Dark Reading Daily.

"Atlas VPN Linux Zero-Day disconnects users, reveals IP Addresses."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 07 September 2023, 1331 UTC. Content provided by email subscription to "Dark Reading Daily."

Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGtwzlvjnxVgLsMmrQcZKJGkfsv ("Dark Reading Daily").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Follow Dark Reading:

September 07, 2023

LATEST SECURITY NEWS & COMMENTARY AtlasVPN Linux Zero-Day Disconnects Users, Reveals IP Addresses All it takes is a simple copy-paste to undo a VPN service used by millions worldwide. W3LL Gang Compromises Thousands of Microsoft 365 Accounts A secretive phishing cabal boasts a sophisticated affiliate network and a modular, custom toolset that's claiming victims on three continents. Google's Souped-up Chrome Store Review Process Foiled by Data-Stealer Researchers have discovered that despite Google's adoption of the Manifest V3 security standard to protect against malicious plug-ins, attackers can still get bad extensions past its review process. MinIO Cyberattack Showcases Fresh Corporate Cloud Vector The open source object storage service was the target of a never-before-seen attack on corporate cloud services, which researchers said should put DevOps in particular on notice. Russia's 'Fancy Bear' APT Targets Ukrainian Energy Facility The group, best known for 2016 US election interference and other attacks on Ukraine, used phishing emails offering pictures of women to lure its victim into opening a malicious attachment. Securing Your Legacy: Identities, Data, and Processes Legacy systems of all kinds pose significant cybersecurity risks. Here's how to mitigate them. (Sponsored Article) Facing Third-Party Threats With Non-Employee Risk Management As businesses continue to grapple with third-party threats, a revamped approach to non-employee risk management can help limit their potential exposure. MORE NEWS / MORE COMMENTARY HOT TOPICS Proposed SEC Cybersecurity Rule Will Put Unnecessary Strain on CISOs The Security and Exchange Commission's Proposed Rule for Public Companies (PPRC) is ambiguous. Researchers Discover Critical Vulnerability in PHPFusion CMS No patch is available yet for the bug, which can enable remote code execution under the correct circumstances. As LotL Attacks Evolve, So Must Defenses Because living-off-the-land (LotL) attacks masquerade as frequently used, legitimate companies, they are very difficult to block and detect. NYC Subway Disables Trip-History Feature Over Tap-and-Go Privacy Concerns The move by New York's Metropolitan Transit Authority (MTA) follows a report that showed how easy it is for someone to pull up another individual's seven-day ride history through the One Metro New York (OMNY) website. MORE EDITORS' CHOICE Hackers Target High-Privileged Okta Accounts via Help Desk Threat actors convince employees to reset MFA for Super Admin accounts in the IAM service to leverage compromised accounts, impersonating users and moving laterally within an organization. LATEST FROM THE EDGE Cybersecurity Builds Trust in Critical Infrastructure Improving an energy company's resistance to cyberattack does more than protect vital resources — it enhances trust from customers and investors. LATEST FROM DR TECHNOLOGY Coding Tips to Sidestep JavaScript Vulnerabilities This Tech Tip focuses on best security practices to write secure JavaScript code. LATEST FROM DR GLOBAL GhostSec Leaks Source Code of Alleged Iranian Surveillance Tool GhostSec has made the source code for what it calls a powerful surveillance tool openly available in a 26GB file, but FANAP denies its legitimacy. WEBINARS How Businesses Can Counterpunch against Generative AI-Powered Ransomware Join industry experts in AI and cybersecurity as they examine how ChatGPT and other generative AI tools are currently being used to improve the efficacy of ransomware attacks, how that will affect the cyber risk posture of most businesses, and ... Passwords Are Passe: Next Gen Authentication for Today's Threats Cyber experts agree: end-user authentication needs more than the simple password. But what are the right tools and strategies for authentication in your organization? What does the world of passwordless look like for your organization? In this webinar, experts offer ... View More Dark Reading Webinars >> WHITE PAPERS Threat Intelligence: Data, People and Processes Building Cyber Resiliency: Key Strategies for Proactive Security Operations Evaluating SASE for the Work-From-Anywhere Era Work From Anywhere Doesn't Have to Be Complicated Essential SASE Must-haves 2023 Work-From-Anywhere Global Study 2023 Global Future of Cyber Report View More White Papers >>

FEATURED REPORTS Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware Everything You Need to Know About DNS Attacks Successfully Managing Identity in Modern Cloud and Hybrid Environments Cloud promised to simplify the security and management of enterprise systems. In many ways it has, but when it comes to identity management it's as complicated as ever. This report details how to get identity programs on track -- and ... View More Dark Reading Reports >>

PRODUCTS & RELEASES Global Cloud Security Market to Reach $62.9B by 2028 Tuya Smart and Amazon Web Services Collaborate to Establish an IoT Security Lab Hornetsecurity Releases 365 Total Protection Plan 4 for Microsoft 365 AI for Good: Voxel AI Tech Increases Funding to $30M With Strategic Funding Round MORE PRODUCTS & RELEASES CURRENT ISSUE

What Ransomware Groups Look for in Enterprise Victims

DOWNLOAD THIS ISSUE VIEW BACK ISSUES

Dark Reading Daily -- Published By Dark Reading Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond here. Thoughts about this newsletter? Give us feedback. Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our Privacy Statement.

© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us