Organizations running Linux distributions need to prepare to defend their systems against ransomware attacks. Steps to ensure resiliency and basics such as access control reduce major disruptions.
| | | LATEST SECURITY NEWS & COMMENTARY | | Linux Ransomware Poses Significant Threat to Critical Infrastructure Organizations running Linux distributions need to prepare to defend their systems against ransomware attacks. Steps to ensure resiliency and basics such as access control reduce major disruptions. Rogue Azure AD Guests Can Steal Data via Power Apps A few default guest setting manipulations in Azure AD and over-promiscuous low-code app developer connections can upend data protections. Attackers Exploit Citrix Zero-Day Bug to Pwn NetScaler ADC, Gateway Citrix is urging organizations to immediately patch the unauthenticated RCE vulnerability. Microsoft Relents, Offers Free Critical Logging to All 365 Customers Industry pushback prompts Microsoft to drop premium pricing for access to cloud logging data. Google Cloud Build Flaw Enables Privilege Escalation, Code Tampering Google's fix to the Bad.Build flaw only partially addresses the issue, say security researchers who discovered it. WormGPT Cybercrime Tool Heralds an Era of AI Malware vs. AI Defenses A black-hat alternative to GPT models specifically designed for malicious activities like BEC, malware, and phishing attacks is here, and will push organizations to level up with generative AI themselves. China's APT41 Linked to WyrmSpy, DragonEgg Mobile Spyware Nation-states see the opportunity in targeting people directly through their mobile phones, in this case with sophisticated Android surveillanceware. Microsoft 'Logging Tax' Hinders Incident Response, Experts Warn A recent email compromise by Chinese APT group Storm-0558 highlights a lack of access to security logging by many Microsoft 365 license holders, prompting calls from researchers to abolish it. Pernicious Rootkits Pose Growing Blight On Threat Landscape Attackers show renewed relentlessness in exploiting OS vulnerabilities that also circumvent defense and detection measures. Hacker Infected & Foiled by Own Infostealer A prolific threat actor has been operating on Russian-language forums since 2020, but then he accidentally infected his own computer and sold off its contents to threat researchers. 11M HCA Healthcare Patients Impacted by Data Breach The hackers posted up for sale stolen HCA Healthcare data on Dark Web forum. If George Washington Had a TikTok, What Would His Password Be? Artificial intelligence can be tricked into making password-based authentication even weaker. Name That Toon: Shark Sighting Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. MORE NEWS / MORE COMMENTARY | | |
|
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| | To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
