Patch Now: APTs Continue to Pummel WinRAR Bug

Categorieën: Diensten | Vakmensen Zakelijke goederen Financieel Kantoor Marketing Retail Detailhandel Industrie Machines Leeftijd: 14 t/m 18 jaar 19 t/m 30 jaar 31 t/m 64 jaar

Laden...

1 jaar geleden

Html
Tekst

State-sponsored cyber espionage actors from Russia and China continue to target WinRAR users with various info-stealing and backdoor malware, as a patching lag plagues the software's footprint.

Follow Dark Reading:

October 20, 2023

LATEST SECURITY NEWS & COMMENTARY

Patch Now: APTs Continue to Pummel WinRAR Bug State-sponsored cyber espionage actors from Russia and China continue to target WinRAR users with various info-stealing and backdoor malware, as a patching lag plagues the software's footprint. North Korean State Actors Attack Critical Bug in TeamCity Server Known threat groups Diamond Sleet and Onyx Sleet focus on cyber espionage, data theft, network sabotage, and other malicious actions, Microsoft says. Q&A: The Outlook for Israeli Cyber Startups, As War Clouds Gather Amid the burgeoning war, Israel's tech sector is focused on resilience. Ofer Schreiber, senior partner at YL Ventures, weighs in on the conflict, funding for cybersecurity startups, overblown valuations, and what the future holds. 23AndMe Hacker Leaks New Tranche of Stolen Data Two weeks after the first data leak from the DNA ancestry service, the threat actor produces an additional 4 million user records they purportedly stole. Europol Strike Wounds Ragnar Locker Ransomware Group Several countries in Europe as well as the United States and Japan were involved in the operation, which is aimed at defanging one of the bigger names in ransomware. The Trifecta of Consumer Data Privacy: Education, Advocacy & Accountability It's time to build a culture of privacy, one that businesses uphold. MORE NEWS / MORE COMMENTARY


HOT TOPICS
EPA Turns Off Taps on Water Utility Cyber Regulations Facing a potential cascade of legal challenges from industry groups and state attorneys general, the EPA has rescinded its cyber-rules. But where does that leave local water safety? The Most Popular IT Admin Password Is Totally Depressing Analysis of more than 1.8 million admin portals reveals IT leaders, with the highest privileges, are just as lazy about passwords as everyone else. Name That Toon: Modern Monarchy Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. MORE

EDITORS' CHOICE

Critical Citrix Bug Exploited as a Zero-Day, 'Patching Is Not Enough' The latest threat to Citrix NetScaler, CVE-2023-4966, was exploited as a zero-day bug for months before a patch was issued. Researchers expect exploitation efforts to surge. LATEST FROM THE EDGE
What CISOs Should Exclude From SEC Cybersecurity Filings Should CISOs include only known information in the SEC filings for a material security incident, or is there room to include details that may change during the investigation? LATEST FROM DR TECHNOLOGY
5 Ways Hospitals Can Help Improve Their IoT Security HIPAA compliance does not equal security, as continuing attacks on healthcare organizations show. Medical devices need to be secured. LATEST FROM DR GLOBAL
AI-Powered Israeli 'Cyber Dome' Defense Operation Comes to Life The Israelis are building a cyber defense system that will use ChatGPT-like generative AI platforms to parse threat intelligence.

WEBINARS

Modern Threats, Modern Security: 3 Practical Tips for CISOs to Stop Cyber Threats in the Age of AI

Join our Cloudflare security experts as they share advice on how modernize your threat defense and highlight: --Trends in cybersecurity like the emergence of AI, multi-channel attacks, and cybercrime-as-a-service --Practical threat defense use cases based on recent cyberattacks and customer ...

Building an Effective Active Directory Security Strategy

For many organizations, Microsoft's Active Directory is the source of truth for user identity and system access. For criminals, Active Directory is a gold mine of information for moving laterally through the corporate infrastructure. Despite its importance, many security teams ...

View More Dark Reading Webinars >>

WHITE PAPERS

The Forrester Wave: External Threat Intelligence Service Providers, Q3 2023 Threat Intelligence: Data, People and Processes Global Perspectives on Threat Intelligence Building Cyber Resiliency: Key Strategies for Proactive Security Operations Mandiant Threat Intelligence at Penn State Health 9 Traits You Need to Succeed as a Cybersecurity Leader The Ultimate Guide to the CISSP

View More White Papers >>

FEATURED REPORTS

Passwords Are Passe: Next Gen Authentication Addresses Today's Threats Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks

The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ...

How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment

Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ...

View More Dark Reading Reports >>

PRODUCTS & RELEASES

Spec Secures $15M Series A Funding, Accelerating Innovation in Fraud Defense SailPoint Unveils Annual 'Horizons of Identity Security' Report Fingerprint Raises $33M in Series C Funding to Accelerate Enterprise Device Intelligence and Fraud Prevention Adoption MORE PRODUCTS & RELEASES

CURRENT ISSUE

Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES

Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.

Deel deze op

Laden...

Andere nieuwsbrieven van Informationweek.com

'RomCom' APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor Informationweek.com
een uur geleden
Privacy Regulations Changing - Are You Prepared? Informationweek.com
12 uren geleden
Fancy Bear 'Nearest Neighbor' Attack Uses Nearby Wi-Fi Network Informationweek.com
Gisteren om 14:04

Meer nieuwsbrieven van Informationweek.com

Laden...

Gerelateerde nieuwsbrieven

Bekijk andere categorieën

Diensten | Vakmensen Zakelijke goederen Financieel Kantoor Marketing Retail Detailhandel Industrie Machines