Threat actors punch holes in the company's online ordering systems, tripping up doughnut deliveries across the US after a late November breach.
Follow Dark Reading:
 December 12, 2024
LATEST SECURITY NEWS & COMMENTARY
Krispy Kreme Doughnut Delivery Gets Cooked in Cyberattack
Threat actors punch holes in the company's online ordering systems, tripping up doughnut deliveries across the US after a late November breach.
Governments, Telcos Ward Off China's Hacking Typhoons
Infiltrating other nations' telecom networks is a cornerstone of China's geopolitical strategy, and it's having the unintended consequence of driving the uptake of encrypted communications.
Researchers Crack Microsoft Azure MFA in an Hour
A critical flaw in the company's rate limit for failed sign-in attempts allowed unauthorized access to a user account, including Outlook emails, OneDrive files, Teams chats, Azure Cloud, and more.
Actively Exploited Zero-Day, Critical RCEs Lead Microsoft Patch Tuesday
The zero-day (CVE-2024-49138), plus a worryingly critical unauthenticated RCE security vulnerability (CVE-2024-49112), are unwanted gifts for security admins this season.
Texas Teen Arrested for Scattered Spider Telecom Hacks
An FBI operation nabbed a member of the infamous cybercrime group, who is spilling the tea on "key Scattered Spider members" and their tactics.
Russia's 'BlueAlpha' APT Hides in Cloudflare Tunnels
Cloudflare Tunnels is just the latest legitimate cloud service that cybercriminals and state-sponsored threat actors are abusing to hide their tracks.
Cybercrime Gangs Abscond With Thousands of Orgs' AWS Credentials
The Nemesis and ShinyHunters attackers scanned millions of IP addresses to find exploitable cloud-based flaws, though their operation ironically was discovered due to a cloud misconfiguration of their own doing.
Why SOC Roles Need to Evolve to Attract a New Generation
The cybersecurity industry faces a growing crisis in attracting and retaining SOC analysts.
Large-Scale Incidents & the Art of Vulnerability Prioritization
We can anticipate a growing number of emerging vulnerabilities in the near future, emphasizing the need for an effective prioritization strategy.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Tips for Preventing Breaches in 2025
Hackers are constantly evolving, and so too should our security protocols.

Lessons From the Largest Software Supply Chain Incidents
The software supply chain is a growing target, and organizations need to take special care to safeguard it.

Vulnerability Management Challenges in IoT & OT Environments
By understanding the unique challenges of protecting IoT and OT devices, organizations can safeguard these critical assets against evolving cyber threats.

MORE
PRODUCTS & RELEASES
Genetec Physical Security Report Shows Accelerating Hybrid Cloud Adoption
Compromised Software Code Poses New Systemic Risk to U.S. Critical Infrastructure
Onapsis Expands Code Security Capabilities to Accelerate and De-Risk SAP BTP Development Projects
Wyden and Schmitt Call for Investigation of Pentagon's Phone Systems
MORE PRODUCTS & RELEASES
EDITORS' CHOICE
Microsoft NTLM Zero-Day to Remain Unpatched Until April
The second zero-day vulnerability found in Windows NTLM in the past two months paves the way for relay attacks and credential theft. Microsoft has no patch, but released updated NTLM cyberattack mitigation advice.
LATEST FROM THE EDGE

Cybersecurity Lessons From 3 Public Breaches
High-profile security incidents provide examples of how common vulnerabilities can be exploited. If you pay attention, you can learn from others' mistakes.
LATEST FROM DR TECHNOLOGY

Open Source Security Priorities Get a Reshuffle
The "Census of Free and Open Source Software" report, which identifies the most critical software projects, sees more cloud infrastructure and Python software designated as critical software components.
LATEST FROM DR GLOBAL

African Law Enforcement Nabs 1,000+ Cybercrime Suspects
Authorities across 19 African countries also dismantled their infrastructure and networks, thanks to cooperation between global law enforcement and private firms.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
Dark Reading Weekly
-- Published By Dark Reading
Operated by TechTarget, Inc. and its subsidiaries,
275 Grove Street, Newton, Massachusetts, 02466 US
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2024  |   TechTarget, Inc.  |   Privacy Statement  |   Terms & Conditions  |  Contact Us