DarkReading.com

"China's cyber offensives built in lockstep with private firms, academia."

Views expressed in this cybersecurity, cyber espionage, and cyber crime update are those of the reporters and correspondents.  Accessed on 24 November 2024, 1415 UTC.

Content and Source:  Email subscription via https://feedly.com.   https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fwww.darkreading.com%2Frss%2Fall.xml

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Dark Reading

159K followers43 articles per week#security#tech

22

Most popular

China's Cyber Offensives Built in Lockstep With Private Firms, Academia

by Jai Vijayan, Contributing Writer / 1d

The scale of Beijing's systematic tapping of private industry and universities to build up its formidable hacking and cyber-warfare capabilities is larger than previously understood.

Faux ChatGPT, Claude API Packages Deliver JarkaStealer

Malicious PyPi packages steal developer data

•

by Nate Nelson, Contributing Writer / 1d

Attackers are betting that the hype around generative AI (GenAI) is attracting less technical, less cautious developers who might be more inclined to download an open source Python code package for free access, without vetting it or thinking twice.

Microsoft Highlights Security Exposure Management at Ignite

Microsoft unveils AI advancements 2024

•

by Jeffrey Schwartz, Contributing Writer / 2d

Building on its broad security portfolio, Microsoft's new exposure management is now available in the Microsoft Defender portal, with third-party-connectors on the way.

Nov 22, 2024

My Car Knows My Secrets, and I'm (Mostly) OK With That

by Kyle Hanslovan / 1d

Imagine your car gossiping to insurance companies about your lead foot, or data brokers peddling your daily coffee run. Welcome to the world of connected cars, where convenience and privacy are locked in a head-on collision.

Yakuza Victim Data Leaked in Japanese Agency Attack

Yakuza helpline fears data leak

•

by Dark Reading Staff / 1d

A local government resource for helping Japanese citizens cut ties with organized crime was successfully phished in a tech support scam, and could have dangerous consequences.

What Talent Gap? Hiring Practices Are the Real Problem

by Karen Spiegelman, Features Editor / 1d

While the need for cybersecurity talent still exists, the budget may not. Here's how to maximize security staff despite hiring freezes.

Going Beyond Secure by Demand

by Saša Zdjelar / 1d

Secure by Demand offers a starting point for third-party risk management teams, but they need to take the essential step of using a mature software supply chain security solution to ensure they're not blindly trusting a provider's software.

Leaky Cybersecurity Holes Put Water Systems at Risk

EPA report highlights water cybersecurity risks

•

by Robert Lemos, Contributing Writer / 1d

At least 97 major water systems in the US have serious cybersecurity vulnerabilities and compliance issues, raising concerns that cyberattacks could disrupt businesses, industry, and the lives of millions of citizens.

Nov 21, 2024

MITRE: Cross-Site Scripting Is 2024's Most Dangerous Software Weakness

MITRE updates top software vulnerabilities

•

by Becky Bracken, Senior Editor, Dark Reading / 2d

In addition to XSS, MITRE and CISA's 2024 list of the 25 most dangerous security vulnerability types (CWEs) also flagged out-of-bounds write, SQL injection, CSRF, and path traversal.

Study Finds 76% of Cybersecurity Professionals Believe AI Should Be Heavily Regulated

2d

[no content]

Endace Establishes Middle East Regional Headquarters in Saudi Arabia

2d

[no content]

Microsoft Takes Action Against Phishing-as-a-Service Platform

5 TTPs

•

by Dark Reading Staff / 2d

•

Microsoft seizes phishing websites

The ONNX infrastructure has been servicing criminal actors as far back as 2017.

How a Mental Health Nonprofit Secures Endpoints for Compassionate Care

by Jennifer Lawinski, Contributing Writer / 2d

Consolidating endpoint management boosts cybersecurity while keeping an Oklahoma-based nonprofit focused on community mental health.

Norton Introduces Small Business Premium for Business-Grade Security

2d

[no content]

Apono Enhances Platform Enabling Permission Revocation and Automated Access

2d

[no content]

RSA Conference 2025 Innovation Sandbox Contest Celebrates 20th Anniversary

RSA invests 5M$ in startups

•

2d

Starting in 2025, the RSAC Innovation Sandbox Top 10 Finalists will each receive a $5 million investment to drive cybersecurity innovation.

VISO TRUST Secures $24M to Accelerate Innovation in AI-Powered Third-Party Risk Management

VISO TRUST secures 24M funding

•

2d

[no content]

Cloud Security Startup Wiz to Acquire Dazz in Risk Management Play

Wiz acquires Dazz for 450M

•

by Jennifer Lawinski, Contributing Writer / 2d

Dazz's remediation engine will boost risk management in Wiz's cloud security portfolio.

Chinese APT Gelsemium Deploys 'Wolfsbane' Linux Variant

6 TTPs

•

by Nate Nelson, Contributing Writer / 2d

•

New Linux backdoors discovered Gelsemium

In a sign of the times, a backdoor malware whose ancestors date back to 2005 has morphed to target Linux systems.

Scattered Spider Cybercrime Members Face Prison Time

Five charged in Scattered Spider scheme

•

by Dark Reading Staff / 2d

Four of the arrested individuals of the cybercriminal gang, known for hacking MGM and Caesars, are American, all of whom could face up to 27 years in prison for the charges against them.

Cybersecurity Is Critical, but Breaches Don't Have to Be Disasters

by Akhil Mittal / 2d

The future of cybersecurity isn't about preventing every breach — it's about learning and growing stronger with each attack.

How Can PR Protect Companies During a Cyberattack?

by Edge Editors / 3d

When a cybersecurity incident occurs, it's not just IT systems and data that are at risk — a company's reputation is on the line, too.

End of feed