DarkReading Daily.

"Latest security news and commentary from "DarkReading Daily."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 10 August 2023, 1322 UTC.  Content provided by email subscription to "DarkReading Daily."

Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGtwWLGPFrFZssQxpFvrRGLjRQZ ("DarkReading Daily").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Windows Defender-Pretender Attack Dismantles Flagship Microsoft EDR
A newly patched flaw in Windows Defender allows attackers to hijack the signature-update process to sneak in malware, delete benign files, and inflict mayhem on target systems.
Black Hat Opens With Call to Steer AI From Predictions to Policy
Without cybersecurity guardrails now, AI will be harder to harness in the future.
'Downfall' Bug in Billions of Intel CPUs Reveals Major Design Flaw
A newly revealed flaw affects a good chunk of the world's computers. A patch has been released, but broad, structural change in CPU design will be required to address the root cause.
DAY 2! Dark Reading News Desk: Live at Black Hat USA 2023
Dark Reading News Desk returns for a second day of interviews from Black Hat USA 2023. The livestream will start at 10 a.m. PT.
Private Key Leaks Allow Attackers to Empty Crypto Investors' Wallets
Digital signature schemes designed to protect crypto investors are vulnerable to leakage.
It's Time for Cybersecurity to Talk About Climate Change
From e-waste to conference swag to addressing data center energy consumption, cybersecurity stakeholders need a whole-industry approach to being part of the solution and reducing the risk of climate change.
C-Suite Cybersecurity Sign-off Hinges on Customer Trust, Digital Opps
Omdia's Maxine Holt says cybersecurity practitioners need to emphasize their role in growing the business, not just preventing breaches.
OWASP Lead Flags Gaping Hole in Software Supply Chain Security
SBOMs aren't enough: Developers need to dig deeper into how software is built by using a process called binary source validation.
RedHotel Checks in as Dominant China-Backed Cyberspy Group
The APT has been rampaging across three continents on behalf of China's Ministry of State Security, and now claims the throne as kings of intelligence gathering and economic espionage.
New LLM Tool Seeks and Remediates Vulnerabilities
Vicarius launched vuln_GPT, which it says will generate and execute scripts to ameliorate flaws such as the TETRA backdoor.
Why Shellshock Remains a Cybersecurity Threat After 9 Years
Nearly a decade after it was disclosed, the Shellshock vulnerability still plagues organizations. Learn how to protect yourself.
Top 3 Insights I Learned at Recent Cybersecurity Events
Events like RSA Conference and Infosecurity Europe provide industry collaboration opportunities required to address the evolving cybersecurity threat landscape.
(Sponsored Article) How to Prepare for ChatGPT's Risk Management Challenges
ChatGPT promises to transform all sorts of corporate business functions, but your business needs to be prepared to address the new risks that come with it.
Microsoft Patches Zero-Day Bug Under Active Exploit in August Update
Attackers are already exploiting one of Microsoft's August Patch Tuesday fixes in the wild, which offers up a low attack complexity for cyberattackers.

10 Key Controls to Show Your Organization Is Worthy of Cyber Insurance
More-effective cyber-risk management controls can help bolster a company's policy worthiness. Start with these 10 tips to manage risk as underwriter requirements get more sophisticated.

The Problem With Cybersecurity (and AI Security) Regulation
Are we really improving security, or are we just imposing more regulation?

Citrix Zero-Day: 7K Instances Remain Exposed, 460 Compromised
Many organizations have failed to patch a critical zero-day vulnerability, allowing hackers to install Web shells on hundreds of endpoints.

How Hackers Can Hijack a Satellite
We rely on them for communications, military activity, and everyday tasks. How long before attackers really start to look up at the stars?

Analyzing Network Chaos Leads to Better DDoS Detection
Suspicious changes in entropy allow researchers to more accurately spot distributed denial-of-service attacks, but false positives remain a problem.

Interpol Shuts Down African Cybercrime Group, Seizes $2 Million
Operation Jackal involved law enforcement agencies in 21 countries and yielded more than 100 arrests.
View More Dark Reading Webinars >>
View More White Papers >>
  • Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks

    The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ...

  • How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment

    Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ...

  • The Promise and Reality of Cloud Security

    Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ...

View More Dark Reading Reports >>

The Secrets of Successful SecOps Data Analytics



Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.