The company announced an update to its privacy policy, acknowledging it is using customer data to train its AI models. [TechWeb]( Follow Dark Reading:
[RSS](
September 23, 2024 LATEST SECURITY NEWS & COMMENTARY [LinkedIn Addresses User Data Collection for AI Training](
The company announced an update to its privacy policy, acknowledging it is using customer data to train its AI models.
[Citrine Sleet Poisons PyPI Packages With Mac & Linux Malware](
A North Korean advanced persistent threat (APT) actor (aka Gleaming Pisces) tried to sneak simple backdoors into public software packages.
[Ivanti's Cloud Service Appliance Attacked via Second Vuln](
The critical bug, CVE-2024-8963, can be used in conjunction with the prior known flaw to achieve remote code execution (RCE).
[Zero-Click MediaTek Bug Opens Phones, Wi-Fi to Takeover](
Critical-rated CVE-2024-20017 allows remote code execution (RCE) on a range of phones and Wi-Fi access points from a variety of OEMs.
[China's 'Earth Baxia' Spies Exploit Geoserver to Target APAC Orgs](
The APT group uses spear-phishing and a vulnerability in a geospatial data-sharing server to compromise organizations in Taiwan, Japan, the Philippines, and South Korea.
[GenAI in Cybersecurity: Insights Beyond the Verizon DBIR](
The lack of abundant data on AI-enabled attacks in official reports shouldn't prevent us from preparing for and mitigating potential future threats.
[(Sponsored Article) Defending Nations: 3 Strategic Shifts to Evolve Government Cyber Defense](
To safeguard national security, governments must evolve in three areas to protect against a constantly evolving threat landscape. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [GitLab Warns of Max Severity Authentication Bypass Bug]( Company urges organizations using self-hosting GitLab instances to apply updates for CVE-2024-45409 as soon as possible.
[1 PoC Exploit for Critical RCE Flaw, but 2 Patches From Veeam]( The first patch lets threat actors with low-level credentials still exploit the vulnerability, while the second fully resolves the flaw.
[An AI-Driven Approach to Risk-Scoring Systems in Cybersecurity]( By enhancing threat detection, enabling real-time risk assessment, and providing predictive insights, AI is empowering organizations to build more robust defenses against cyber threats.
[How Shifts in Cyber Insurance Are Affecting the Security Landscape]( Ultimately, the goal of businesses and cyber insurers alike is to build more resilient IT environments to avoid cyberattacks and the ransom, downtime, and reputation hit that come along with them. [MORE]( PRODUCTS & RELEASES [Abstract Security Expands Multi-Cloud Security Operations]( [CrowdStrike Expands Cybersecurity Startup Accelerator With AWS and NVIDIA]( [c/side Lands $6M to Combat Rising Browser Supply Chain Attacks](
[MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Vice Society Pivots to Inc Ransomware in Healthcare Attack](
Inc ransomware â one of the most popular among cybercriminals today â meets healthcare, the industry sector most targeted by RaaS. LATEST FROM THE EDGE [Coalition for Secure AI Promotes Safe, Ethical AI Development](
The Coalition for Secure AI (CoSAI) has expanded its roster of members with the addition of threat intelligence management, collaboration, and response orchestration vendor Cyware. LATEST FROM DR TECHNOLOGY [Mastercard's Recorded Future Deal Furthers Its AI Security Goals](
Mastercard's $2.65 billion deal to acquire the threat intelligence provider will boost the credit-card company's AI-based cybersecurity protection capabilities. LATEST FROM DR GLOBAL [Phishing Espionage Attack Targets US-Taiwan Defense Conference](
Hackers sent a convincing lure document, but after 20 years of similar attacks, the target organization was well prepared. WEBINARS - [Get In Tune with Your Cloud Cyber Resilience Strategy](
- [Mind the Cyber Resilience Gap]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [Product Review: Trend Vision One Cloud Security](
- [Gartner Magic Quadrant for Application Security Testing](
- [Solution Brief: Introducing the runZero Platform](
- [Gartner Report: Cyber Asset Attack Surface Management](
- [The State of Asset Security: Uncovering Alarming Gaps & Unexpected Exposures](
- [Purple AI Datasheet](
- [SANS 2024 Security Awareness Report]( [View More White Papers >>]( FEATURED REPORTS - [Managing Third-Party Risk Through Situational Awareness](
- [2024 InformationWeek US IT Salary Report]( [View More Dark Reading Reports >>]( Dark Reading Daily
-- Published By [Dark Reading](
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.](
Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com)
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=125852&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_09.23.24&sp_cid=55156&utm_content=DR_NL_Dark%20Reading%20Daily_09.23.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#bd
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)