Dark Reading Daily -- May 31, 2024

Europol undertook dropper malware botnet takedown while US law enforcement dismantled a sprawling cybercrime botnet for hire.

LATEST SECURITY NEWS & COMMENTARY

Cops Swarm Global Cybercrime Botnet Infrastructure in 2 Massive Ops

Europol undertook dropper malware botnet takedown while US law enforcement dismantled a sprawling cybercrime botnet for hire.

Flawed AI Tools Create Worries for Private LLMs, Chatbots

Companies are looking to large language models to help their employees glean information from unstructured data, but vulnerabilities could lead to disinformation and, potentially, data leaks.

Okta Warns Once Again of Credential-Stuffing Attacks

This time it's the identity management service provider's cross-origin authentication feature that's being targeted by adversaries.

Shady 'Merry-Go-Round' Ad Fraud Network Leaves Orgs Hemorrhaging Cash

Stealthy ad fraud rings turn legitimate marketing into spam at a large scale, creating 200M+ bid requests daily.

An Argument for Coordinated Disclosure of New Exploits

By adopting a stance of coordinated disclosure for exploits, security researchers can give organizations time to patch vulnerabilities before they are exploited in the wild.

(Sponsored Article) A Comprehensive Approach to SAP Security

Implement this checklist to help protect your SAP environment against bad actors.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
Microsoft: 'Moonstone Sleet' APT Melds Espionage, Financial Goals North Korea's newest threat actor uses every trick in the nation-state APT playbook, and most of cybercrime's tricks, too. It also developed a whole video game company to hide malware. The SEC's New Take on Cybersecurity Risk Management Insights from three companies that recently reported breaches under the new disclosure regulations. Leak Site BreachForums Springs Back to Life Weeks After FBI Takedown It's unclear whether a dataset for sale on the site allegedly containing data from more than 500 million Ticketmaster users is real or just law enforcement bait. Attackers Target Check Point VPNs to Access Corporate Networks Using VPNs as an initial access vector is ironic, given that security is the very reason enterprises employ them in the first place. Why CVEs Are an Incentives Problem It's time to rethink the pivotal role incentives play in shaping behavior to find and disclose software vulnerabilities. More accurate guidance to reflect real-world risks and a tiered verification process to establish potential impact could slow misleading submissions. MORE

PRODUCTS & RELEASES

VicOne Partners With 42Crunch to Deliver Comprehensive Security Across SDV and Connected-Vehicle Ecosystem

Digital Twin Technology Can Improve Water Utility Management, Says Info-Tech Research Group

NRECA Signs MOU With Electricity Information Sharing and Analysis Center

BforeAI Launches PreCrime™ Guarantee Program for Seamless Cyber Risk Coverage

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Exploit for Fortinet Critical RCE Bug Allows SIEM Root Access

Corporate admins should patch the max-severity CVE-2024-23108 immediately, which allows unauthenticated command injection.

LATEST FROM THE EDGE

Persistent Burnout Is Still a Crisis in Cybersecurity

Burnout has been an oft-reported problem among security professionals for years. Are there any new ideas for supporting mental health in the industry?

LATEST FROM DR TECHNOLOGY

10 Ways a Digital Shield Protects Apps and APIs

Layers of protection can bring defense-in-depth practices to distributed clouds and other modern network architectures.

LATEST FROM DR GLOBAL

6 Facts About How Interpol Fights Cybercrime

So you think you know Interpol? Here are some key details of how this international law enforcement entity disrupts cybercrime worldwide.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>