Dark Reading Daily.

"Third Ivanti vulnerability exploited in the wild...."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 22 January 2024, 1449 UTC.

Content and Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGwJmNZvwrwvcKHTdTLcQrjDHhM ("Dark Reading Daily").

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

LATEST SECURITY NEWS & COMMENTARY Third Ivanti Vulnerability Exploited in the Wild, CISA Reports Though reports say this latest Ivanti bug is being exploited, it's unclear exactly how threat actors are using it. Ransomware Actor Uses TeamViewer to Gain Initial Access to Networks Attackers have increasingly leveraged the widely used remote access tool, installed on hundreds of millions of endpoints, to break into victim environments. Massive Data Breach at VF Hits 35M Vans, Retail Customers A month on from a retail conglomerate's data breach, it's still not clear exactly what the hackers stole, but impacted brands include Dickies, Northface, Timberland, Vans, and more. CISOs Struggle for C-Suite Status Even as Expectations Skyrocket An IANS survey shows that CISOs shoulder more and more legal and regulatory liability for data breaches, but few are getting the recognition or support they need. Microsoft: Iran's Mint Sandstorm APT Blasts Educators, Researchers The Charming Kitten-related cyber-espionage group is posing as legitimate journalists and researchers to get intel on the Israel-Hamas war. iPhone, Android Ambient Light Sensors Allow Stealthy Spying Ambient light sensors on smart-device screens can effectively be turned into a camera, opening up yet another path to snooping on unwitting victims. Missing the Cybersecurity Mark With the Essential Eight Australia's Essential Eight Maturity Model still doesn't address key factors needed to protect today's cloud and SaaS environments. CISA's Road Map: Charting a Course for Trustworthy AI Development The agency aims to build a more robust cybersecurity posture for the nation. MORE NEWS / MORE COMMENTARY HOT TOPICS Google: Russia's ColdRiver APT Unleashes Custom 'Spica' Malware Just in time for the US election season, one of the Kremlin's favorite hack-and-leak spy groups — Star Blizzard — has developed its very first custom backdoor. Citrix Discovers 2 Vulnerabilities, Both Exploited in the Wild These vulnerabilities are the second and third for Citrix but are not expected to be as detrimental as "CitrixBleed." Building AI That Respects Our Privacy Until laws can move at the speed of innovation, we'll see a discrepancy between the protections offered and the risks associated with technology. MORE PRODUCTS & RELEASES Intel 471 Appoints Technology Veteran, Sonja Tsiridis, Chief Technology Officer Mimecast Announces New CEO ESET Launches New Managed Detection and Response (MDR) Service for Small and Midsize Businesses Salt Security Delivers API Posture Governance Engine MORE PRODUCTS & RELEASES EDITORS' CHOICE Google: Russia's ColdRiver APT Unleashes Custom 'Spica' Malware Just in time for the US election season, one of the Kremlin's favorite hack-and-leak spy groups — Star Blizzard — has developed its very first custom backdoor. LATEST FROM THE EDGE Top 3 Priorities for CISOs in 2024 A changing regulatory and enforcement environment means the smart CISO might need to shift how they work this year. LATEST FROM DR TECHNOLOGY First Step in Securing AI/ML Tools Is Locating Them Security teams need to start factoring for these tools when thinking about the software supply chain. After all, they can't protect what they don't know they have. LATEST FROM DR GLOBAL Nigerian Businesses Face Growing Ransomware-as-a-Service Trade Infosec advocacy group warns that poor patching practices and reliance on cracked software increases risk. WEBINARS Top Cloud Security Threats Targeting Enterprises Tips for Managing Cloud Security in a Hybrid Environment View More Dark Reading Webinars >> WHITE PAPERS IT Zero Trust vs. OT Zero Trust: It's all about Availability The OT Zero Trust Handbook: Implementing the 4 Cornerstones of OT Security 2023 Software Supply Chain Attack Report Understanding AI Models to Future-Proof Your AppSec Program Increase Speed and Accuracy with AI Driven Static Analysis Auditing The Need for a Software Bill of Materials The Developers Guide to API Security View More White Papers >> FEATURED REPORTS Passwords Are Passe: Next Gen Authentication Addresses Today's Threats The State of Supply Chain Threats How to Use Threat Intelligence to Mitigate Third-Party Risk The report discusses the various steps of a continuous third-party intelligence lifecycle: Data collection, Data classification, Data storage, Data analysis, reporting, dissemination, continuous monitoring, data governance, and choosing the right technology stack. The report also includes information about how attackers ... View More Dark Reading Reports >>

Dark Reading Daily -- Published By Dark Reading Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond here. Thoughts about this newsletter? Give us feedback. Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our Privacy Statement.

© 2024  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us