This is the first incident where a threat actor from the country appears to be laying the groundwork for disruptive attacks in the future, researchers say.
| | | LATEST SECURITY NEWS & COMMENTARY | | 'Volt Typhoon' Breaks Fresh Ground for China-Backed Cyber Campaigns This is the first incident where a threat actor from the country appears to be laying the groundwork for disruptive attacks in the future, researchers say. CosmicEnergy Malware Emerges, Capable of Electric Grid Shutdown Russian code that could tamper with industrial machines and toggle RTUs on and off was floating around VirusTotal for years before being noticed. It raises new questions about the state of OT security. CISO Criminalization, Vague Cyber Disclosure Rules Create Angst for Security Teams In the wake of the ex-Uber CISO verdict, CISOs ask for clearer rules and less uncertainty in managing disclosures, amid jail-time fears. Google Cloud Bug Allows Server Takeover From CloudSQL Service Researchers could access sensitive data and steal secrets by exploiting a vulnerability in GCP's security layer, eventually running rampant in the environment. 'Operation Magalenha' Attacks Give a Window Into Brazil's Cybercrime Ecosystem A campaign against customers of Portuguese banks uses a capable financial malware strain dubbed PeepingTitle, written in the Delphi programming language. Dangerous Regions: Isolating Branch Offices in High-Risk Countries Organizations must be cautious about how they interact with other regions around the world in order to operate safely in an at-times adversarial landscape. Lazarus Group Striking Vulnerable Windows IIS Web Servers The infamous North Korean APT group is using Log4Shell, the 3CX supply chain attack, and other known vectors to breach Microsoft Web servers. Netflix's Password-Sharing Ban Offers Security Upsides The streaming giant is looking to bolster flagging subscription growth and profits, but security researchers say the move offers a perfect opportunity to encourage better password hygiene and account safety. MORE NEWS / MORE COMMENTARY | | |
| | | | | WEBINARS | | Mastering Endpoint Security: The Power of Least Privilege Join us at one of our upcoming live and interactive events we will explore the critical role of least privilege in endpoint security, how it helps to systematically strengthen organization's security posture, and provides a solid foundation for endpoint security ... Here's What Zero Trust Really Means Credential theft, lateral movement and other cyberattack tricks have foiled perimeter security again and again. We know that the old philosophy of trusting everything and everyone inside a network is no longer sound. The zero-trust model - trust nothing, verify ... | | View More Dark Reading Webinars >> |
|
| | |
|
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| | To opt-out of any future Dark Reading Daily Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
