DarkReading.com

"How cybersecurity can steer organizations toward sustainability."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 20 June 2024, 1427 UTC.

Content and Source:  darkreading.com.

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

 

Dark Reading

152K followers43 articles per week#security#tech

23

MOST POPULAR

How Cybersecurity Can Steer Organizations Toward Sustainability

by John Donegan / 1h

By integrating environmental initiatives, social responsibility, and governance into their strategies, security helps advance ESG goals.

CHERI Alliance Aims to Secure Hardware Memory

by Agam Shah, Contributing Writer / 1h

The consortium of private companies and academia will focus on ways to protect hardware memory from attacks.

Critical VMware Bugs Open Swaths of VMs to RCE, Data Theft

2 TTPs

•

27by Nate Nelson, Contributing Writer / 1d

A trio of bugs could allow hackers to escalate privileges and remotely execute code on virtual machines deployed across cloud environments.

YESTERDAY

'ONNX' MFA Bypass Targets Microsoft 365 Accounts

10 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 20h

•

ONNX Store targets financial firms

The service, likely a rebrand of a previous operation called "Caffeine," mainly targets financial institutions in the Americas and EMEA and uses malicious QR codes and other advanced evasion tactics.

France Seeks to Protect National Interests With Bid for Atos Cybersec

by Jai Vijayan, Contributing Writer / 21h

By offering to buy Atos' big data and cybersecurity operations. Paris is trying to make sure key technologies do not fall under foreign control.

JUN 18, 2024

Singapore Extradites Suspected Cybercrime Scammers from Malaysia

Malaysians extradited to Singapore for malware

•

by Dark Reading Staff / 1d

Cops decimate cybercrime infrastructure used to steal data from nearly 2,000 people in Singapore last year.

Singapore Extradites Suspected Cybercrime Scammers from Malaysia

Malaysians extradited to Singapore for malware

•

by Dark Reading Staff / 1d

Cops decimate cybercrime infrastructure used to steal data from nearly 2,000 people in Singapore last year.

Hackers Derail Amtrak Guest Rewards Accounts in Breach

AMD investigating potential data breach

•

26by Tara Seals, Managing Editor, News, Dark Reading / 1d

The US passenger rail giant said attackers used previously compromised credentials to crack accounts and access a freight train of personal data.

Blackbaud Fined $6.75M After 2020 Ransomware Attack

Blackbaud settles $6.75M data breach

•

by Dark Reading Staff / 1d

Threat actors were able to breach Blackbaud's systems and compromise sensitive data, largely because of the company's poor cybersecurity practices and lack of encrypted data, the AG said.

Cut & Paste Tactics Import Malware to Unwitting Victims

IoC > 1 domain

•

by Elizabeth Montalbano, Contributing Writer / 1d

•

9 TTPs

•

Hackers use social engineering techniques

"ClearFake" and "ClickFix" attackers are tricking people into cutting and pasting malicious PowerShell scripts to infect their own machines with RATs and infostealers.

The Software Licensing Disease Infecting Our Nation's Cybersecurity

by Steve Weber / 2d

Forcing Microsoft to compete fairly is the most important next step in building a better defense against foreign actors.

Scattered Spider Pivots to SaaS Application Attacks

7 TTPs

•

by Jai Vijayan, Contributing Writer / 2d

•

UNC3944 targets SaaS applications for data theft

Microsoft last year described the threat actor — known as UNC3944, Scattered Spider, Scatter Swine, Octo Tempest, and 0ktapus — as one of the most dangerous current adversaries.

Chorology.ai Tackles Data Governance

by Dark Reading Staff / 2d

The company has emerged from stealth with an AI-powered platform designed to give organizations visibility into unmanaged data.

JUN 17, 2024

Bug Bounty Programs, Hacking Contests Power China's Cyber Offense

by Robert Lemos, Contributing Writer / 2d

With the requirement that all vulnerabilities first get reported to the Chinese government, once-private vulnerability research has become a goldmine for China's offensive cybersecurity programs.

Some Skills Should Not Be Ceded to AI

by Joshua Goldfarb / 2d

AI tools keep trying to take away all the fun jobs. Here are just a few reasons why cybersecurity folks (and others) should skip the writing cheats.

Scattered Spider Boss Cuffed in Spain Boarding a Flight to Italy

Scattered Spider leader arrested in Spain

•

by Becky Bracken, Senior Editor, Dark Reading / 2d

Accused of hacking into more than 45 companies in the US, a 22-year-old British man was arrested by Spanish police and found to be in control of more than $27 million in Bitcoin.

Emojis Control the Malware in Discord Spy Campaign

7 TTPs

•

by Nate Nelson, Contributing Writer / 2d

•

CVE-2022-0847

Pakistani hackers are spying (▀̿Ĺ̯▀̿ ̿) on the highly sensitive organizations in India by using emojis (Ծ_Ծ) as malicious commands (⚆ᗝ⚆) and the old Dirty Pipe Linux flaw.

DataBee Launches Innovations for Enhanced Threat Monitoring and Zero Trust Implementation

DataBee introduces threat monitoring innovations

•

2d

[no content]

KnowBe4 Launches PhishER Plus Threat Intel Feature

KnowBe4 launches PhishER Plus Threat Intel feature

•

2d

[no content]

Aim Security Closes $18M Series A to Secure Generative AI Enterprise Adoption

Aim Security secures $18M Generative AI

•

2d

[no content]

LA County Dept. of Public Health Data Breach Impacts 200K

LA County Public Health faces phishing attack

•

by Dark Reading Staff / 2d

Threat actors were able to breach the department using the credentials accessed through phishing emails.

Addressing Misinformation in Critical Infrastructure Security

by Roman Arutyunov / 2d

As the lines between the physical and digital realms blur, widespread understanding of cyber threats to critical infrastructure is of paramount importance.

China's 'Velvet Ant' APT Nests Inside Multiyear Espionage Effort

9 TTPs

•

by Jai Vijayan, Contributing Writer / 2d

The campaign is especially notable for the remarkable lengths to which the threat actor went to maintain persistence on the target environment.

END OF FEED