Interpol: Can We Drop the Term 'Pig Butchering'? | Microsoft Teams Vishing Spreads DarkGate RAT

The agency asks the cybersecurity community to adopt "romance baiting" in place of dehumanizing language.

Follow Dark Reading:

December 19, 2024

LATEST SECURITY NEWS & COMMENTARY Interpol: Can We Drop the Term 'Pig Butchering'? The agency asks the cybersecurity community to adopt "romance baiting" in place of dehumanizing language. Microsoft Teams Vishing Spreads DarkGate RAT A thwarted attack demonstrates that threat actors using yet another delivery method for the malware, which already has been spread using phishing emails, malvertising, hijacking of instant messages, and SEO poisoning. Does Desktop AI Come With a Side of Risk? Artificial intelligence capabilities are coming to a desktop near you — with Microsoft 365 Copilot, Google Gemini with Project Jarvis, and Apple Intelligence all arriving (or having arrived). But what are the risks? With 'TPUXtract,' Attackers Can Steal Orgs' AI Models A new side-channel attack method is a computationally practical way to infer the structure of a convolutional neural network — meaning that cyberattackers or rival companies can plagiarize AI models and take their data for themselves. 336K Prometheus Instances Exposed to DoS, 'Repojacking' Open source Prometheus servers and exporters are leaking plaintext passwords and tokens, along with API addresses of internal locations. Efforts to Secure US Telcos Beset by Salt Typhoon Might Fall Flat The rules necessary to secure US communications have already been in place for 30 years, argues Sen. Wyden, the FCC just hasn't enforced them. It's unclear if they will help. Cultivating a Hacker Mindset in Cybersecurity Defense Security isn't just about tools — it's about understanding how the enemy thinks and why they make certain choices. The Importance of Empowering CFOs Against Cyber Threats Working closely with CISOs, chief financial officers can become key players in protecting their organizations' critical assets and ensuring long-term financial stability. MORE NEWS / MORE COMMENTARY HOT TOPICS To Defeat Cybercriminals, Understand How They Think Getting inside the mind of a threat actor can help security pros understand how they operate and what they're looking for — in essence, what makes a soft target. OData Injection Risk in Low-Code/No-Code Environments As the adoption of LCNC grows, so will the complexity of the threats organizations face. The Education Industry: Why Its Data Must Be Protected The sector must prioritize comprehensive data protection strategies to safeguard PII in an aggressive threat environment. MORE PRODUCTS & RELEASES Wallarm Releases API Honeypot Report Highlighting API Attack Trends CISA Directs Federal Agencies to Secure Cloud Environments Delinea Joins CVE Numbering Authority Program CompTIA Xpert Series Expands With SecurityX Professional Certification Zerto Introduces Cloud Vault Solution for Enhanced Cyber Resilience Through MSPs Versa Introduces Integrated Endpoint Data Loss Prevention in SASE Solution MORE PRODUCTS & RELEASES EDITORS' CHOICE Azure Data Factory Bugs Expose Cloud Infrastructure Three vulnerabilities in the service's Apache Airflow integration could have allowed attackers to take shadow administrative control over an enterprise cloud infrastructure, gain access to and exfiltrate data, and deploy malware. LATEST FROM THE EDGE CISA Releases Draft of National Cyber Incident Response Plan The draft of the long-awaited update to the NCIRP outlines the efforts, mechanisms, involved parties, and decisions the US government will use in response to a large-scale cyber incident. LATEST FROM DR TECHNOLOGY Bridging the 'Keyboard-to-Chair' Gap With Identity Verification Modern identity verification (IDV) approaches aim to connect digital credentials and real-world identity without sacrificing usability. LATEST FROM DR GLOBAL 'Dubai Police' Lures Anchor Wave of UAE Mobile Attacks A sophisticated social engineering cybercrime campaign bent on financial gain was observed being run from Tencent servers in Singapore. WEBINARS Simplify Data Security with Automation Social Engineering: New Tricks, New Threats, New Defenses View More Dark Reading Webinars >> WHITE PAPERS From security alert to action: Accelerating incident response with automated investigations 4 Steps to Deploying an AppSec Training Program Top 10 CI/CD Security Risks: The Technical Guide 6 Key Requirements of Multicloud Security Generative AI Gifts 5 Essential Insights into Generative AI for Security Leaders How to Use Threat Intelligence to Mitigate Third-Party Risk View More White Papers >> FEATURED REPORTS Managing Third-Party Risk Through Situational Awareness 2024 InformationWeek US IT Salary Report View More Dark Reading Reports >>

Dark Reading Weekly -- Published By Dark Reading Operated by TechTarget, Inc. and its subsidiaries, 275 Grove Street, Newton, Massachusetts, 02466 US To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here. Thoughts about this newsletter? Give us feedback. Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our Privacy Statement.

© 2024 | TechTarget, Inc. | Privacy Statement | Terms & Conditions | Contact Us