RansomHub Actors Exploit ZeroLogon Vuln in Recent Ransomware Attacks

CVE-2020-1472 is a privilege escalation flaw that allows an attacker to take over an organization's domain controllers. [TechWeb]( Follow Dark Reading: [RSS]( June 06, 2024 LATEST SECURITY NEWS & COMMENTARY [RansomHub Actors Exploit ZeroLogon Vuln in Recent Ransomware Attacks]( CVE-2020-1472 is a privilege escalation flaw that allows an attacker to take over an organization's domain controllers. [Hijacking Scheme Takes Over High-Profile TikTok Accounts]( Hijacking malware gets spread through TikTok's direct messaging and doesn't require the victim to click links or download anything. [Ransomware Attack Disrupts Operations Across London Hospitals]( The incident affecting pathology-services provider Synnovis demonstrates the ripple effect that cyberattacks have on healthcare systems, and demands immediate security response. [Remote Work's Hidden Dangers]( Ten cybersecurity strategies for enterprises to keep remote work safer. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Cox Biz Auth-Bypass Bug Exposes Millions of Devices to Takeover]( The US broadband provider fixed an issue that allowed attackers to gain access to business customers’ modems, and then access info and execute commands with the same permissions of an ISP support team. [Ticketmaster Confirms Cloud Breach, Amid Murky Details]( Ticketmaster parent Live Nation has filed a voluntary SEC data breach notification, while one of its cloud providers, Snowflake, also confirmed targeted cyberactivity against some of its customers. [Perfecting the Proactive Security Playbook]( It's more important than ever for organizations to prepare themselves and their cybersecurity postures against known and unknown threats. ['Fog' Ransomware Rolls in to Target Education, Recreation Sectors]( A new group of hackers is encrypting data in virtual machines, leaving ransom notes, and calling it a day. [NIST Commits to Plan to Resume NVD Work]( The agency aims to burn down the backlog of vulnerabilities waiting to be added to the National Vulnerabilities Database via additional funding, third-party contract, and a partnership with CISA. [CISA's Secure by Design Initiative at 1: A Report Card]( There is more that needs to be done, but, so far, the initiative is a success. [MORE]( PRODUCTS & RELEASES [Notable Capital Launches Rising in Cyber to Spotlight Promising Cybersecurity Startups]( [EV Manufacturer BYD Selects Karamba Security to Meet Global Automotive Cybersecurity Regulations]( [Cloud Security Alliance Survey Finds 70% of Organizations Have Established Dedicated SaaS Security Teams]( [ISC2 Provides Opportunity for Employers to Connect With Cybersecurity Job Seekers]( [KnowBe4 and MobileMind Collaborate to Provide Cybersecurity Training for K12 School Districts]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Ticketmaster Breach Showcases SaaS Data Security Risks]( MFA and other mechanisms are critical to protect against unauthorized access to data in cloud application environments, but businesses still fall down on the job. LATEST FROM THE EDGE [Name That Edge Toon: Zonked Out]( Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. LATEST FROM DARK READING [Trend Micro, Nvidia Partner to Secure AI Data Centers]( With companies pouring billions into AI software and hardware, these installations need to be protected from cybersecurity threats and other security lapses. LATEST FROM GLOBAL [Chinese Threat Clusters Triple-Team High-Profile Asia Government Org]( "Operation Crimson Palace" performed specialized tasks in a broader cyberattack chain, likely under the watch of a single organization. WEBINARS - [Preventing Attackers From Wandering Through Your Enterprise Infrastructure]( - [Assessing Software Supply Chain Risk]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [The Forrester Wave™: External Threat Intelligence Service Providers, Q3 2023]( - [5 Essential Insights into Generative AI for Security Leaders]( - [SecOps Checklist]( - [Cisco Panoptica for Simplified Cloud-Native Application Security]( - [The Cloud Threat Landscape: Security learnings from analyzing 500+ cloud environments]( - [A Short Primer on Container Scanning]( - [The Cloud Threat Landscape: Security learnings from analyzing 500+ cloud environments]( [View More White Papers >>]( FEATURED REPORTS - [EMA: AI at your fingertips: How Elastic AI Assistant simplifies cybersecurity]( - [Industrial Networks in the Age of Digitalization]( - [Zero-Trust Adoption Driven by Data Protection]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=123923&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_06.06.24&sp_cid=53852&utm_content=DR_NL_Dark%20Reading%20Daily_06.06.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#2f If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)