FCC: AT&T Didn't Adequately Protect Customers' Cloud Data | Apple Abandons Spyware Suit to Avoid Sharing Cyber Secrets

Regulators fine AT&T $13 million for failing to protect customer information held by a third-party vendor, and extend consumer data protections to the cloud. [TechWeb]( Follow Dark Reading: [RSS]( September 19, 2024 LATEST SECURITY NEWS & COMMENTARY [FCC: AT&T Didn't Adequately Protect Customers' Cloud Data]( Regulators fine AT&T $13 million for failing to protect customer information held by a third-party vendor, and extend consumer data protections to the cloud. [Apple Abandons Spyware Suit to Avoid Sharing Cyber Secrets]( Despite more US sanctions against spyware operators, Apple decided the cost in terms of disclosures about its own anti-spyware efforts was too great. [Zero-Click RCE Bug in macOS Calendar Exposes iCloud Data]( A researcher bypassed the Calendar sandbox, Gatekeeper, and TCC in a chain attack that allowed for wanton theft of iCloud photos. ['Void Banshee' Exploits Second Microsoft Zero-Day]( Attackers have been using the Windows MSHTML Platform spoofing vulnerability in conjunction with another zero-day flaw. [Fortinet Confirms Customer Data Breach via Third Party]( The incident is a reminder why organizations need to pay attention to how they store and secure data in SaaS and cloud environments. [NFL Teams Block & Tackle Cyberattacks in a Digital World]( As the 104th season of the National Football League kicks off, expect cyberattacks aimed at its customers, players, and arenas. [Socially Savvy Scattered Spider Traps Cloud Admins in Web]( The dangerous ransomware group is targeting financial and insurance sectors using smishing and vishing against IT service desk administrators, cybersecurity teams, and other employees with top-level privileges. [Security Firm's North Korean Hacker Hire Not an Isolated Incident]( What happened to KnowBe4 also has happened to many other organizations, and it's still a risk for companies of all sizes due to a sophisticated network of government-sponsored fake employees. [How Shifts in Cyber Insurance Are Affecting the Security Landscape]( Ultimately, the goal of businesses and cyber insurers alike is to build more resilient IT environments to avoid cyberattacks and the ransom, downtime, and reputation hit that come along with them. [Name That Toon: Tug of War]( Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. [Rising Tide of Software Supply Chain Attacks: An Urgent Problem]( Understanding a threat is just as important as the steps taken toward prevention. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Cybersecurity & the 2024 US Elections]( While the 2024 election may see various cyber threats, existing security measures and coordination across all levels of government aim to minimize their impact. [Hardware Supply Chain Threats Can Undermine Endpoint Infrastructure]( To prevent this, organizations should focus on developing secure hardware and firmware foundations, enabling them to manage, monitor, and remediate hardware and firmware security. [The Current Cybersecurity Landscape: New Threats, Same Security Mistakes]( It is imperative to develop robust policies for new tech and future-proofing by favoring investments in security. [MORE]( PRODUCTS & RELEASES [South Korea Digital Forensics Market to Hit US $3.52B by 2031]( [Cybersecurity Community Celebrates Documentary Premiere at Tampa Theatre]( [Over a Third of Cyberattacks Result in Job Losses]( [99% of Business Leaders Have Concerns About the Trustworthiness of Internal Data]( [Cloud-Native Network Security Up 17%, Hardware Down 2%]( [NFL Teams Block & Tackle Cyberattacks in a Digital World]( [SCADA Market Is Set to Reach $18.7B by 2031]( [US Army Selects QuSecure Solution for 'Enhanced Post-Quantum Cryptography Suite for Tactical Networks' Project]( [Security Testing Market Worth $43.9B by 2029]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Thousands of ServiceNow KB Instances Expose Sensitive Corporate Data]( Despite security updates to protect data, 45% of total enterprise instances of the cloud-based IT management platform leaked PII, internal system details, and active credentials over the past year. LATEST FROM THE EDGE [Ready to Rumble: US Women's Cyber Team Preps for Global CTF Contest]( The 12-member group will compete at the first all-women's capture-the-flag competition this November at the Kunoichi Cyber Games in Tokyo. LATEST FROM DR TECHNOLOGY [Startup Finds 'Hydden' Identities in IT Environment]( Hydden's platform detects and classifies an organization's identities, accounts, and privileges, regardless of where they reside in the IT environment. LATEST FROM DR GLOBAL [Microsoft VS Code Undermined in Asian Spy Attack]( A technique to abuse Microsoft's built-in source code editor has finally made it into the wild, thanks to China's Mustang Panda APT. WEBINARS - [Get In Tune with Your Cloud Cyber Resilience Strategy]( - [DORA and PCI DSS 4.0: Scale Your Mainframe Security Strategy Among Evolving Regulations]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [Solution Brief: Introducing the runZero Platform]( - [Generative AI Gifts]( - [SANS 2024 Security Awareness Report]( - [SANS Security Awareness Maturity Model]( - [Boston Beer Company Transforms OT Security & Reduces Costs]( - [OT Cybersecurity Glossary & Quick Start Guide]( - [5 Critical Controls for World-Class OT Cybersecurity]( [View More White Papers >>]( FEATURED REPORTS - [Managing Third-Party Risk Through Situational Awareness]( - [2024 InformationWeek US IT Salary Report]( [View More Dark Reading Reports >>]( Dark Reading Weekly -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=125812&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Weekly_09.19.24&sp_cid=55121&utm_content=DR_NL_Dark%20Reading%20Weekly_09.19.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#ad If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)