Yakuza Victim Data Leaked in Japanese Agency Attack

A local government resource for helping Japanese citizens cut ties with organized crime was successfully phished in a tech support scam, and could have dangerous consequences.

https://www.darkreading.com/cyberattacks-data-breaches/yakuza-victim-data-leaked-japanese-attack 

 Cloud Security Startup Wiz to Acquire Dazz in Risk Management Play

Dazz's remediation engine will  boost risk management in Wiz's cloud security portfolio.

https://www.darkreading.com/cloud-security/cloud-security-startup-wiz-to-acquire-dazz-in-risk-management-play 

 Cybersecurity Is Critical, but Breaches Don't Have to Be Disasters

The future of cybersecurity isn't about preventing every breach — it's about learning and growing stronger with each attack.

https://www.darkreading.com/cyberattacks-data-breaches/cybersecurity-critical-breaches-disasters 

 Palo Alto Networks Patches Critical Zero-Day Firewall Bug

The security vendor's Expedition firewall appliance's PAN-OS interface tool has racked up four critical security vulnerabilities under active attack in November, leading tit to advise customers to update immediately or and take them off the Internet.

https://www.darkreading.com/cyberattacks-data-breaches/palo-alto-networks-patches-critical-zero-day-bug-firewalls 

 ChatGPT Exposes Its Instructions, Knowledge & OS Files

According to Mozilla, users have a lot more power to manipulate ChatGPT than they might realize. OpenAI hopes those manipulations remain within a clearly delineated sandbox.

https://www.darkreading.com/cloud-security/chatgpt-exposes-instructions-knowledge-os-files 

 Lessons From OSC&R on Protecting the Software Supply Chain

A new report from the Open Software Supply Chain Attack Reference (OSC&R) team provides a framework to reduce how much vulnerable software reaches production.

https://www.darkreading.com/application-security/lessons-from-osc-r-on-protecting-the-software-supply-chain 

 Iranian Cybercriminals Target Aerospace Workers via LinkedIn

The group seeks out aerospace professionals by impersonating job recruiters — a demographic it has targeted in the past as well — then deploys the SlugResin backdoor malware.

https://www.darkreading.com/cyberattacks-data-breaches/iranian-cybercriminals-aerospace-workers-linkedin 

 Chinese Gamers Targeted in Winos4.0 Framework Scam

Campaigns like Silver Fox and Void Arachne are deploying the framework, using social media and messaging platforms to lure in victims.

https://www.darkreading.com/threat-intelligence/chinese-gamers-targeted-winos40-framework-scam 

 German Law Could Protect Researchers Reporting Vulns

The draft amendment also includes prison time for those who access systems to maliciously spy or intercept data.

https://www.darkreading.com/cybersecurity-operations/germany-law-protect-researchers-reporting-vulns 

 Attackers Breach IT-Based Networks Before Jumping to ICS/OT Systems

SANS recently published its 2024 State of ICS.OT Cybersecurity report, highlighting the skills of cyber professionals working in critical infrastructure, budget estimates, and emerging technologies. The report also looked at the most common types of attack vectors used against ICT/OT networks.

https://www.darkreading.com/ics-ot-security/attackers-breach-network-provider-ot-ics-network 

 Canadian Authorities Arrest Attacker Who Stole Snowflake Data

The suspect, tracked as UNC5537, allegedly bragged about hacking several Snowflake victims on Telegram, drawing attention to himself.

https://www.darkreading.com/cyberattacks-data-breaches/canadian-authorities-arrest-snowflake-data-thief 

 Name That Edge Toon: Aerialist's Choice

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

https://www.darkreading.com/mobile-security/name-that-edge-toon-aerialist-choice 

 SOFTSWISS Expands Bug Bounty Program



https://www.darkreading.com/cybersecurity-operations/softswiss-expands-bug-bounty-program 

 Chinese APTs Cash In on Years of Edge Device Attacks

The sophisticated Chinese cyberattacks of today rest on important groundwork laid during the pandemic and before.

https://www.darkreading.com/threat-intelligence/chinese-apts-edge-device-attacks 

 Critical Auth Bugs Expose Smart Factory Gear to Cyberattack

Factory automation software from Mitsubishi Electric and Rockwell Automation could be subject to remote code execution (RCE), denial-of-service (DoS), and more.

https://www.darkreading.com/vulnerabilities-threats/critical-auth-bugs-smart-factory-cyberattack 

 Developer Velocity & Security: Can You Get Out of the Way in Time?

When a CISO can articulate risk in context to the business as a whole, development teams can better prioritize their activities.

https://www.darkreading.com/cybersecurity-operations/developer-velocity-security-out-the-way-time 

 Noma Launches With Plans to Secure Data, AI Life Cycle

Application security teams from Fortune 500 companies are already using Noma's life cycle platform, which offers organizations data and AI supply chain security, AI security posture management, and AI threat detection and response.

https://www.darkreading.com/application-security/noma-launches-secure-data-ai-lifecycle 

 Business Email Compromise (BEC) Impersonation: The Weapon of Choice of Cybercriminals



https://www.darkreading.com/cloud-security/business-email-compromise-bec-impersonation-the-weapon-of-choice-of-cybercriminals 

 Most US Political Campaigns Lack DMARC Email Protection

Without DMARC, campaigns remain highly susceptible to phishing, domain spoofing, and impersonation.

https://www.darkreading.com/cyber-risk/most-us-political-campaigns-lack-dmarc-email-protection 

 Russia-Linked Hackers Attack Japan's Govt, Ports

Russia-linked hackers have taken aim at Japan, following its ramping up of military exercises with regional allies and the increase of its defense budget.

https://www.darkreading.com/cyberattacks-data-breaches/russia-linked-hackers-attack-japan-govt-ports 

 Chinese Researchers Tap Quantum to Break Encryption

But the time when quantum computers pose a tangible threat to modern encryption is likely still several years away.

https://www.darkreading.com/application-security/chinese-researchers-unveil-quantum-technique-to-break-encryption 

 Pokémon Gaming Company Employee Info Leaked in Hack

The gaming company reports that the server has been rebuilt after the leak, but has not confirmed if its insider video game data was leaked.

https://www.darkreading.com/cyberattacks-data-breaches/insider-info-pokemon-allegedly-leaked-gaming-hack 

 Relyance AI Raises $32M Series B Funding to Safeguard AI Innovation in the Enterprise



https://www.darkreading.com/application-security/relyance-ai-raises-32m-series-b-funding-to-safeguard-ai-innovation-in-the-enterprise 

 AI-Powered Cybercrime Cartels on the Rise in Asia

All across the Asia-Pacific region, large and diverse marketplaces for AI cybercrime tools have developed, with deepfakes proving most popular.

https://www.darkreading.com/threat-intelligence/ai-powered-cybercrime-cartels-asia 

 5 CVEs in Microsoft's October Update to Patch Immediately

Threat actors are actively exploiting two of the vulnerabilities, while three others are publicly known and ripe for attack.

https://www.darkreading.com/vulnerabilities-threats/5-cves-microsofts-october-2024-update-patch-now 

 GorillaBot Goes Ape With 300K Cyberattacks Worldwide

Among those affected by all this monkeying around with DDoS in September were some 4,000 organizations in the US.

https://www.darkreading.com/cyberattacks-data-breaches/gorillabot-goes-ape-cyberattacks-worldwide 

 CISA Adds High-Severity Ivanti Vulnerability to KEV Catalog

Ivanti reports that the bug is being actively exploited in the wild for select customers.

https://www.darkreading.com/threat-intelligence/cisa-high-severity-ivanti-vulnerability-kev-catalog 

 Apono Raises $15.5M Series A Funding for AI-driven, Least Privilege Solution Set



https://www.darkreading.com/cloud-security/apono-raises-15-5m-series-a-funding-for-ai-driven-least-privilege-solution-set 

 UAE, Saudi Arabia Become Plum Cyberattack Targets

Hacktivism-related DDoS attacks have risen 70% in the region, most often targeting the public sector, while stolen data and access offers dominate the Dark Web.

https://www.darkreading.com/cyberattacks-data-breaches/uae-saudi-arabia-cyberattack-targets 

 'SloppyLemming' APT Abuses Cloudflare Service in Pakistan Attacks

Who needs advanced malware when you can take advantage of a bunch of OSS tools and free cloud services to compromise your target?

https://www.darkreading.com/cloud-security/sloppylemming-apt-cloudflare-pakistan-attacks 

 Meet UNC1860: Iran's Low-Key Access Broker for State Hackers

The group has used more than 30 custom tools to target high-value government and telecommunications organizations on behalf of Iranian intelligence services, researchers say.

https://www.darkreading.com/threat-intelligence/meet-unc1860-irans-access-broker-state-hackers 

 China's 'Earth Baxia' Spies Exploit Geoserver to Target APAC Orgs

The APT group uses spear-phishing and a vulnerability in a geospatial data-sharing server to compromise organizations in Taiwan, Japan, the Philippines, and South Korea.

https://www.darkreading.com/cyberattacks-data-breaches/china-earth-baxia-spies-geoserver-apac-orgs 

 Coalition for Secure AI Promotes Safe, Ethical AI Development

The Coalition for Secure AI (CoSAI) expanded its roster of members with the addition of threat intelligence management, collaboration and response orchestration vendor Cyware this week.

https://www.darkreading.com/threat-intelligence/coalition-for-secure-ai-safe-ethical-ai-development 

 QR Phishing Scams Gain Motorized Momentum in UK

Criminal actors are finding their niche in utilizing QR phishing codes, otherwise known as "quishing," to victimize unsuspecting tourists in Europe and beyond.

https://www.darkreading.com/threat-intelligence/qr-phishing-scams-motorized-momentum-uk 

 South Korea Digital Forensics Market to Hit US $3.52B by 2031



https://www.darkreading.com/cyber-risk/south-korea-digital-forensics-market-to-hit-us-3-52b-by-2031 

 Microsoft VS Code Undermined in Asian Spy Attack

A technique to abuse Microsoft's built-in source code editor has finally made it into the wild, thanks to China's Mustang Panda APT.

https://www.darkreading.com/application-security/microsoft-vs-code-undermined-in-asian-spy-attack 

 Rising Tide of Software Supply Chain Attacks: An Urgent Problem

Understanding a threat is just as important as the steps taken toward prevention.

https://www.darkreading.com/vulnerabilities-threats/rising-tide-of-software-supply-chain-attacks 

 Hackers Proxyjack & Cryptomine Selenium Grid Servers

A vendor honeypot caught two attacks intended to leverage the tens of thousands of exposed Selenium Grid Web app testing servers.

https://www.darkreading.com/application-security/hackers-proxyjack-and-cryptomine-selenium-grid-servers 

 Amateurish 'CosmicBeetle' Ransomware Stings SMBs in Turkey

With an immature codebase and a "rather chaotic encryption scheme" prone to failure, the group targets small businesses with custom malware.

https://www.darkreading.com/cyberattacks-data-breaches/amateurish-cosmicbeetle-ransomware-targets-smbs-turkey 

 'TIDrone' Cyberattackers Target Taiwan's Drone Manufacturers

The Chinese-speaking group is launching sophisticated malware towards military and satellite targets globally.

https://www.darkreading.com/ics-ot-security/tidrone-cyberattackers-taiwan-drone-manufacturers 

 HackerOne Appoints Kara Sprague As CEO



https://www.darkreading.com/vulnerabilities-threats/hackerone-appoints-kara-sprague-as-ceo 

 Kiteworks Bolsters Its Secure Data Collection Capabilities With 123FormBuilder Acquisition



https://www.darkreading.com/cloud-security/kiteworks-bolsters-its-secure-data-collection-capabilities-with-123formbuilder-acquisition 

 Palo Alto Networks® Closes Acquisition of IBM's QRadar SaaS Assets



https://www.darkreading.com/cybersecurity-operations/palo-alto-networks-closes-acquisition-of-ibm-s-qradar-saas-assets 

 Indian Army Propaganda Spread by 1.4K AI-Powered Social Media Accounts

For three years now, more than a thousand social media accounts have been reposting the same pro-India, anti-Pakistan content on Facebook and X.

https://www.darkreading.com/threat-intelligence/indian-army-propaganda-ai-powered-social-media-accounts 

 Ransomware Gangs Pummel Southeast Asia

Successful ransomware attacks against organizations in Asia continue at peak levels in 2024 following a wave of high-profile data breaches last year.

https://www.darkreading.com/cyber-risk/ransomware-gangs-pummel-southeast-asia 

 Cyber Insurance: A Few Security Technologies, A Big Difference in Premiums

Ransomware attacks and email-based fraud account for 80-90% of all claims processed by cyber insurers, but a handful of cybersecurity technologies can help prevent big damages.

https://www.darkreading.com/threat-intelligence/cyber-insurance-security-technologies-premiums 

 South Korean APT Exploits 1-Click WPS Office Bug, Nabs Chinese Intel

The most popular office software suite in China actually has two critical vulnerabilities, which allowed hackers the opportunity for remote code execution. Time to patch.

https://www.darkreading.com/vulnerabilities-threats/south-korean-apt-exploits-1-click-wps-office-bug-nabs-chinese-intel 

 Hitachi Energy Vulnerabilities Plague SCADA Power Systems

The company has assessed four of the five disclosed vulnerabilities as being of high to critical severity.

https://www.darkreading.com/ics-ot-security/hitachi-energy-vulnerabilities-plague-scada-power-systems 

 77% of Educational Institutions Spotted a Cyberattack Within the Last 12 Months



https://www.darkreading.com/cyberattacks-data-breaches/77-of-educational-institutions-spotted-a-cyberattack-within-the-last-12-months 

 Chinese Threat Actors Use MSI Files to Bypass Windows, VT Detection

Analysts have been picking up increased cases of malware delivery via Windows Installer files in Southeast Asia.

https://www.darkreading.com/threat-intelligence/chinese-threat-actors-msi-files-bypass-windows-vt-detection 

 How Can Organizations Navigate SEC's Cyber Materiality Disclosures?

Inconsistencies and lack of information in cybersecurity disclosures highlight the need for organizations to establish a robust materiality assessment framework.

https://www.darkreading.com/cyber-risk/how-can-organizations-navigate-sec-cyber-materiality-disclosures 

 New ISAGCA Report Explores Zero-Trust Outcomes in OT Cybersecurity



https://www.darkreading.com/ics-ot-security/new-isagca-report-explores-zero-trust-outcomes-in-ot-cybersecurity 

 Mimecast Announces Acquisition of Aware, Doubles Down on AI-Powered Human Risk Management Capabilities



https://www.darkreading.com/endpoint-security/mimecast-announces-acquisition-of-aware-doubles-down-on-ai-powered-human-risk-management-capabilities 

 DigiCert to Acquire Vercara



https://www.darkreading.com/cloud-security/digicert-to-acquire-vercara 

 Guardz Launches Free 'Community Shield' Plan to Empower MSPs



https://www.darkreading.com/cybersecurity-operations/guardz-launches-free-community-shield-plan-to-empower-msps 

 Gcore Radar Report Shows 46% Increase in Number of DDoS Attacks in First Half of 2024



https://www.darkreading.com/cloud-security/gcore-radar-report-shows-46-increase-in-number-of-ddos-attacks-in-first-half-of-2024 

 Gold Mining Company Struck by Ransomware Attack

Australia's Evolution Mining said its IT systems were infected with ransomware in an Aug. 8 cyber incident.

https://www.darkreading.com/cyberattacks-data-breaches/gold-mining-company-struck-by-ransomware-attack 

 Healthcare Providers Must Plan for Ransomware Attacks on Third-Party Suppliers

The American Hospital Association and Health-ISAC issued a joint threat bulletin warning healthcare IT providers that their ransomware plans need to consider third-party risk.

https://www.darkreading.com/endpoint-security/healthcare-providers-must-plan-for-ransomware-attacks-on-third-party-suppliers 

 FTC Slams TikTok With Lawsuit After Continued COPPA Violations

Though TikTok is expected to adhere to certain COPPA-outlined measures, the social media giant has failed to meet those expectations, the Feds allege.

https://www.darkreading.com/cloud-security/ftc-slams-tiktok-with-lawsuit-after-continued-coppa-violations 

 Dynamically Evolving SMS Stealer Threatens Global Android Users

A network of more than 2,600 Telegram bots has helped exfiltrate one-time passwords and data from devices for more than two years.

https://www.darkreading.com/endpoint-security/dynamically-evolving-sms-stealer-threatens-global-android-users 

 US Data Breach Victim Numbers Increase by 1,000%, Literally

Though the number of victims has risen, the actual number of breaches has gone down, as fewer, bigger breaches affect more individuals.

https://www.darkreading.com/cyberattacks-data-breaches/us-data-breach-victim-numbers-increase-1000 

 ESET PROTECT Portfolio Now Includes New MDR Tiers and Features



https://www.darkreading.com/endpoint-security/eset-protect-portfolio-now-includes-new-mdr-tiers-and-features 

 'Muddling Meerkat' Poses Nation-State DNS Mystery

Likely China-linked adversary has blanketed the Internet with DNS mail requests over the past five years via open resolvers, furthering Great Firewall of China ambitions. But the exact nature of its activity is unclear.

https://www.darkreading.com/threat-intelligence/muddling-meerkat-poses-nation-state-dns-mystery 

 Addressing Risk Caused by Innovation

By embracing a proactive approach to cyber-risk management, companies can better detect, prevent, and mitigate cyber threats while integrating the latest state-of-the-art technology.

https://www.darkreading.com/cyber-risk/addressing-risk-caused-by-innovation 

 How to Red Team GenAI: Challenges, Best Practices, and Learnings

Red teaming is a crucial part of proactive GenAI security that helps map and measure AI risks.

https://www.darkreading.com/vulnerabilities-threats/how-to-red-team-genai-challenges-best-practices-and-learnings 

 Thousands of Qlik Sense Servers Open to Cactus Ransomware

The business intelligence servers contain vulnerabilities that Qlik patched last year, but which Cactus actors have been exploiting since November. Swathes of organizations have not yet been patched.

https://www.darkreading.com/cyber-risk/more-than-3-000-qlik-sense-servers-vuln-to-cactus-ransomware-attacks 

 Palo Alto Updates Remediation for Max-Critical Firewall Bug

Though PAN originally described the attacks exploiting the vulnerability as being limited, they are increasingly growing in volume, with more exploits disclosed by outside parties.

https://www.darkreading.com/vulnerabilities-threats/palo-alto-updates-remediation-for-max-critical-firewall-bug 

 CISO Corner: Evil SBOMs; Zero-Trust Pioneer Slams Cloud Security; MITRE's Ivanti Issue

Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: security license mandates; a move to four-day remediation requirements; lessons on OWASP for LLMs.

https://www.darkreading.com/cybersecurity-operations/ciso-corner-evil-sboms-zero-trust-cloud-security-mitre-ivanti 

 Minimum Viable Compliance: What You Should Care About and Why

Understand what security measures you have in place, what you need to keep secure, and what rules you have to show compliance with.

https://www.darkreading.com/cyber-risk/minimum-viable-compliance-what-you-should-care-about-and-why 

 PCI Launches Payment Card Cybersecurity Effort in the Middle East

The payment card industry pushes for more security in financial transactions to help combat increasing fraud in the region.

https://www.darkreading.com/cyber-risk/pci-launches-payment-card-cybersecurity-effort-in-middle-east 

 Chinese Keyboard Apps Open 1B People to Eavesdropping

Eight out of nine apps that people use to input Chinese characters into mobile devices have weakness that allow a passive eavesdropper to collect keystroke data.

https://www.darkreading.com/endpoint-security/most-chinese-keyboard-apps-vulnerable-to-eavesdropping 

 Digital Blitzkrieg: Unveiling Cyber-Logistics Warfare

Cyberattacks on logistics are becoming increasingly common, and the potential impact is enormous.

https://www.darkreading.com/cyberattacks-data-breaches/digital-blitzkrieg-unveiling-cyber-logistics-warfare 

 Cisco Zero-Days Anchor 'ArcaneDoor' Cyber Espionage Campaign

Attacks by a previously unknown threat actor leveraged two bugs in firewall devices to install custom backdoors on several government networks globally.

https://www.darkreading.com/endpoint-security/cisco-zero-days-arcanedoor-cyberespionage-campaign 

 SolarWinds 2024: Where Do Cyber Disclosures Go From Here?

Get updated advice on how, when, and where we should disclose cybersecurity incidents under the SEC's four-day rule after SolarWinds, and join the call to revamp the rule to remediate first.

https://www.darkreading.com/cyberattacks-data-breaches/solarwinds-2024-where-do-cyber-disclosures-go-from-here 

 North Korea APT Triumvirate Spied on South Korean Defense Industry For Years

Lazarus, Kimsuky, and Andariel all got in on the action, stealing "important" data from firms responsible for defending their southern neighbors (from them).

https://www.darkreading.com/cyberattacks-data-breaches/north-korea-apt-triumvirate-spied-on-south-korean-defense-industry-for-years 

 Iran Dupes US Military Contractors, Gov't Agencies in Years-Long Cyber Campaign

A state-sponsored hacking team employed a clever masquerade and elaborate back-end infrastructure as part of a five-year info-stealing campaign that compromised the US State and Treasury Departments, and hundreds of thousands of accounts overall.

https://www.darkreading.com/cyberattacks-data-breaches/iran-dupes-military-contractors-govt-agencies-cybercampaign 

 Patch Now: CrushFTP Zero-Day Cloud Exploit Targets US Orgs

An exploit for the vulnerability allows unauthenticated attackers to escape a virtual file system sandbox to download system files and potentially achieve RCE.

https://www.darkreading.com/cloud-security/patch-crushftp-zero-day-cloud-exploit-targets-us-orgs 

 Fortify AI Training Datasets From Malicious Poisoning

Just like you should check the quality of the ingredients before you make a meal, it's critical to ensure the integrity of AI training data.

https://www.darkreading.com/cybersecurity-operations/fortify-ai-training-datasets-from-malicious-poisoning 

 CompTIA Supports Department of Defense Efforts to Strengthen Cyber Knowledge and Skills



https://www.darkreading.com/cybersecurity-operations/comptia-supports-department-of-defense-efforts-to-strengthen-cyber-knowledge-and-skills 

 Lessons for CISOs From OWASP's LLM Top 10

It's time to start regulating LLMs to ensure they're accurately trained and ready to handle business deals that could affect the bottom line.

https://www.darkreading.com/vulnerabilities-threats/top-lessons-cisos-owasp-llm-top-10 

 US Gov Slaps Visa Restrictions on Spyware Honchos

The State Department can now deny entrance to the US for individuals accused of profiting from spyware-related human rights abuses, and their immediate family members.

https://www.darkreading.com/cybersecurity-operations/us-gov-visa-restrictions-spyware-honchos 

 Russia's Fancy Bear Pummels Windows Print Spooler Bug

The infamous Russian threat actor has created a custom tool called GooseEgg to exploit CVE-2022-38028 in cyber-espionage attacks against targets in Ukraine, Western Europe, and North America.

https://www.darkreading.com/endpoint-security/russia-fancy-bear-pummels-windows-print-spooler-bug 

 Teetering on the Edge: VPNs, Firewalls' Nonexistent Telemetry Lures APTs

State-sponsored groups are targeting critical vulnerabilities in virtual private network (VPN) gateways, firewall appliances, and other edge devices to make life difficult for incident responders, who rarely have visibility into the devices.

https://www.darkreading.com/endpoint-security/edge-vpns-firewalls-nonexistent-telemetry-apts 

 Licensed to Bill? Nations Mandate Certification & Licensure of Cybersecurity Pros

Malaysia, Singapore, and Ghana are among the first countries to pass laws that require cybersecurity firms — and in some cases, individual consultants — to obtain licenses to do business, but concerns remain.

https://www.darkreading.com/cyber-risk/licensed-to-bill-nations-mandate-certification-licensure-of-cybersecurity-pros 

 ToddyCat APT Is Stealing Data on 'Industrial Scale'

The threat actor is deploying multiple connections into victim environments to maintain persistence and steal data.

https://www.darkreading.com/cyber-risk/-toddycat-apt-is-stealing-data-on-an-industrial-scale- 

 Nespresso Domain Serves Up Steamy Cup of Phish, No Cream or Sugar

An open direct vulnerability in the Nespresso Web domain lets attackers bypass detection as they attempt to steal victims' Microsoft credentials.

https://www.darkreading.com/cyberattacks-data-breaches/nespresso-domain-phish-cream-sugar 

 MITRE ATT&CKED: InfoSec's Most Trusted Name Falls to Ivanti Bugs

The irony is lost on few, as a Chinese threat actor used eight MITRE techniques to breach MITRE itself — including exploiting the Ivanti bugs that attackers have been swarming on for months.

https://www.darkreading.com/endpoint-security/mitre-attacked-infosecs-most-trusted-name-falls-to-ivanti-bugs 

 Zero-Trust Takes Over: 63% of Orgs Implementing Globally

Though organizations are increasingly incorporating zero-trust strategies, for many, these strategies fail to address the entirety of an operation, according to Gartner.

https://www.darkreading.com/endpoint-security/zero-trust-takes-over-63-percent-of-orgs-implementing-globally 

 Where Hackers Find Your Weak Spots

The five intelligence sources that power social engineering scams.

https://www.darkreading.com/vulnerabilities-threats/where-hackers-find-your-weak-spots 

 Miggo Launches Application Detection and Response (ADR) Solution



https://www.darkreading.com/application-security/miggo-launches-application-detection-and-response-adr-solution 

 UNDP, City of Copenhagen Targeted in Data-Extortion Cyberattack

A ransomware gang claimed responsibility for the attack, though it is unknown if a ransom was demanded or paid.

https://www.darkreading.com/cyberattacks-data-breaches/undp-city-of-copenhagen-targeted-in-data-extortion-cyberattack 

 Multiple LastPass Users Lose Master Passwords to Ultra-Convincing Scam

CryptoChameleon attackers trade quantity for quality, dedicating time and resources to trick even the most diligent user into handing over their high-value credentials.

https://www.darkreading.com/cyberattacks-data-breaches/lastpass-users-lose-master-passwords-ultra-convincing-scam 

 Rethinking How You Work With Detection and Response Metrics

Airbnb's Allyn Stott recommends adding the Human Maturity Model (HMM) and the SABRE framework to complement MITRE ATT&CK to improve security metrics analysis.

https://www.darkreading.com/cybersecurity-analytics/rethinking-how-you-work-with-detection-response-metrics 

 AI Lowers Barrier for Cyber-Adversary Manipulation in 2024 Election

Securing the presidential election requires vigilance and hardened cybersecurity defenses.

https://www.darkreading.com/vulnerabilities-threats/ai-lowers-barrier-cyber-adversary-manipulation-2024-election 

 'MagicDot' Windows Weakness Allows Unprivileged Rootkit Activity

Malformed DOS paths in file-naming nomenclature in Windows could be used to conceal malicious content, files, and processes.

https://www.darkreading.com/vulnerabilities-threats/magicdot-windows-weakness-unprivileged-rootkit 

 Cyberattack Takes Frontier Communications Offline

The local phone and business communications company said that attackers accessed unspecified PII, after infiltrating its internal networks.

https://www.darkreading.com/ics-ot-security/cyberattack-takes-frontier-communications-offline 

 Evil XDR: Researcher Turns Palo Alto Software Into Perfect Malware

It turns out that a powerful security solution can double as even more powerful malware, capable of granting comprehensive access over a targeted machine.

https://www.darkreading.com/application-security/evil-xdr-researcher-turns-palo-alto-software-into-perfect-malware 

 Auburn's McCrary Institute and Oak Ridge National Laboratory to Partner on Regional Cybersecurity Center



https://www.darkreading.com/vulnerabilities-threats/auburn-s-mccrary-institute-and-oak-ridge-national-laboratory-to-partner-on-regional-cybersecurity-center 

 Rebalancing NIST: Why 'Recovery' Can't Stand Alone

The missing ingredient in NIST's newest cybersecurity framework? Recovery.

https://www.darkreading.com/vulnerabilities-threats/rebalancing-nist-why-recovery-cant-stand-alone 

 Break Security Burnout: Combining Leadership With Neuroscience

Industry leaders aim to solve the threat to both the mental health of workers and security of organizations with solutions that recognize the enormous pressures facing cybersecurity professionals.

https://www.darkreading.com/cybersecurity-operations/break-security-burnout-combining-leadership-neuroscience 

 Sneaky Shellcode: Windows Fibers Offer EDR-Proof Code Execution

Two new code-execution techniques, Poison Fiber and Phantom Thread, take advantage of a little-known Windows OS workhorse to sneak shellcode and other malware onto victim machines.

https://www.darkreading.com/application-security/sneaky-shellcode-windows-fibers-edr-proof-code-execution 

 Nigeria & Romania Ranked Among Top Cybercrime Havens

A survey of cybercrime experts assessing the top cybercrime-producing nations results in some expected leaders — Russia, Ukraine, and China — but also some surprises.

https://www.darkreading.com/cybersecurity-analytics/nigeria-romania-ranked-among-top-cybercrime-havens