"3 critcal pillars of cyber-resilience."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondent.  Accessed on 23 May 2025, 2320 UTC.

Content and Source:  Email subscription via https://feedly.com.

 https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fwww.darkreading.com%2Frss%2Fall.xml

Please check email link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Dark Reading

168K followers38 articles per week

#security#tech

117

Today

3 Critical Pillars of Cyber-Resilience

by Tiago Henriques / 6h

Encryption, collaboration, and AI can help organizations build up essential protection against ransomware.

Rethinking Data Privacy in the Age of Generative AI

by Jimmy Astle / 9h

The key to navigating this new GenAI landscape is a balanced approach — one that fosters transparency, strengthens regulatory frameworks, and embraces privacy-enhancing technologies.

3 Severe Bugs Patched in Versa's Concerto Orchestrator

Privilege Escalation (Enterprise TA0004)

•

by Nate Nelson, Contributing Writer / 9h

Three zero-days could have allowed an attacker to completely compromise the Concerto application and the host system running it.

Critical Bugs Left Unpatched in Versa's Concerto Tool

Privilege Escalation (Enterprise TA0004)

•

by Nate Nelson, Contributing Writer / 9h

Three zero-days allow an attacker to completely compromise the Concerto application and the host system running it. The vendor has yet to address the issues after being notified three months ago.

How AI Is Transforming SASE, Zero Trust for Modern Enterprises

by Robert Lemos, Contributing Writer / 9h

By automating security policies and threat detection while coaching users on data protection, companies will be better able to take control of and protect their data.

Companies Look to AI to Tame the Chaos of Event Security, Operations

by Robert Lemos, Contributing Writer / 10h

As the summer event season kicks off, venue managers and security firms aim to make AI part of the solution for keeping control of crowds and protecting against cyber-physical threats.

Yesterday

UK Retail Cyberattacks May Drive Up US Insurance Premiums

by Arielle Waldman / 21h

Insurance experts weigh in on how the recent barrage of attacks against UK retailers could affect premium rates and policy requirements, as well as how to work toward improving risk assessment.

Picus Launches Exposure Validation to Safely Deprioritize CVEs

Picus Security launches Exposure Validation

•

1d

[no content]

Russian Threat Actor TAG-110 Goes Phishing in Tajikistan

6 TTPs

•

by Alexander Culafi, Senior News Writer, Dark Reading / 1d

•

Russia-aligned hackers target Tajikistan

While Ukraine remains Russia's major target for cyberattacks, TAG-110 is part of a strategy to preserve "a post-Soviet sphere of influence" by embedding itself in other countries' infrastructures.

Following Data Breach, Multiple Stalkerware Apps Go Offline

2 TTPs

•

by Kristina Beek, Associate Editor, Dark Reading / 1d

•

Cocospy stalkerware apps shut down

The same easily exploitable vulnerability was found in three of the apps that led to the compromise of victims' data.

3am Ransomware Adopts Email Bombing, Vishing Combo Attack

6 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 1d

•

3AM ransomware employs social engineering

The emerging threat group is the latest to adopt the combo attack tactic, which Black Basta and other groups already are using to gain initial access for ransomware deployment.

Blurring Lines Between Scattered Spider & Russian Cybercrime

Scattered Spider targets UK retail

•

by Rob Wright / 1d

The loosely affiliated hacking group has shifted closer to ransomware gangs, raising questions about Scattered Spider's ties to the Russian cybercrime underground.

CISA: Russia's Fancy Bear Targeting Logistics, IT Firms

22 TTPs

•

by Jai Vijayan, Contributing Writer / 1d

The mission is to gather information that could help Russia in its war against Ukraine.

Security Threats of Open Source AI Exposed by DeepSeek

by Maurice Uenuma / 1d

DeepSeek's risks must be carefully considered, and ultimately mitigated, in order to enjoy the many benefits of generative AI in a manner that is safe and secure for all organizations and users.

SideWinder APT Caught Spying on India's Neighbor Gov'ts

14 TTPs

•

by Nate Nelson, Contributing Writer / 1d

•

SideWinder APT targets South Asian governments

A recent spear-phishing campaign against countries in South Asia aligns with broader political tensions in the region.

Keeping LLMs on the Rails Poses Design, Engineering Challenges

by Robert Lemos, Contributing Writer / 1d

Despite adding alignment training, guardrails, and filters, large language models continue to give up secrets, make unfiltered statements, and provide dangerous information.

Experts Chart Path to Creating Safer Online Spaces for Women

by Joan Goodchild / 1d

Gaps in laws, technology, and corporate accountability continue to put women's safety and privacy online at risk.

GitLab's AI Assistant Opened Devs to Code Theft

3 TTPs

•

by Nate Nelson, Contributing Writer / 1d

Prompt injection risks in GitLab's AI assistant could have allowed attackers to steal source code, or indirectly deliver developers malware, dirty links, and more.

GitHub's AI Assistant Opened Devs to Code Theft

3 TTPs

•

by Nate Nelson, Contributing Writer / 1d

Even after a fix was issued, lingering prompt injection risks in GitLab's AI assistant might allow attackers to indirectly deliver developers malware, dirty links, and more.

May 21, 2025

Lumma Stealer Takedown Reveals Sprawling Operation

Lumma Stealer infrastructure dismantled globally

•

by Tara Seals / 2d

The FBI and partners have disrupted "the world's most popular malware," a sleek enterprise with thousands of moving parts, responsible for millions of cyberattacks in every part of the world.

Ivanti EPMM Exploitation Tied to Previous Zero-Day Attacks

IoC > 1 IP

•

by Rob Wright / 2d

•

10 TTPs

Wiz researchers found an opportunistic threat actor has been targeting vulnerable edge devices, including Ivanti VPNs and Palo Alto firewalls.

Marks & Spencer Projects Cyberattack Cost of $400M

2 TTPs

•

by Kristina Beek, Associate Editor, Dark Reading / 2d

The company expects it will continue to struggle with online disruptions until at least July, due to the attack.

Pandas Galore: Chinese Hackers Boost Attacks in Latin America

3 TTPs

•

by Jai Vijayan, Contributing Writer / 2d

Vixen Panda, Aquatic Panda — both Beijing-sponsored APTs and financially motivated criminal groups continued to pose the biggest threat to organizations in Central and South America last year, says CrowdStrike.

Unimicron, Presto Attacks Mark Industrial Ransomware Surge

Ransomware threats surge in manufacturing

•

by Alexander Culafi, Senior News Writer, Dark Reading / 2d

A number of major industrial organizations suffered ransomware attacks last quarter, such as PCB manufacturer Unimicron, appliance maker Presto, and more — a harbinger of a rapidly developing and diversifying threat landscape.

Coinbase Breach Compromises Nearly 70K Customers' Information

2 TTPs

•

by Kristina Beek, Associate Editor, Dark Reading / 2d

Coinbase asserts that this number is only a small fraction of the number of its verified users, though it's still offering a $20 million reward to catch the criminals.

Unpatched Windows Server Flaw Threatens Active Directory Users

8 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 2d

•

dMSA vulnerabilities enable Active Directory

Attackers can exploit a vulnerability present in the delegated Managed Service Account (dMSA) feature that fumbles permission handling and is present by default.

NIST's 'LEV' Equation to Determine Likelihood a Bug Was Exploited

NIST introduces LEV vulnerability metric

•

by Alexander Culafi, Senior News Writer, Dark Reading / 2d

The new 'Likely Exploited Vulnerabilities' metric could be a game-changer for SecOps teams and vulnerability patch prioritization.

The Hidden Cybersecurity Risks of M&A

by Denny LeCompte / 2d

Merger and acquisition due diligence typically focuses on financials, legal risks, and operational efficiencies. Cybersecurity is often an afterthought — and that's a problem.

The Day I Found an APT Group in the Most Unlikely Place

by Dark Reading Staff / 2d

Dark Reading Confidential Episode 6: Threat hunters Ismael Valenzuela and Vitor Ventura share stories about the tricks they used to track down advanced persistent threat groups, and the surprises they discovered along the way.

May 20, 2025

Asia Produces More APT Actors, as Focus Expands Globally

6 TTPs

•

by Robert Lemos, Contributing Writer / 2d

China- and North Korea-aligned groups account for more than half of global attacks, and an increasing number of countries look to cyber to balance power in the region.

Fake Kling AI Malvertisements Lure Victims With False Promises

IoC > 3 domains

•

by Kristina Beek, Associate Editor, Dark Reading / 3d

•

5 TTPs

•

AI scams exploit user trust

Researchers noted that they found several similar websites, two of which are still operating and require the same kind of behavior on behalf of the victim.

Virgin Media 02 Vuln Exposes Call Recipient Location

O2 UK VoLTE location leak fixed

•

by Kristina Beek, Associate Editor, Dark Reading / 3d

A hacker exploiting the security flaw in the mobile provider's network could have potentially located a call recipient with accuracy of up to 100 square meters.

Tenable Adds Third-Party Connectors to Exposure Management Platform

Tenable enhances exposure management platform

•

by Jeffrey Schwartz / 3d

Tenable One now pulls in data from AWS, Microsoft, and competitors to provide a holistic security view of an organization's attack surface.

Regeneron Pledges Privacy Protection in $256M Bid for 23andMe

by Arielle Waldman / 3d

Regeneron's planned acquisition of 23andMe raises significant privacy concerns as experts warn about the lack of comprehensive federal regulations governing the transfer of genetic information.

Bumblebee Malware Takes Flight via Trojanized VMware Utility

5 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 3d

•

RVTools compromised to spread malware

An employee inadvertently downloaded a malicious version of the legitimate RVTools utility, which launched an investigation into an attempted supply chain attack aimed at delivering the recently revived initial-access loader.

Large Retailers Land in Scattered Spider's Ransomware Web

4 TTPs

•

by Becky Bracken / 3d

•

Scattered Spider targets retail sector

The threat group games IT help desks to gain entry into retailer networks, and signs show it has shifted its attention from the UK to US targets.

'Hazy Hawk' Cybercrime Gang Swoops In for Cloud Resources

5 TTPs

•

by Jai Vijayan, Contributing Writer / 3d

Since December 2023, the threat group has preyed on domains belonging to the US Centers for Disease Control and Prevention (CDC) and numerous other reputable organizations worldwide to redirect users to malicious sites.

Why Rigid Security Programs Keep Failing

by Aditya Gupta / 3d

Organizations that stay ahead of attacks won't be the most compliant ones — they'll be the ones most honest about what actually works.

Novel Phishing Attack Combines AES With Poisoned npm Packages

9 TTPs

•

by Alexander Culafi, Senior News Writer, Dark Reading / 3d

Researchers discovered a phishing attack in the wild that takes multiple well-tread technologies like open source packages and AES encryption and combines them.