Africa Tackles Online Disinformation Campaigns During Major Election Year
Cyber-disinformation campaigns targeting Africa have taken off in 2024, as 18 nations prepare to hold elections, and cybersecurity efforts are key to taming the threat.
UN Adopts Largely Symbolic Resolution for 'Secure, Trustworthy' AI
Countries around the world are signaling support of secure AI practices, but not necessarily committing to them.
A Database-Oriented Operating System Wants to Shake Up Cloud Security
The operating system, DBOS, natively uses a relational database to reduce cost, ease application development, and maintain cybersecurity and integrity.
Chinese State-Sponsored Hackers Charged, Sanctions Levied by US
The US and the UK charge seven Chinese nationals for operating as part of threat group APT31.
https://www.darkreading.com/cyber-risk/chinese-state-hackers-slapped-with-us-charges-sanctions
CISA Seeks to Curtail 'Unforgivable' SQL Injection Defects
In a joint alert with the FBI, CISA seeks to tamp down the pervasiveness of a well-known class of bugs.
Mitigating Third-Party Risk Requires a Collaborative, Thorough Approach
The issue can seem daunting, but most organizations have more agency and flexibility to deal with third-party risk than they think.
https://www.darkreading.com/cyber-risk/mitigating-third-party-risk-requires-collaborative-approach
Japan Runs Inaugural Cyber Defense Drills with Pacific Island Nations
Kiribati, the Marshall Islands, Micronesia, Nauru, and Palau participate in the cybersecurity exercise held in Guam.
GitHub Developers Hit in Complex Supply Chain Cyberattack
The attacker employed various techniques, including distributing malicious dependencies via a fake Python infrastructure linked to GitHub projects.
AWS CISO: Pay Attention to How AI Uses Your Data
Amazon Web Services CISO Chris Betz explains why generative AI is both a time-saving tool as well as a double-edged sword.
https://www.darkreading.com/cloud-security/aws-ciso-cloud-customers-need-secure-ai-workloads
Russian APT Releases More Deadly Variant of AcidRain Wiper Malware
New AcidPour variant can attack a significantly broader range of targets including IoT devices, storage area networks, and handhelds.
Apple Stingy With Details About Latest iOS Update
The security update comes just weeks after the release of iOS 17.4, but Apple has not included CVEs or information about the fixes.
8 Strategies for Enhancing Code Signing Security
Strong code-signing best practices are an invaluable way to build trust in the development process and enable a more secure software supply chain.
https://www.darkreading.com/cybersecurity-operations/8-strategies-enhancing-code-signing-security
Kenya to TikTok: Prove Compliance With Our Privacy Laws
Beleaguered social media platform now faces scrutiny by the Kenyan government over cybersecurity and data privacy.
https://www.darkreading.com/cyber-risk/kenya-to-tiktok-prove-compliance-with-our-privacy-laws
Why AI Obituary Scams Are a Cyber-Risk for Businesses
Scammers now use AI to instantly whip up SEO-friendly bereavement scams, and it's never been easier to swindle mourners or use them to get to their employers.
https://www.darkreading.com/threat-intelligence/why-ai-obituary-scams-cyber-risk-businesses
Strata Identity Releases New Authentication Recipes
The Microsoft Identity Cookbook is a collection of orchestration recipes to help organizations adopt cloud-based identity providers.
Tesla Hack Team Wins $200K and a New Car
Zero Day Initiative awarded a total of $732,000 to researchers who found 19 unique cybersecurity vulnerabilities during the first day of Pwn2Own.
https://www.darkreading.com/threat-intelligence/team-s-tesla-hack-wins-them-200k-and-a-new-car
Changing Concepts of Identity Underscore 'Perfect Storm' of Cyber Risk
Forgepoint Capital's Alberto YĆ©pez discusses how the concept of identity is changing: It doesn't just mean "us" anymore.
Ivanti Keeps Security Teams Scrambling With 2 More Vulns
Since the beginning of this year, the company has disclosed some seven critical bugs so far, almost all of which attackers have quickly exploited in mass attacks.
https://www.darkreading.com/vulnerabilities-threats/ivanti-security-teams-scrambling-2-vulns
NIST's Vuln Database Downshifts, Prompting Questions About Its Future
NVD may be in peril, and while alternatives exist, enterprise security managers will need to plan accordingly to stay on top of new threats.
How Can We Reduce Threats From the Initial Access Brokers Market?
The ready-made access IABs offer has become an integral part of the ransomware ecosystem. Here's how to stop them before they can profit from your assets.