Patch Now: Up to 900K MikroTik Routers Vulnerable to Total Takeover

Researchers have delivered working exploits for RouterOS, which when combined with default admin passwords can be a recipe for cyber disaster. [TechWeb]( Follow Dark Reading: [RSS]( July 26, 2023 LATEST SECURITY NEWS & COMMENTARY [Patch Now: Up to 900K MikroTik Routers Vulnerable to Total Takeover]( Researchers have delivered working exploits for RouterOS, which when combined with default admin passwords can be a recipe for cyber disaster. [ChatGPT, Other Generative AI Apps Prone to Compromise, Manipulation]( Researchers find artificial intelligence applications that use large language models could be compromised by attackers using natural language to dupe users. ['FraudGPT' Malicious Chatbot Now for Sale on Dark Web]( The subscription-based, generative AI-driven offering joins a growing trend toward "generative AI jailbreaking" to create ChatGPT copycat tools for cyberattacks. [Zero-Day Vulnerabilities Discovered in Global Emergency Services Communications Protocol]( Weak encryption algorithms leave radio communications open to attack and abuse. [Cybercrime as a Public Health Crisis]( The impact of fraud on a victim's health and well-being can be more painful than the financial loss. [Beyond ChatGPT: Organizations Must Protect Themselves Against the Power of AI]( Artificial intelligence-powered threats are already affecting businesses, schools, hospitals, and individuals, and it will only get worse as AI advances. [(Sponsored Article) Architecting XDR to Save Money and Your SOC's Sanity]( XDR can lower platform costs and improve detection, but it requires committing to a few principles that go against the established way of thinking about SOC. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Microsoft 365 Breach Risk Widens to Millions of Azure AD Apps]( China-linked APT actors could have single-hop access to the gamut of Microsoft cloud services and apps, including SharePoint, Teams, and OneDrive, among many others. [Designing a Security Strategy for Defending Multicloud Architectures]( Complex security issues arise when different clouds and computing models interact. [Electrical Grid Stability Relies on Balancing Digital Substation Security]( Because digital substations are critical elements of electrical systems, they are a prime target for sophisticated cyberattacks. [MORE]( EDITORS' CHOICE [10 Free Purple Team Security Tools to Check Out]( Check out the curated list of cool tools and platforms for both offensive security experts and defenders which will be released or demoed at Black Hat USA 2023. LATEST FROM DR TECHNOLOGY [Black Hat Offers Pen-Testing Certification Exam]( The new independent exam track at Black Hat USA will feature an opportunity for attendees to take a practical exam to be certified in penetration testing. LATEST FROM THE EDGE [Kevin Mandia Brings the HammerCon]( US Air Force veteran and Mandiant CEO discussed dwell time and state-sponsored attacks at the Military Cyber Professionals Association's HammerCon conference. LATEST FROM DR GLOBAL [Ivanti Zero-Day Exploit Disrupts Norway's Government Services]( Cyberattackers have used a zero-day exploit to compromise up to 12 Norwegian government departments. WEBINARS - [Where and When Automation Makes Sense For Enterprise Cybersecurity]( A shortage of skilled IT security professionals has made it tempting to try to automate everything. But security teams have to be able to determine which tasks are safe to automate. How does emerging automation technology work, and how can ... - [Finding a Backup Strategy That Works For You]( You've been hit with a ransomware, DDoS, natural disaster, or destructive cyberattack. One of the first questions: can we get our data back? Good back-ups are key to business continuity and disaster recovery, but backing up your data in preparation ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [The Ultimate Guide to the CISSP]( - [Rediscovering Your Identity]( - [2023 Global Future of Cyber Report]( - [Cybersecurity in a post pandemic world: A focus on financial services]( - [Cybersecurity in 2023 and beyond: 12 leaders share their forecasts]( - [Know your customer: Enable a 360-degree view with customer identity & access management]( [View More White Papers >>]( FEATURED REPORTS - [How to Use Threat Intelligence to Mitigate Third-Party Risk]( The report discusses the various steps of a continuous third-party intelligence lifecycle: Data collection, Data classification, Data storage, Data analysis, reporting, dissemination, continuous monitoring, data governance, and choosing the right technology stack. The report also includes information about how attackers ... - [Everything You Need to Know About DNS Attacks]( - [The 10 Most Impactful Types of Vulnerabilities for Enterprises Today]( The enterprise attack surface is constantly expanding. Enterprises have to think beyond zero day vulnerabilities. It's imperative security teams start looking at vulnerabilities in 5G, firmware, edge, and ICS/OT, among others. Managing system vulnerabilities is one of the old ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [KnowBe4 Phishing Test Results Reveal Half of Top Malicious Email Subjects Are HR Related]( [50% of Zero Trust Programs Risk Failure According to PlainID Survey]( [Managing Human Risk: Discoveries From SANS 2023 Security Awareness Report]( [CISOs Connect Launches the 2023 CISO Choice Awards]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [How to Use Threat Intelligence to Mitigate Third-Party Risk]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=117486&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_07.26.23&sp_cid=49298&utm_content=DR_NL_Dark%20Reading%20Daily_07.26.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#0c If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)