'Fog' Ransomware Rolls in to Target Education, Recreation Sectors | Hijacking Scheme Takes Over TikTok Accounts

Categorieën: Diensten | Vakmensen Zakelijke goederen Financieel Kantoor Marketing Retail Detailhandel Industrie Machines Leeftijd: 14 t/m 18 jaar 19 t/m 30 jaar 31 t/m 64 jaar

Laden...

5 maanden geleden

Html
Tekst

A new group of hackers is encrypting data in virtual machines, leaving ransom notes, and calling it a day.

Follow Dark Reading:

June 06, 2024

LATEST SECURITY NEWS & COMMENTARY

'Fog' Ransomware Rolls in to Target Education, Recreation Sectors A new group of hackers is encrypting data in virtual machines, leaving ransom notes, and calling it a day. Hijacking Scheme Takes Over High-Profile TikTok Accounts Hijacking malware gets spread through TikTok's direct messaging and doesn't require the victim to click links or download anything. Ticketmaster Breach Showcases SaaS Data Security Risks MFA and other mechanisms are critical to protect against unauthorized access to data in cloud application environments, but businesses still fall down on the job. RansomHub Actors Exploit ZeroLogon Vuln in Recent Ransomware Attacks CVE-2020-1472 is a privilege escalation flaw that allows an attacker to take over an organization's domain controllers. Ticketmaster Confirms Cloud Breach, Amid Murky Details Ticketmaster parent Live Nation has filed a voluntary SEC data breach notification, while one of its cloud providers, Snowflake, also confirmed targeted cyberactivity against some of its customers. Atlassian Confluence High-Severity Bug Allows Code Execution Because of the role the Confluence Server plays in managing documentation and knowledge data bases, the researchers recommend users upgrade to patch CVE-2024-21683 as soon as possible. CISO Corner: Federal Cyber Deadlines Loom; Private Chatbot Danger Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: fighting cybersecurity burnout; BlackSuit ransomware; the SEC breach rules and risk management. Flawed AI Tools Create Worries for Private LLMs, Chatbots Companies are looking to large language models to help their employees glean information from unstructured data, but vulnerabilities could lead to disinformation and, potentially, data leaks. OpenAI Disrupts 5 AI-Powered, State-Backed Influence Ops Most of the operations were feckless efforts with little impact, but they illustrate how AI is changing the game for inauthentic content on both the adversary and defense sides. Europol's Hunt Begins for Emotet Malware Mastermind International law enforcement Operation Endgame shifts its crackdown to focus on individual adversaries. Okta Warns Once Again of Credential-Stuffing Attacks This time it's the identity management service provider's cross-origin authentication feature that's being targeted by adversaries. CISA's Secure by Design Initiative at 1: A Report Card There is more that needs to be done, but, so far, the initiative is a success. Perfecting the Proactive Security Playbook It's more important than ever for organizations to prepare themselves and their cybersecurity postures against known and unknown threats. MORE NEWS / MORE COMMENTARY


HOT TOPICS
An Argument for Coordinated Disclosure of New Exploits By adopting a stance of coordinated disclosure for exploits, security researchers can give organizations time to patch vulnerabilities before they are exploited in the wild. Remote Work's Hidden Dangers Ten cybersecurity strategies for enterprises to keep remote work safer. Data Privacy in the Age of GenAI Consumer data is still a prime target for threat actors, and organizational consumption of data must be aligned to protect it. The new rights act seeks to do some of this, but it still needs tweaking. MORE

PRODUCTS & RELEASES

ISC2 Provides Opportunity for Employers to Connect With Cybersecurity Job Seekers Cloud Security Alliance Survey Finds 70% of Organizations Have Established Dedicated SaaS Security Teams EV Manufacturer BYD Selects Karamba Security to Meet Global Automotive Cybersecurity Regulations Portkey Announces Integration of Zero-Knowledge Proofs for Enhanced Identity Management and Security KnowBe4 and MobileMind Collaborate to Provide Cybersecurity Training for K12 School Districts Ockam and Redpanda Partner to Launch Zero-Trust Streaming Data Platform Notable Capital Launches Rising in Cyber to Spotlight Promising Cybersecurity Startups MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Cops Swarm Global Cybercrime Botnet Infrastructure in 2 Massive Ops Europol undertook dropper malware botnet takedown while US law enforcement dismantled a sprawling cybercrime botnet for hire. LATEST FROM THE EDGE
Name That Edge Toon: Zonked Out Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. LATEST FROM DR TECHNOLOGY
Inside Baseball: The Red Sox Cloud Security Game Inside the baseball team's strategy for building next-gen security operations through zero trust and a raft of future initiatives aiming to safeguard team data, fan info, and the iconic Fenway Park — which, by the way, is now a smart stadium. LATEST FROM DR GLOBAL
Ukrainian Systems Hit by Cobalt Strike Via a Malicious Excel File The campaign uses a multistage payload-delivery process and various mechanisms for evasion and persistence.

WEBINARS

Empowering Developers, Automating Security: The Future of AppSec Intruders in the Library: Exploring DLL Hijacking Using Cortex XDR Analytics

View More Dark Reading Webinars >>

WHITE PAPERS

Google Cloud Threat Horizons Report, H1 2024 Leveling Up Cyber-Threat Intelligence Maturity for More Value and Better Insights 5 Essential Insights into Generative AI for Security Leaders Shining a light in the dark: observability and security, a SANS profile The Future of Cloud Security: Attack Paths & Graph-based Technology Cisco Panoptica for Simplified Cloud-Native Application Security The Cloud Threat Landscape: Security learnings from analyzing 500+ cloud environments

View More White Papers >>

FEATURED REPORTS

EMA: AI at your fingertips: How Elastic AI Assistant simplifies cybersecurity Zero-Trust Adoption Driven by Data Protection How Enterprises Assess Their Cyber-Risk

View More Dark Reading Reports >>

Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA

To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.

Deel deze op

Laden...

Andere nieuwsbrieven van Informationweek.com

Achieving Optimal Security Outcomes Through Platformization Informationweek.com
5 uren geleden
FEATURES EDITION | Microsoft Highlights Security Exposure Management at Ignite Informationweek.com
7 uren geleden
Chinese APT Gelsemium Deploys 'Wolfsbane' Linux Variant Informationweek.com
Gisteren om 14:04

Meer nieuwsbrieven van Informationweek.com

Laden...

Gerelateerde nieuwsbrieven

Bekijk andere categorieën

Diensten | Vakmensen Zakelijke goederen Financieel Kantoor Marketing Retail Detailhandel Industrie Machines