Dark Reading Daily -- April 16, 2024

A sophisticated threat actor is leveraging the bug to deploy a Python backdoor for stealing data and executing other malicious actions.

LATEST SECURITY NEWS & COMMENTARY

Palo Alto Network Issues Hotfixes for Zero-Day Bug in Its Firewall OS

A sophisticated threat actor is leveraging the bug to deploy a Python backdoor for stealing data and executing other malicious actions.

Cisco Duo's Multifactor Authentication Service Breached

A third-party telephony service provider for Cisco Duo falls prey to social engineering, and the company advises customer vigilance against subsequent phishing attacks.

Roku Mandates 2FA for Customers After Credential-Stuffing Compromise

Roku assures customers that no financial information was stolen and that any purchases made through user accounts have been reimbursed.

Web3 Game Developers Targeted in Crypto Theft Scheme

A Russian-language cyberattack campaign impersonates legitimate game operations to spread various cross-platform infostealers.

Cyber Operations Intensify in Middle East, With Israel the Main Target

Cyberattacks tripled over the past year in Israel, making it the most targeted nation in 2023, as cyber operations become a standard part of military conflicts and global protests.

Microsoft Wants You to Watch What It Says, Not What It Does

The responsibility to hold Microsoft accountable for abiding by its self-proclaimed principles shouldn't fall to customers and competition authorities.

(Sponsored Article) Application Security's New Mandate in a DevOps World

A new dynamic is shifting practices required to run an effective DevSecOps program whereby application security can keep pace with DevOps workflows.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
CISA's Malware Analysis Platform Could Foster Better Threat Intel But just how the government differentiates its platform from similar private-sector options remains to be seen. Critical Infrastructure Security: Observations From the Front Lines Attacks on critical infrastructure are ramping up — but organizations now have the knowledge and tools needed to defend against them. Critical Rust Flaw Poses Exploit Threat in Specific Windows Use Cases Project behind the Rust programming language asserted that any calls to a specific API would be made safe, even with unsafe inputs, but researchers found ways to circumvent the protections. CISO Corner: Securing the AI Supply Chain; AI-Powered Security Platforms; Fighting for Cyber Awareness Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: facing hard truths in software security, and the latest guidance from the NSA. MORE

PRODUCTS & RELEASES

Defense Award Launches Purdue Project to Strengthen Cyber-Physical Systems

Knostic Raises $3.3M for Enterprise GenAI Access Control

Cohesity Extends Collaboration to Strengthen Cyber Resilience With IBM Investment in Cohesity

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

CISA Issues Emergency Directive After Midnight Blizzard Microsoft Hits

Though Federal Civilian Executive Branch (FCEB) agencies are the primary targets, CISA encourages all organizations to up their security, given the high risk.

LATEST FROM THE EDGE

How Do We Integrate LLMs Security Into Application Development?

Large language models require rethinking how to bake security into the software development process earlier.

LATEST FROM DR TECHNOLOGY

The Race for AI-Powered Security Platforms Heats Up

Microsoft, Google, and Simbian each offers generative AI systems that allow security operations teams to use natural language to automate cybersecurity tasks.

LATEST FROM DR GLOBAL

Iran-Backed Hackers Blast Out Threatening Texts to Israelis

Handala threat group claims to have hacked radar systems in Israel as tensions rise between the two nations.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>