Dark Reading Daily.

"Safari side-channel attack enables browser theft."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 30 October 2023, 1312 UTC.  Content provided by email subscription to "Dark Reading Daily.

Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGwHVJjCKzVNmKgNzlPgdxSLbrM ("Dark Reading Daily").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Follow Dark Reading:

October 30, 2023

LATEST SECURITY NEWS & COMMENTARY Safari Side-Channel Attack Enables Browser Theft The "iLeakage" attack affects all recent iPhone, iPad, and MacBook models, allowing attackers to peruse your Gmail inbox, steal your Instagram password, or scrutinize your YouTube history. Octo Tempest Group Threatens Physical Violence as Social Engineering Tactic The financially motivated English-speaking threat actors use advanced social engineering techniques, SIM swapping, and even threats of violence to breach targets. Hacktivist Activity Related to Gaza Conflict Dwindles Groups have fallen silent after bold claims of action at the start of the conflict. What Lurks in the Dark: Taking Aim at Shadow AI Generative artificial intelligence tools have unleashed a new era of terror to CISOs still battling longstanding shadow IT security risks. MORE NEWS / MORE COMMENTARY HOT TOPICS 'Log in with...' Feature Allows Full Online Account Takeover for Millions Hundreds of millions of users of Grammarly, Vidio, and the Indonesian e-commerce giant Bukalapak are at risk for financial fraud and credential theft due to OAuth misfires — and other online services likely have the same problems. 1Password Becomes Latest Victim of Okta Customer Service Breach Okta's IAM platform finds itself in cyberattackers' sights once again, as threat actors mount a supply chain attack targeting Okta customer support engagements. What Would a Government Shutdown Mean for Cybersecurity? Companies are advised to act now to protect networks while federal employee paychecks are still forthcoming. Public agencies are updating contingency plans before the November extension ends, while cyber stalkers get an extra month to plan, too. Cybersecurity Awareness Doesn't Cut It; It's Time to Focus on Behavior We have too much cybersecurity awareness. It's time to implement repeatable, real-world practice that ingrains positive habits and security behaviors. MORE EDITORS' CHOICE Microsoft: 0ktapus Cyberattackers Evolve to 'Most Dangerous' Status The English-speaking cyberattack group behind the MGM and Caesars Entertainment attacks is adding unique capabilities and gaining in sophistication. Prepare now, Microsoft says. LATEST FROM THE EDGE 10 Tips for Security Awareness Training That Hits the Target Try these tricks for devising an education program that gets employees invested — and stays with them after the training is over. LATEST FROM DR TECHNOLOGY What the Bionic Acquisition Can Bring to CrowdStrike CrowdStrike is moving deeper into application security with its agreement to acquire Bionic, provider of ASPM technology that proactively scans software in production for vulnerabilities. LATEST FROM DR GLOBAL Iran APT Targets the Mediterranean With Watering-Hole Attacks Nation-state hackers are using hybrids to ensnare those in the maritime, shipping, and logistics industries. WEBINARS Modern Threats, Modern Security: 3 Practical Tips for CISOs to Stop Cyber Threats in the Age of AI Join our Cloudflare security experts as they share advice on how modernize your threat defense and highlight: --Trends in cybersecurity like the emergence of AI, multi-channel attacks, and cybercrime-as-a-service --Practical threat defense use cases based on recent cyberattacks and customer ... Building an Effective Active Directory Security Strategy For many organizations, Microsoft's Active Directory is the source of truth for user identity and system access. For criminals, Active Directory is a gold mine of information for moving laterally through the corporate infrastructure. Despite its importance, many security teams ... View More Dark Reading Webinars >> WHITE PAPERS The Forrester Wave: External Threat Intelligence Service Providers, Q3 2023 Threat Intelligence: Data, People and Processes Global Perspectives on Threat Intelligence Building Cyber Resiliency: Key Strategies for Proactive Security Operations Mandiant Threat Intelligence at Penn State Health 9 Traits You Need to Succeed as a Cybersecurity Leader The Ultimate Guide to the CISSP View More White Papers >>

FEATURED REPORTS Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware Everything You Need to Know About DNS Attacks How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ... View More Dark Reading Reports >>

PRODUCTS & RELEASES Healey-Driscoll Awards $2.3M to CyberTrust Massachusetts to Strengthen Municipal Cybersecurity Efforts Cranium Announces $25 Million in Series A Funding to Secure AI SonicWall Data Confirms That Ransomware Is Still the Enterprise's Biggest Fear Lumen Q3 DDoS Report: Banking Was the Most Targeted Industry for the First Time MORE PRODUCTS & RELEASES CURRENT ISSUE

Key DevSecOps Principles for Enterprise Mobile App Development

DOWNLOAD THIS ISSUE VIEW BACK ISSUES

Dark Reading Daily -- Published By Dark Reading Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond here. Thoughts about this newsletter? Give us feedback. Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our Privacy Statement.

© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us