Unsolved Cyber Mysteries: Signal Hacking

Episode 1 of Bugcrowd's "Unsolved Cyber Mysteries" docuseries describes signal-hacking attacks in the 1980s and the potential motivations behind them.

https://www.darkreading.com/cybersecurity-operations/unsolved-cyber-mysteries-signal-hacking

'Elektra-Leak' Attackers Harvest AWS Cloud Keys in GitHub Campaign

Cyber adversaries are scanning public GitHub repositories in real-time, evading Amazon quarantine controls, and harvesting AWS keys.

https://www.darkreading.com/cloud-security/elektra-leak-attackers-harvest-aws-cloud-keys-github-campaign

Graylog Secures $39 Million Investment to Accelerate Growth and Security Product Line Expansion

https://www.darkreading.com/cybersecurity-operations/graylog-secures-39-million-investment-to-accelerate-growth-and-security-product-line-expansion

ReasonLabs Unveils RAV VPN for Apple iOS

https://www.darkreading.com/endpoint-security/reasonlabs-unveils-rav-vpn-for-apple-ios

Attackers Target Max-Severity Apache ActiveMQ Bug to Drop Ransomware

More than 3,000 systems are exposed and vulnerable to attack on the Internet.

https://www.darkreading.com/cyberattacks-data-breaches/attackers-target-max-severity-apache-activemq-bug-to-drop-ransomware

Critical Atlassian Bug Exploit Now Available; Immediate Patching Needed

In-the-wild exploit activity from dozens of cyberattacker networks is ramping up for the security vulnerability in Confluence, tracked as CVE-2023-22518.

https://www.darkreading.com/cyberattacks-data-breaches/critical-atlassian-bug-exploit-immediate-patching

Steps to Follow to Comply With the SEC Cybersecurity Disclosure Rule

Mandiant/Google Cloud's Jill C. Tyson offers up timelines, checklists, and other guidance around enterprisewide readiness to ensure compliance with the new rule.

https://www.darkreading.com/cyber-risk/steps-to-follow-to-comply-with-the-sec-cybersecurity-disclosure-rule

Excelsior University Contends for National Cyber League Competition Title

https://www.darkreading.com/cybersecurity-operations/excelsior-university-contends-for-national-cyber-league-competition-title

Aqua Security Introduces Industry-First Kubernetes Vulnerability Scanning With Trivy KBOM

https://www.darkreading.com/cloud-security/aqua-security-introduces-industry-first-kubernetes-vulnerability-scanning-with-trivy-kbom

CVSS 4.0 Offers Significantly More Patching Context

The latest vulnerability severity scoring system addresses gaps in the previous version; here's how to get the most out of it.

https://www.darkreading.com/cybersecurity-operations/mileage-orgs-will-get-from-cvss-4-0-will-vary

Evasive Jupyter Infostealer Campaign Showcases Dangerous Variant

The attacks are another manifestation of the concerning rise in information stealers for harvesting data and enabling persistent access to enterprise networks.

https://www.darkreading.com/cyberattacks-data-breaches/evasive-jupyter-infostealer-campaign-dangerous-variant

Hunters International' Cyberattackers Take Over Hive Ransomware

Hunters International appears to have acquired Hive ransomware from its original operators and may be seeking to cash in on the malware's reputation.

https://www.darkreading.com/cyberattacks-data-breaches/hunters-international-cyberattackers-take-over-hive-ransomware

Make Changes to be Ready for the New SEC Cybersecurity Disclosure Rule

Mandiant/Google Cloud's Jill C. Tyson and Dark Reading's Terry Sweeney on how companies can better plan and prepare for the Securities and Exchange Commission's new cybersecurity disclosure rule.

https://www.darkreading.com/cyber-risk/make-changes-to-be-ready-for-the-new-sec-cybersecurity-disclosure-rule

CISO Corner: Operationalizing NIST CSF 2.0; AI Models Run Amok

Dark Reading's roundup of strategic cyber-operations insights for chief information security officers and security leaders. Also this week: SEC enforcement actions, biometrics regulation, and painful ...

https://www.darkreading.com/ics-ot-security/ciso-corner-operationalizing-nist-csf-ai-models-run-amok

It's 10 p.m. Do You Know Where Your AI Models Are Tonight?

Lack of AI model visibility and security puts the software supply chain security problem on steroids.

https://www.darkreading.com/cyber-risk/do-you-know-where-your-ai-models-are-tonight

Taiwan's Biggest Telco Breached by Suspected Chinese Hackers

Stolen data from Chunghwa Telecom — including government-related details — are up for sale on the Dark Web, the Taiwanese defense ministry confirms.

https://www.darkreading.com/cyberattacks-data-breaches/taiwan-telco-breached-data-sold-on-dark-web

NIST Cybersecurity Framework 2.0: 4 Steps To Get Started

The National Institute of Standards and Technology (NIST) has revised the book on creating a comprehensive cybersecurity program that aims to help organizations of every size be more secure. Here's wh...

https://www.darkreading.com/ics-ot-security/nist-cybersecurity-framework-2-0-4-steps-get-started

CryptoChameleon Attackers Target Apple, Okta Users With Tech Support Gambit

A sophisticated threat actor using an MO similar to Scattered Spider is camouflaging itself with convincing impersonation techniques in targeted attacks.

https://www.darkreading.com/application-security/cryptochameleon-attackers-target-apple-okta-users-tech-support-gambit

Biometrics Regulation Heats Up, Portending Compliance Headaches

A growing thicket of privacy laws regulating biometrics is aimed at protecting consumers amid increasing cloud breaches and AI-created deepfakes. But for businesses that handle biometric data, staying...

https://www.darkreading.com/application-security/biometrics-regulation-portending-compliance-headaches

Tips on Managing Diverse Security Teams

The better a security team works together, the bigger the direct impact on how well it can protect the organization.

https://www.darkreading.com/cybersecurity-operations/tips-managing-diverse-security-teams