DarkReading.com

"Widespread vishing effort impersonates CISA staff."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 14 June 2024, 1424 UTC.

Content and Source:  https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fwww.darkreading.com%2Frss%2Fall.xml/DarkReading.com.

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Dark Reading

152K followers45 articles per week#security#tech

15

TODAY

Widespread Vishing Effort Impersonates CISA Staff

Criminals impersonate CISA employees

•

by Nathan Eddy, Contributing Writer / 17min

The cybersecurity agency issued a warning not to agree to any payment requests and to alert law enforcement or CISA after being contacted.

Why Trading Privacy for 'Free' Web Services Must End

by Rob Shavell / 24min

Meta's new subscription model points out the need for clearer and stricter regulations — ones that prioritize consumer privacy and control of personal data.

Apple's AI Offering Makes Big Privacy Promises

by Agam Shah, Contributing Writer / 1h

Apple's guarantee of privacy on every AI transaction could influence trustworthy AI deployments.

YESTERDAY

KnowBe4 Launches Risk & Insurance Partner Program

16h

[no content]

NetSPI Acquires Hubble, Adds CAASM to Complement its IEASM

NetSPI acquires Hubble for cybersecurity

•

17h

[no content]

4 Ways to Help a Security Culture Thrive

by Ken Deitz / 17h

Creating and nurturing a corporate environment of proactive cybersecurity means putting people first — their needs, weaknesses, and skills.

Volume of Cyber-Insurance Claims Reaches New Heights

Cyber ransom payments decline

•

by Dark Reading Staff / 17h

More claims are being made across the US and Canada compared with previous years, with healthcare organizations leading the way.

PoC Exploit Emerges for Critical RCE Bug in Ivanti Endpoint Manager

Exploitation for Client Execution (Enterprise T1203)

•

18h

A new month, a new high-risk Ivanti bug for attackers to exploit — this time, an SQL injection issue in its centralized endpoint manager.

North Korea's Moonstone Sleet Widens Distribution of Malicious Code

Supply Chain Compromise (Enterprise T1195)

•

by Elizabeth Montalbano, Contributing Writer / 18h

The recently identified threat actor uses public registries for distribution and has expanded capabilities to disrupt the software supply chain.

AI Chatbot Fools Scammers & Scores Money-Laundering Intel

by Robert Lemos, Contributing Writer / 19h

Experiment demonstrates how AI can turn the tables on cybercriminals, capturing bank account details of how scammers move stolen funds around the world.

Microsoft, Late to the Game on Dangerous DNSSEC Zero-Day Flaw

Endpoint Denial of Service (Enterprise T1499)

•

21by Jai Vijayan, Contributing Writer / 23h

Why the company took so long to address the issue is not known given that most other stakeholders had a fix out for the issue months ago.

How Cybercrime Empires Are Built

by Sean M. McNee / 1d

Strong partnerships and collaborations between industry and law enforcement are the most critical ways to take down cybercrime groups before they grow.

Nvidia Patches High-Severity Flaws in GPU Drivers

1d

Nvidia's latest GPUs are a hot commodity for AI, but security vulnerabilities could expose them to attacks from hackers.

Asset Management Holds the Key to Enterprise Defense

by George V. Hulme, Contributing Writer / 1d

Obtaining — and maintaining — a complete inventory of technology assets is essential to effective enterprise security. How do organizations get that inventory?

Pakistani Hacking Team 'Celestial Force' Spies on Indian Gov't, Defense

4 TTPs

•

by Nate Nelson, Contributing Writer / 1d

Against a backdrop of political conflict, a years-long cyber-espionage campaign in South Asia is coming to light.

END OF FEED