The company said the rogue update that caused disruptions on a global scale resulted from a "perfect storm" of issues.
| | | LATEST SECURITY NEWS & COMMENTARY | | CrowdStrike Offers Mea Culpa to House Committee The company said the rogue update that caused disruptions on a global scale resulted from a "perfect storm" of issues. Third Ivanti Bug Comes Under Active Exploit, CISA Warns Though the critical vulnerability was patched in August, Ivanti is reminding customers to update as soon as possible as attacks from unauthenticated threat actors start circulating. Microsoft Trims Cloud Cyberattack Surface in Security Push The company has jettisoned hundreds of thousands of unused apps and millions of unused tenants as part of its Secure Future Initiative. Critical Automated Tank Gauge Bugs Threaten Gas Infrastructure The security vulnerabilities could lead to everything from gas spills to operations data disclosure, affecting gas stations, airports, military bases, and other hypersensitive locations. LinkedIn Addresses User Data Collection for AI Training The company announced an update to its privacy policy, acknowledging it is using customer data to train its AI models. Vice Society Pivots to Inc Ransomware in Healthcare Attack Inc ransomware — one of the most popular among cybercriminals today — meets healthcare, the industry sector most targeted by RaaS. Zero-Click MediaTek Bug Opens Phones, Wi-Fi to Takeover Critical-rated CVE-2024-20017 allows remote code execution (RCE) on a range of phones and Wi-Fi access points from a variety of OEMs. China's 'Earth Baxia' Spies Exploit Geoserver to Target APAC Orgs The APT group uses spear-phishing and a vulnerability in a geospatial data-sharing server to compromise organizations in Taiwan, Japan, the Philippines, and South Korea. 1 PoC Exploit for Critical RCE Flaw, but 2 Patches From Veeam The first patch lets threat actors with low-level credentials still exploit the vulnerability, while the second fully resolves the flaw. How Russia, China & Iran Are Targeting US Elections While these threats remain a valid concern, US government agencies have doubled down on their assurances to the American public that election infrastructure is secure. Managing Cyber-Risk Is No Different Than Managing Any Business Risk A sound cyber-risk management strategy analyzes all the business impacts that may stem from an attack and estimates the related costs of mitigation versus the costs of not taking action. Data Security Posture Management: Accelerating Time to Value Data discovery and classification are foundational for data security, data governance, and data protection. MORE NEWS / MORE COMMENTARY | | | | | HOT TOPICS | Dark Reading Confidential: Pen-Test Arrests, 5 Years Later Episode 3: On Sept. 11, 2019, two cybersecurity pros, Gary De Mercurio and Justin Wynn, were arrested in Dallas County, Iowa, and forced to spend the night in jail — just for doing their jobs. Despite the charges against them being dropped, that night five years ago continues to haunt De Mercurio and Wynn. In this episode, the pair and Coalfire CEO Tom McAndrew share how the fallout has shaped their lives and careers as well as how it has transformed physical penetration tests. An AI-Driven Approach to Risk-Scoring Systems in Cybersecurity
By enhancing threat detection, enabling real-time risk assessment, and providing predictive insights, AI is empowering organizations to build more robust defenses against cyber threats.
GenAI in Cybersecurity: Insights Beyond the Verizon DBIR
The lack of abundant data on AI-enabled attacks in official reports shouldn't prevent us from preparing for and mitigating potential future threats.
US May Be Losing the Race for Global AI Leadership
To maintain AI leadership, Congress and regulatory agencies must recognize that our foreign competitors are working to surpass us.
MORE |
| | | | PRODUCTS & RELEASES | | CrowdStrike Expands Cybersecurity Startup Accelerator With AWS and NVIDIA Abstract Security Expands Multi-Cloud Security Operations South Korea Digital Forensics Market to Hit US $3.52B by 2031 MORE PRODUCTS & RELEASES |
|
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| | To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
