.
https://www.darkreading.com/cyber-risk/it-s-time-to-rethink-third-party-risk-assessment-
Fortinet, Ivanti Keep Customers Busy With Yet More Critical Bugs
Brand-new vulnerabilities from both vendors this week — one exploited in the wild — add to a steady stream of critical security issues in the security platforms.
China's Dogged Campaign to Portray Itself as Victim of US Hacking
After the US and its allies formally accused China of irresponsible and malicious behavior in cyberspace back in 2021, the government there has been on a mission to cast the US in the same light.
https://www.darkreading.com/cybersecurity-operations/china-dogged-campaign-victim-of-us-hacking
Ongoing Azure Compromises Target Senior Execs, Microsoft 365 Apps
Attackers are breaching cloud environments and playing games with corporate Microsoft 365 apps, and further victims are likely to come.
https://www.darkreading.com/cloud-security/senior-executives-targeted-ongoing-azure-account-takeover
CISO Corner: DoD Regs, Neurodiverse Talent & Tel Aviv's Light Rail
Also in this issue: How the SEC's reporting rules are being weaponized, quishing attacks plaguing execs, and tabletop exercises making a comeback.
Ransomware Groups Claim Hits on Hyundai Motor Europe and a California Union
The unrelated cyberattacks both occurred in January.
MacOS Targeted by New Backdoor Linked to ALPHV Ransomware
MacOS data exfiltration malware poses as an update for Visual Studio code editor.
Deepfake Democracy: AI Technology Complicates Election Security
While cybersecurity risks to the democratic process have been pervasive for many years now, the prevalence of AI now represents new threats.
https://www.darkreading.com/application-security/deepfake-democracy-ai-technology-election-security
Middle East Cybersecurity Teams Want More Budget
Meanwhile, cyber threats are spiking in the region.
Kenya Detected Over 1B Cyber Threats in Q4
Officials attribute the massive volume to the nation's enhanced cyber threat monitoring capabilities.
How 'Big 4' Nations' Cyber Capabilities Threaten the West
Russia, China, Iran, and North Korea pose significant cyber threats to Western nations.
etherFAX Pioneering Interoperable Secure Cloud Fax Standards
Billington CyberSecurity to Host 1st State and Local Cyber Summit in Wake of Serious Cyberattacks
'Coyote' Malware Begins Its Hunt, Preying on 61 Banking Apps
Brazil, the world's center for banking Trojan malware, has produced one of its most advanced tools yet. And as history shows, Coyote may soon expand its territory.
https://www.darkreading.com/threat-intelligence/coyote-malware-preying-61-banking-apps
QR Code 'Quishing' Attacks on Execs Surge, Evading Email Security
The use of QR codes to deliver malicious payloads jumped in Q4 2023, especially against executives, who saw 42 times more QR code phishing than the average employee.
https://www.darkreading.com/endpoint-security/qr-code-quishing-attacks-execs-email-security