Gulf Region Accelerates Adoption of Zero Trust
United Arab Emirates will likely be one of the first in the region to implement zero-trust security due to its heavy adoption of cloud technologies.
https://www.darkreading.com/cloud-security/gulf-region-accelerates-adoption-of-zero-trust
The Next Gen of Cybersecurity Could Be Hiding in Big Tech
Public-private partnerships, increasing cybersecurity budgets for public organizations, and retraining existing tech talent to make the jump to cyber will help ease the staffing crunch.
Beyond Identity Introduces Device360 for Security Risk Visibility Across All Devices
Palo Alto Networks Launches Cortex Platform Offer
https://www.darkreading.com/endpoint-security/palo-alto-networks-launches-cortex-platform-offer
Redesigning the Network to Fend Off Living-Off-the-Land Tactics
The growing threat of living-off-the-land tactics requires a rethink of network traffic visibility to prevent these types of attacks
Apple Beefs Up iMessage With Quantum-Resistant Encryption
The revamped iMessage app uses Apple's new PQ3 post-quantum cryptographic protocol, which its engineers say will make it the most secure messaging app — but Signal's president begs to differ.
Lovers' Spat? North Korea Backdoors Russian Foreign Affairs Ministry
First Brad and Jennifer, now Kim and Putin? Romance truly is dead, as North Korea is caught spying (again) on its partner to the north with the Konni malware.
Orgs Face Major SEC Penalties for Failing to Disclose Breaches
In what could be an enforcement nightmare, potentially millions of dollars in fines, reputational damage, shareholder lawsuits, and other penalties await companies that fail to comply with the SEC's n...
https://www.darkreading.com/cyber-risk/orgs-face-major-sec-penalties-failing-disclose-breaches
Avast to Pay $16.5M Fine For Selling Consumer Browsing Data
The FTC found that Avast collected reams of personal data through its antivirus product, then sold it to more than 100 third parties without disclosing its practices.
Privacy Beats Ransomware as Top Insurance Concern
Despite ransomware losses remaining high, privacy violations have quickly risen to second in a list of expected cyber insurance claims costs.
https://www.darkreading.com/data-privacy/privacy-ransomware-top-2024-cyber-insurance
Malawi Immigration Dept. Halts Passport Services Amid Cyberattack
President of Malawi vows not to pay ransom to "appease criminals."
Alarm Over GenAI Risk Fuels Security Spending in Middle East & Africa
Organizations boost cybersecurity budgets to tackle data-privacy and cloud-security threats amid speedy adoption of generative AI.
ConnectWise ScreenConnect Mass Exploitation Delivers Ransomware
Hundreds of initial access brokers and cybercrime gangs are jumping on the max-critical CVE-2024-1709 authentication bypass, threatening orgs and downstream customers.
Fostering Collaboration for Standardized Threat Investigation & Response
Working together can bring much-needed trust to the industry and help safeguard people, organizations, and government — now and in the future.
Pharmacy Delays Across US Blamed on Nation-State Hackers
Healthcare tech provider Change Healthcare says a suspected nation-state threat actor breached its systems, causing pharmacy transaction delays nationwide.
Hubris May Have Contributed to Downfall of Ransomware Kingpin LockBit
The most prolific ransomware group in recent years was on the decline at the time of its takedown, security researchers say.
https://www.darkreading.com/cyberattacks-data-breaches/hubris-may-have-caused-lockbit-s-downfall
Insurers Use Claims Data to Recommend Cybersecurity Technologies
Policy holders using certain technologies — such as managed detection and response (MDR) services, Google Workspace, and email security gateways — gain premium discounts from cyber insurers.
https://www.darkreading.com/cyber-risk/insurers-claims-data-recommend-cybersecurity-technologies
iSoon's Secret APT Status Exposes China's Foreign Hacking Machinations
Chinese government agencies are paying an APT, masked as a legitimate company, to spy on foreign and domestic targets of political interest.
NSA Cybersecurity Director Rob Joyce to Retire
His retirement will go into effect on March 31, concluding 34 years of service to the National Security Agency.
https://www.darkreading.com/cybersecurity-operations/nsa-cybersecurity-director-rob-joyce-to-retire
Zero-Click Apple Shortcuts Vulnerability Allows Silent Data Theft
Vulnerability CVE-2024-23204, affecting Apple's popular Shortcuts app, suggests a critical need for ongoing security awareness in the macOS and iOS ecosystem.