DarkReading.com

"Retail CISOs take on more risk for faster innovation."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 11 October 2024, 1416 UTC.

Content and Source:  Email subscription via https://feedly.com.   https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fwww.darkreading.com%2Frss%2Fall.xml

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Dark Reading

157K followers50 articles per week#security#tech

40

Most popular

Retail CISOs Take on More Risk to Foster Innovation

by Robert Lemos, Contributing Writer / 1h

CISOs in consumer and retail organizations appear to accept greater risks to allow for more innovation, which could be a model for future growth.

The Invisible Army of Non-Human Identities

by Vaibhav Malik / 9min

The future of cybersecurity will be shaped by how well we manage the explosion of NHIs.

3 More Ivanti Cloud Vulns Exploited in the Wild

2 TTPs

•

by Dark Reading Staff / 1d

The security bugs were found susceptible to exploitation in connection to the previously disclosed, critical CVE-2024-8963 vulnerability in the security vendor's Cloud Services Appliance (CSA).

Yesterday

EU Plans Sanctions for Cyberattackers Acting on Behalf of Russia

EU sanctions Russia for destabilizing activities

•

by Jennifer Lawinski, Contributing Writer / 10h

The European Union's new sanctions framework will target individuals and organizations engaging in pro-Russian activities, such as cyberattacks and information manipulation, to undermine EU support for Ukraine.

Critical Mozilla Firefox Zero-Day Allows Code Execution

2 TTPs

•

by Dark Reading Staff / 16h

•

CVE-2024-9680

The bug is already being exploited in the wild, but Firefox has provided patches for those who may be vulnerable.

Fidelity Notifies 77K Customers of Data Breach

Fidelity data breach affects 77000 accounts

•

by Dark Reading Staff / 18h

The third-party actor had access for two days, in the financial services company's second major breach of the year.

Microsoft Previews New Windows Feature to Limit Admin Privileges

Windows 11 introduces Administrator Protection

•

by Robert Lemos, Contributing Writer / 18h

In its latest Windows preview, Microsoft adds a feature — Administrator Protection — designed to prevent threat actors from easily escalating privileges and restrict lateral movement.

Walking the Tightrope Between Innovation & Risk

by Jill Knesek / 22h

When employees and leaders engage with CISOs early in innovation projects, security concerns are addressed proactively, building trust and ensuring innovation and security coexist.

Risk Strategies Drawn From the EU AI Act

by Kyle McLaughlin / 1d

The EU AI Act provides a governance, risk, and compliance (GRC) framework that helps organizations take a risk-based approach to using AI.

Google Launches Data-Sharing Initiative to Fight Fraud

Google partners to combat online scams

•

by Dark Reading Staff / 1d

Global Signal Exchange will act as a global clearing house for online scams and fraud signals.

Vulnerability Prioritization & the Magic 8 Ball

2 TTPs

•

by Paul Asadoorian / 1d

Vulnerability prioritization has evolved over the years. Several frameworks exist to help organizations make the right decisions when it comes to deciding which patches to apply and when. But are these better than a Magic 8 Ball?

Microsoft: BYOD, QR Codes Lead Rampant Education Attacks

by Nate Nelson, Contributing Writer / 1d

The average higher education institution is getting hit once a week now, and as one Oregon State University attack shows, the sector often lacks the resources to keep pace.

Oct 9, 2024

AI-Powered Cybercrime Cartels on the Rise in Asia

by Nate Nelson, Contributing Writer / 1d

All across the Asia-Pacific region, large and diverse marketplaces for AI cybercrime tools have developed, with deepfakes proving most popular.

Introducing Mayhem: ForAllSecure Unveils New Name and Company Focus

1d

[no content]

CYRISMA Secures $7M Growth Equity Financing led by Blueprint Equity

CYRISMA secures 7M funding

•

1d

[no content]

OpenGradient Raises $8.5M to Decentralize AI Infrastructure and Accelerate Secure, Open-Source AI

1d

[no content]

90% of Successful Attacks Seen in the Wild Resulted in Leaked Sensitive Data

GenAI attacks leak sensitive data

•

1d

[no content]

Australia Intros Its First National Cyber Legislation

Australia enhances cyber laws against ransomware

•

by Dark Reading Staff / 1d

The bill is broken up into several pieces, including ransomware reporting and securing smart devices, among other objectives.

Hackers Hide Remcos RAT in GitHub Repository Comments

10 TTPs

•

by Jai Vijayan, Contributing Writer / 1d

The tack highlights bad actors' interest in trusted development and collaboration platforms — and their users.

Mamba 2FA Cybercrime Kit Targets Microsoft 365 Users

5 TTPs

•

by Tara Seals, Managing Editor, News, Dark Reading / 1d

•

Mamba 2FA phishing kit targets MFA

A stealthy new underground offering uses sophisticated adversary-in-the-middle (AitM) techniques to convincingly serve up "Microsoft" login pages of various kinds, with dynamic enterprise branding.

Cloud, AI Talent Gaps Plague Cybersecurity Teams

AI security skills gap revealed

•

by Kristina Beek, Associate Editor, Dark Reading / 1d

Cyber pros are scrambling to stay up-to-date as the businesses they work for quickly roll out AI tools and keep expanding their cloud initiatives.

AI-Augmented Email Analysis Spots Latest Scams, Bad Content

by Robert Lemos, Contributing Writer / 1d

Multimodal AI systems can help enterprise defenders weed out fraudulent emails, even if the system has not seen that type of message before.

Building Cyber Resilience in SMBs ​With ​Limited Resources

by Mark Logan / 2d

​​​With careful planning, ongoing evaluation, and a commitment to treat cybersecurity as a core business function, SMBs can transform their vulnerabilities into strengths​​.

Microsoft: Creative Abuse of Cloud Files Bolsters BEC Attacks

11 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 2d

•

Microsoft warns of file hosting abuse

Since April, attackers have increased their use of Dropbox, OneDrive, and SharePoint to steal the credentials of business users and conduct further malicious activity.

Despite Prevalence of Online Threats, Users Aren't Changing Behavior

by Jennifer Lawinski, Contributing Writer / 2d

Consumers are victims of online scams and have their data stolen, but they are lagging on adopting security tools to protect themselves.