CDK Attack: Why Contingency Planning Is Critical for SaaS Customers

For a while, the botnet spread but did essentially nothing. All the malicious payloads came well after. [TechWeb]( Follow Dark Reading: [RSS]( June 25, 2024 LATEST SECURITY NEWS & COMMENTARY [CDK Attack: Why Contingency Planning Is Critical for SaaS Customers]( Daily operations at some 15,000 automotive dealers remain impacted as CDK works to restore its dealer management system, following what appears to be a ransomware attack last week. ['P2PInfect' Worm Grows Teeth With Miner, Ransomware & Rootkit]( For a while, the botnet spread but did essentially nothing. All the malicious payloads came well after. [30M Potentially Affected in Tickettek Australia Cloud Breach]( In an incident with direct parallels to the recent Ticketmaster compromise, an Aussie live events giant says it was breached via a third-party cloud provider, as ShinyHunters takes credit. [The NYSE's $10M Wake-up Call]( The settlement between the SEC and the owner of the New York Stock Exchange is a critical reminder of the vulnerabilities within financial institutions' cybersecurity frameworks as well as the importance of regulatory oversight. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Kaspersky's US Customers Face Tight Deadline Following Govt. Ban]( After Sept. 29, 2024, organizations and individuals that continue using the vendor's products will no longer receive any updates or support. [Catching Up on Innovation With NIST CSF 2.0]( The updated framework is an equalizer for smaller organizations to meet the industry at its breakneck pace of innovation. [CISO Corner: Critical Infrastructure Misinformation; France's Atos Bid]( Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Inside China's civilian hacker army; outer space threats; and NIST 2.0 Framework secrets for success. [Securing Customers' Trust With SOC 2 Type II Compliance]( Audit compliance not only demonstrates commitment to data security and privacy but also builds trust with customers and stakeholders. [Name That Toon: Future Shock]( Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. [MORE]( PRODUCTS & RELEASES [Abstract Security Announces General Availability of its AI-Powered Data Streaming Platform for Security]( [FS-ISAC Announces Appointments to Global Board of Directors]( [VicOne Solutions for Detection of Zero-Day Vulnerabilities and Contextualized Attack Paths]( [NetSPI Acquires Hubble, Adds CAASM to Complement its IEASM]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Kaspersky's US Customers Face Tight Deadline Following Govt. Ban]( After Sept. 29, 2024, organizations and individuals that continue using the vendor's products will no longer receive any updates or support. LATEST FROM THE EDGE [How Cybersecurity Can Steer Organizations Toward Sustainability]( By integrating environmental initiatives, social responsibility, and governance into their strategies, security helps advance ESG goals. LATEST FROM DR TECHNOLOGY [What Building Application Security Into Shadow IT Looks Like]( AppSec is hard for traditional software development, let alone citizen developers. So how did two people resolve 70,000 vulnerabilities in three months? LATEST FROM DR GLOBAL [China-Linked Cyber-Espionage Teams Target Asian Telecoms]( In the latest breaches, threat groups compromised telecommunications firms in at least two Asian nations, installing backdoors and possibly eavesdropping or pre-positioning for a future attack. WEBINARS - [Empowering Developers, Automating Security: The Future of AppSec]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [Continuous Asset Discovery Do and Don'ts]( - [Google Cloud Threat Horizons Report, H1 2024]( - [How Cyber Threat Intelligence Empowers the C-Suite]( - [Generative AI Gifts]( - [Elastic named a Leader in The Forrester Wave™: Security Analytics Platforms, Q4 2022]( - [EMA: AI at your fingertips: How Elastic AI Assistant simplifies cybersecurity]( - [Cisco Panoptica for Simplified Cloud-Native Application Security]( [View More White Papers >>]( FEATURED REPORTS - [2024 InformationWeek US IT Salary Report]( - [Elastic named a Leader in The Forrester Wave™: Security Analytics Platforms, Q4 2022]( - [EMA: AI at your fingertips: How Elastic AI Assistant simplifies cybersecurity]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=124198&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_06.25.24&sp_cid=54048&utm_content=DR_NL_Dark%20Reading%20Daily_06.25.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#7c If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)