The previously unknown malware (aka Hidden Shovel) is a ghost in the machine: It silently attacks kernel drivers to shut down security defense systems and thus evade detection. [TechWeb]( Follow Dark Reading:
[RSS](
May 23, 2024 LATEST SECURITY NEWS & COMMENTARY EDR-Killing 'GhostEngine' Malware Is Built for Stealth](
The previously unknown malware (aka Hidden Shovel) is a ghost in the machine: It silently attacks kernel drivers to shut down security defense systems and thus evade detection. [YouTube Becomes Latest Battlefront for Phishing, Deepfakes](
Personalized phishing emails with fake collaboration opportunities and compromised video descriptions linking to malware are just some of the new tricks.
[The Fall of the National Vulnerability Database](
Since its inception, three key factors have affected the NVD's ability to classify security concerns â and what we're experiencing now is the result. [Iran APTs Tag Team Espionage, Wiper Attacks Against Israel & Albania](
Scarred Manticore is the smart, sophisticated one. But when Iran needs something destroyed, it hands the keys over to Void Manticore. [Critical Netflix Genie Bug Opens Big Data Orchestration to RCE](
The severe security vulnerability (CVE-2024-4701, CVSS 9.9) gives remote attackers a way to burrow into Netflix's Genie open source platform, which is a treasure trove of information and connections to other internal services.
[Microsoft Has Yet to Patch 7 Pwn2Own Zero-Days](
A number of serious Windows bugs still haven't made their way into criminal circles, but that won't remain the case forever â and time is running short before ZDI releases exploit details.
[US AI Experts Targeted in SugarGh0st RAT Campaign](
Researchers believe the attacker is likely China-affiliated, since a previous version of the malware was used by a China nation-state attack group.
[400K Linux Servers Recruited by Resurrected Ebury Botnet](
Cryptocurrency theft and financial fraud are the new M.O. of the 15-year-old malware operation that has hit organizations around the globe.
[Google Pitches Workspace as Microsoft Email Alternative, Citing CSRB Report](
The new Secure Alternative Program from Google aims to entice customers away from Exchange Online and break Microsoft's dominance in the enterprise.
[Name That Toon: Buzz Kill](
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
[Trends at the 2024 RSA Startup Competition](
Startups at Innovation Sandbox 2024 brought clarity to artificial intelligence, protecting data from AI, and accomplishing novel security solutions with new models.
[Preparing Your Organization for Upcoming Cybersecurity Deadlines](
Federal and state regulators have introduced new rules and mandates aimed at holding organizations accountable when it comes to cybersecurity. Here's how to get ready. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Whose Data Is It Anyway? Equitable Access in Cybersecurity]( Cybersecurity cannot be solely about defending against threats; it must also empower organizations with their data.
[Can Cybersecurity Be a Unifying Factor in Digital Trade Negotiations?]( As we face continued headwinds on provisions like data flows and e-customs duties, further progress is both needed and achievable in digital trade policy. [What American Enterprises Can Learn From Europe's GDPR Mistakes](
As the US braces for a data privacy overhaul, companies need to update data practices, train staff, and ensuring compliance from the outset to avoid Europe's costly missteps. [MORE]( PRODUCTS & RELEASES [NRECA Receives $4M in DOE Funding to Boost Electric Co-op Cybersecurity Preparedness]( [ZeroRisk Cybersecurity Expands Global Presence With US Launch]( [Data Breach Response Provider, CyEx, Acquires Settlement Administrator, Simpluris Inc.](
[MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Critical Bug Allows DoS, RCE, Data Leaks in All Major Cloud Platforms](
An on-by-default endpoint in ubiquitous logging service Fluent Bit contains an oversight that hackers can toy with to rattle most any cloud environment. LATEST FROM THE EDGE [Transforming CISOs Into Storytellers](
Faced with chilling new SEC rules, chief information security officers are learning soft skills to help them better communicate cybersecurity concerns with the C-suite. LATEST FROM DR TECHNOLOGY [Picking the Right Database Tech for Cybersecurity Defense](
Graph and streaming databases are helping defenders deal with complex, real-time threat and cybersecurity data to find weak points before attackers. LATEST FROM DR GLOBAL [Chinese 'ORB' Networks Conceal APTs, Render Static IoCs Irrelevant](
Mandiant warns that defenders must rethink how to thwart Chinese cyber-espionage groups now using professional "infrastructure-as-a-service" operational relay box networks of virtual private servers as well as hijacked smart devices and routers. WEBINARS - [Assessing Software Supply Chain Risk](
- [Securing Code in the Age of AI]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [Elastic named a Leader in The Forrester Waveâ¢: Security Analytics Platforms, Q4 2022](
- [2023 Global Threat Report](
- [EMA: AI at your fingertips: How Elastic AI Assistant simplifies cybersecurity](
- [ESG E-Book: Taking a Holistic Approach to Securing Cloud-Native Application Development](
- [A Short Primer on Container Scanning](
- [How Enterprises Secure Their Applications](
- [Making Sense of Your Security Data: The 6 Hardest Problems]( [View More White Papers >>]( FEATURED REPORTS - [Elastic named a Leader in The Forrester Waveâ¢: Security Analytics Platforms, Q4 2022](
- [2023 Global Threat Report](
- [EMA: AI at your fingertips: How Elastic AI Assistant simplifies cybersecurity]( [View More Dark Reading Reports >>]( Dark Reading Weekly
-- Published By [Dark Reading](
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.](
Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com)
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=123645&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Weekly_05.23.24&sp_cid=53619&utm_content=DR_NL_Dark%20Reading%20Weekly_05.23.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#c7
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)