DarkReading.com

"Stress-testing our security assumptions in a world of new & novel risks."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 02 July 2024, 1425 UTC.

Content and Source:  https://www.darkreading.com.

Please check the link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

 

Dark Reading

152K followers43 articles per week#security#tech

13

TODAY

Stress-Testing Our Security Assumptions in a World of New & Novel Risks

by Maurice Uenuma / 21min

Categorizing and stress-testing fundamental assumptions is a necessary exercise for any leader interested in ensuring long-term security and resilience in the face of an uncertain future.

What Cybersecurity Defense Looks Like for School Districts

by Jennifer Lawinski / 19min

Dark Reading chats with Johnathan Kim, director of technology at the Woodland Hills School District in North Braddock, Penn., about why cybercriminals target schools — and what they can do about it.

Patch Now: Cisco Zero-Day Under Fire From Chinese APT

8 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 1h

•

CVE-2024-20399

Threat actor "Velvet Ant" has been exploiting a vulnerability in Cisco's NX-OS Software for managing a variety of switches, executing commands and dropping custom malware.

YESTERDAY

Papua New Guinea Sets High Bar in Data Security

by Shannon Vaughn / 15h

The small island nation's new data protection and governance policy reflects a forward-thinking cybersecurity strategy.

Multi-Malware 'Cluster Bomb' Campaign Drops Widespread Cyber Havoc

9 TTPs

•

by Jai Vijayan, Contributing Writer / 16h

•

Unfurling Hemlock deploys malware cluster bomb

"Unfurling Hemlock" has deployed malware on tens of thousands of systems worldwide by nesting multiple malicious files inside other malicious files.

Google Opens $250K Bug Bounty Contest for VM Hypervisor

by Dark Reading Staff / 17h

If security researchers can execute a guest-to-host attack using a zero-day vulnerability in the KVM open source hypervisor, Google will make it worth their while.

'RegreSSHion' Bug Threatens Takeover of Millions of Linux Systems

4 TTPs

•

by Tara Seals, Managing Editor, News, Dark Reading / 18h

The high-severity CVE-2024-6387 in OpenSSH is a reintroduction of a 2006 flaw, and it allows unauthenticated RCE as root.

Prudential Data Breach Victim Count Soars to 2.5M

KADOKAWA hit by ransomware attack

•

by Dark Reading Staff / 19h

The company seemingly underestimated the severity of the breach after originally providing a head count of roughly 36,000 impacted individuals.

Juniper Rushes Out Emergency Patch for Critical Smart Router Flaw

CVE-2024-2973

•

by Dark Reading Staff / 19h

Although not yet exploited in the wild, the max-critical authentication bypass bug could allow adversaries to take over unpatched Juniper Session Smart Routers and Conductors, and WAN Assurance Routers, the company warns.

Apple CocoaPods Bugs Expose Millions of Apps to Code Injection

CVE-2024-38367

•

21by Nate Nelson, Contributing Writer / 1d

Critical dependency manager supply chain vulnerabilities have exposed millions and millions of devices to arbitrary malware for the better part of decade.

Apple's AI Moves Will Impact Future Chip, Cloud Security Plans

by Agam Shah, Contributing Writer / 1d

Analysts say Apple's black-box approach provides a blueprint for rival chip makers and cloud providers.

Thinking About Security, Fast & Slow

1d

To be effective, managing risk demands both fast responses and strategic thinking.

Name That Edge Toon: Cyber Cloudburst

by John Klossner, Cartoonist / 1d

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

END OF FEED