Unix Printing Vulnerabilities Enable Easy DDoS Attacks

All an attacker needs to exploit flaws in the Common Unix Printing System is a few seconds and less than 1 cent in computing costs. [TechWeb]( Follow Dark Reading: [RSS]( October 03, 2024 LATEST SECURITY NEWS & COMMENTARY [Unix Printing Vulnerabilities Enable Easy DDoS Attacks]( All an attacker needs to exploit flaws in the Common Unix Printing System is a few seconds and less than 1 cent in computing costs. [North Korea's 'Stonefly' APT Swarms US Private Co's. for Profit]( Despite a $10 million bounty on one member, APT45 is not slowing down, pivoting from intelligence gathering to extorting funds for Kim Jong-Un's regime. [Python-Based Malware Slithers Into Systems via Legit VS Code]( The prolific Chinese APT Mustang Panda is the likely culprit behind a sophisticated cyber-espionage attack that sets up persistent remote access to victim machines. [Manufacturers Rank as Ransomware's Biggest Target]( Improvements in cybersecurity and basics like patching aren't keeping pace with the manufacturing sector's rapid growth. [Top 5 Myths of AI & Cybersecurity]( Organizations looking to maximize their security posture will find AI a valuable complement to existing people, systems, and processes. [China-Backed APT Group Culling Thai Government Data]( CeranaKeeper is bombarding Southeast Asia with data exfiltration attacks via file-sharing services such as Pastebin, OneDrive, and GitHub, researchers say. [(Sponsored Article) Rethinking Privileged Access Management in a Cloud-Driven World]( Compromising privileged accounts enables direct access to sensitive data across environments, making PAM an essential part of cybersecurity. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Cyberattackers Use HR Targets to Lay More_Eggs Backdoor]( The FIN6 group is the likely culprit behind a spear-phishing campaign that demonstrates a shift in tactics, from targeting job seekers to going after those who hire. [Calif. Gov. Vetoes AI Safety Bill Aimed at Big Tech Players]( Critics viewed the bill as seeking protections against nonrealistic "doomsday" fears, but most stakeholders agree that oversight is needed in the GenAI space. [Infrastructure vs. Runtime — Where Are Your Priorities?]( Amid the noise of new solutions and buzzwords, understanding the balance between securing infrastructure and implementing runtime security is key to crafting an effective cloud strategy. [Gov't, Judicial IT Systems Beset by Access Control Bugs]( Poor permission controls and user input validation is endemic to the platforms that protect Americans' legal, medical, and voter data. [MORE]( PRODUCTS & RELEASES [Kevin Mandia Joins Expel's Board of Directors]( [Apono Raises $15.5M Series A Funding for AI-driven, Least Privilege Solution Set]( [Palo Alto Networks and Deloitte Expand Strategic Alliance Globally]( [Darktrace Announces Formal Completion of its Acquisition by Thoma Bravo]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Zimbra RCE Vuln Under Attack Needs Immediate Patching]( The bug gives attackers a way to run arbitrary code on affected servers and take control of them. LATEST FROM THE EDGE [NSA Releases 6 Principles of OT Cybersecurity]( Organizations can use this guide to make decisions about designing, implementing, and managing OT environments to ensure they are both safe and secure, as well as to enable business continuity for critical services. LATEST FROM DR TECHNOLOGY [4 Ways to Fight AI-Based Fraud]( Generative AI is being used to make cyberscams more believable. Here's how organizations can counter that using newly emerging tools and reliable methods. LATEST FROM DR GLOBAL [UAE, Saudi Arabia Become Plum Cyberattack Targets]( Hacktivism-related DDoS attacks have risen 70% in the region, most often targeting the public sector, while stolen data and access offers dominate the Dark Web. WEBINARS - [Simplify Data Security with Automation]( - [Harnessing the Power of Automation to Boost Enterprise Cybersecurity]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [Insider Risk Programs: 3 Truths and a Lie]( - [IDC White Paper: The Peril and Promise of Generative AI in Application Security]( - [The State of Asset Security: Uncovering Alarming Gaps & Unexpected Exposures]( - [Evolve Your Ransomware Defense]( - [The ROI of RevealX Against Ransomware]( - [RevealX Catches Ransomware Within Days of Deployment at WCH]( - [How to Use Threat Intelligence to Mitigate Third-Party Risk]( [View More White Papers >>]( FEATURED REPORTS - [Managing Third-Party Risk Through Situational Awareness]( - [2024 InformationWeek US IT Salary Report]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=126082&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_10.03.24&sp_cid=55291&utm_content=DR_NL_Dark%20Reading%20Daily_10.03.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#44 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)