Dark Reading;;Cybersecurity News

"Beyond Identity introduces Device360 for security risk visibility across all devices."

Views expressed in this cybersecurity and cybersecurity update are those of the reporters and correspondents.  Accessed on 25 February 2024, 1335 UTC.

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

 

Dark Reading

147K followers52 articles per week#security#tech

12

FEB 23, 2024

Beyond Identity Introduces Device360 for Security Risk Visibility Across All Devices

Beyond Identity introduces Device360 for

•

1d

[no content]

Palo Alto Networks Launches Cortex Platform Offer

Palo Alto Networks offers endpoint security

•

1d

[no content]

Apple Beefs Up iMessage With Quantum-Resistant Encryption

by Jeffrey Schwartz, Contributing Writer / 1d

The revamped iMessage app uses Apple's new PQ3 post-quantum cryptographic protocol, which its engineers say will make it the most secure messaging app — but Signal's president begs to differ.

Redesigning the Network to Fend Off Living-Off-the-Land Tactics

by Nathan Eddy, Contributing Writer / 1d

The growing threat of living-off-the-land tactics requires a rethink of network traffic visibility to prevent these types of attacks.

Lovers' Spat? North Korea Backdoors Russian Foreign Affairs Ministry

by Nate Nelson, Contributing Writer / 1d

First Brad and Jennifer, now Kim and Putin? Romance truly is dead, as North Korea is caught spying (again) on its partner to the north with the Konni malware.

Orgs Face Major SEC Penalties for Failing to Disclose Breaches

by Robert Lemos, Contributing Writer / 1d

In what could be an enforcement nightmare, potentially millions of dollars in fines, reputational damage, shareholder lawsuits, and other penalties await companies that fail to comply with the SEC's new data-breach disclosure rules.

Privacy Beats Ransomware as Top Insurance Concern

by Stephen Lawton, Contributing Writer / 1d

Despite ransomware losses remaining high, privacy violations have quickly risen to second in a list of expected cyber insurance claims costs.

Avast to Pay $16.5M Fine for Selling Consumer Browsing Data

FTC fines Avast $16.5M

•

by Dark Reading Staff / 1d

The FTC found that Avast collected reams of personal data through its antivirus product, then sold it to more than 100 third parties without disclosing its practices.

Malawi Immigration Dept. Halts Passport Services Amid Cyberattack

Malawi suspends passport issuance cyber-attack

•

by Dark Reading Staff / 1d

President of Malawi vows not to pay ransom to "appease criminals."

Alarm Over GenAI Risk Fuels Security Spending in Middle East & Africa

by Robert Lemos, Contributing Writer / 1d

Organizations boost cybersecurity budgets to tackle data-privacy and cloud-security threats amid speedy adoption of generative AI.

ConnectWise ScreenConnect Mass Exploitation Delivers Ransomware

3 TTPs

•

by Tara Seals, Managing Editor, News, Dark Reading / 1d

•

CVE-2024-1709

Hundreds of initial access brokers and cybercrime gangs are jumping on the max-critical CVE-2024-1709 authentication bypass, threatening orgs and downstream customers.

Fostering Collaboration for Standardized Threat Investigation & Response

by Paul Agbabian, Mark Zerenzoni, Sridhar Muppidi / 1d

Working together can bring much-needed trust to the industry and help safeguard people, organizations, and government — now and in the future.

END OF FEED

Dark Reading: Cybersecurity News

"Q & A:  The Cybersecurity Training Gap in Industrial Networks."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 19 February 2024, 1346 UTC.

Content and Source:  https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fwww.darkreading.com%2Frss%2Fall.xml ("Dark Reading" via https://feedly.com).

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Dark Reading

147K followers55 articles per week#security#tech

61

MOST POPULAR

Q&A: The Cybersecurity Training Gap in Industrial Networks

by Dan Raywood, Senior Editor, Dark Reading / 2h

Cyberattacks and threats increasingly are honed in on ICS/OT networks, but security training for operators of these critical infrastructure environments is perilously scarce.

Iran Warship Aiding Houthi Pirates Hacked by US

US cyberattack targets Iranian warship

•

30by Dark Reading Staff / 2d

US reportedly launched a cyberattack against an Iranian military ship suspected of helping Houthi rebel pirates menacing shipping traffic in the Red Sea.

iOS, Android Malware Steals Faces to Defeat Biometrics With AI Swaps

Gold Pickaxe malware steals faces

•

29by Nate Nelson, Contributing Writer / 3d

Southeast Asia is learning the hard way that biometric scans are nearly as easy to bypass as other kinds of authentication data, thanks to a creative banking Trojan.

FEB 16, 2024

Russian APT 'Winter Vivern' Targets European Government, Military

Data Encrypted for Impact (Enterprise T1486)

•

by Nathan Eddy, Contributing Writer / 2d

TAG-70's sophisticated espionage campaign targeted a range of geopolitical targets, suggesting a highly capable and well-funded state-backed threat actor.

CISO Corner: CIO Convergence, 10 Critical Security Metrics, & Ivanti Fallout

by Tara Seals, Managing Editor, News, Dark Reading / 2d

Also in this issue: Mideast investment, new FCC breach notification rules, and how Dark Reading readers use GenAI tools in their cybersecurity apparatus.

What Using Security to Regulate AI Chips Could Look Like

AI safety experts propose hardware regulation

•

by Agam Shah, Contributing Writer / 2d

An exploratory research proposal is recommending regulation of AI chips and stronger governance measures to keep up with the rapid technical innovations in artificial intelligence.

Enterprises Worry End Users Will be the Cause of Next Major Breach

by Edge Editors / 2d

Respondents in Dark Reading's Strategic Security Survey believe that the primary cause of their organization's next major data breach would involve social engineering, negligent users, and insecure remote workers.

Major Tech Firms Develop 'Tech Accord' to Combat AI Deepfakes

Tech firms combat AI election trickery

•

by Dark Reading Staff / 2d

The accord covers initiatives to create more transparency regarding what tech firms like Meta, Microsoft, Google, TikTok, and OpenAI are doing to combat malicious AI, especially around elections.

Like Seat Belts and Airbags, 2FA Must Be Mandatory ASAP

by Aviad Mizrachi / 2d

One of the worst hacks in history demonstrated that any online service must force its users to adopt at least two-factor authentication. This must be applied everywhere ASAP as a public safety measure.