Russian state-sponsored threat actor Nobelium used a basic password-spray attack to breach Microsoft corporate email accounts, including for execs. [TechWeb]( Follow Dark Reading:
[RSS](
January 23, 2024 LATEST SECURITY NEWS & COMMENTARY [Microsoft Falls Victim to Russia-Backed 'Midnight Blizzard' Cyberattack](
Russian state-sponsored threat actor Nobelium used a basic password-spray attack to breach Microsoft corporate email accounts, including for execs.
[Godzilla Web Shell Attacks Stomp on Critical Apache ActiveMQ Flaw](
Thousands of vulnerable servers may be open to cyberattacks exploiting the max-severity CVE-2023-46604 bug.
[Chinese Spies Exploited Critical VMware Bug for Nearly 2 Years](
Even the most careful VMware customers may need to go back and double check that they weren't compromised by a zero-day exploit for CVE-2023-34048.
[German IT Consultant Fined Thousands for Reporting Security Failing](
The company, Modern Solutions, had misconfigured a cloud database, but argues the contractor could only have found the password through insider knowledge.
[North Korea's ScarCruft Attackers Gear Up to Target Cybersecurity Pros](
Based on fresh infection routines the APT is testing, it's looking to harvest threat intelligence in order to improve operational security and stealth.
[Survey Shows a Surge in (Artificial) Intelligence](
A new Omdia survey shows a rapid increase in generative AI adoption for security
[Battling Misinformation During Election Season](
Dissemination of false information, often with the intent to deceive, has become a pervasive issue amplified by artificial intelligence (AI) tools.
[(Sponsored Article) How to Protect Critical Infrastructure Access](
Compliance and cybersecurity insurance force you to address standing privilege risks. Use identity and privilege management to do so. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Ransomware Actor Uses TeamViewer to Gain Initial Access to Networks]( Attackers have increasingly leveraged the widely used remote access tool, installed on hundreds of millions of endpoints, to break into victim environments.
[Massive Data Breach at VF Hits 35M Vans, Retail Customers]( A month on from a retail conglomerate's data breach, it's still not clear exactly what the hackers stole, but impacted brands include Dickies, Northface, Timberland, Vans, and more.
[CISA's Road Map: Charting a Course for Trustworthy AI Development]( The agency aims to build a more robust cybersecurity posture for the nation.
[Name That Toon: Cast Adrift]( Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. [MORE]( PRODUCTS & RELEASES [National Cybersecurity Alliance Announces 2024 Data Privacy Week]( [Amy Farrow Joins Infoblox As Chief Information Officer]( [F5 Welcomes Samir Sherif As New Chief Information Security Officer](
[MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Third Ivanti Vulnerability Exploited in the Wild, CISA Reports](
Though reports say this latest Ivanti bug is being exploited, it's unclear exactly how threat actors are using it. LATEST FROM THE EDGE [Lock Down the Software Supply Chain With 'Secure by Design'](
As zero days and complex networks create gaps for cyberattacks, software developers and agencies, such as CISA, look to the concept for building in defenses. LATEST FROM DR TECHNOLOGY [Zero Trust, AI, Capital Markets Drive Consolidation in Cloud Security](
Companies that quickly shifted to cloud-native operations are looking for greater visibility and protection â and AI benefits â while an uncertain economic future has venture capitalists looking toward safety. LATEST FROM DR GLOBAL [Israel, Czech Republic Reinforce Cyber Partnership Amid Hamas War](
The agreement to enable future sharing of information and experience is part of a spate of inter-country threat intelligence agreements that Israel is signing, as war-related attacks ramp up. WEBINARS - [DevSecOps: The Smart Way to Shift Left](
- [Tips for Managing Cloud Security in a Hybrid Environment]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [SANS ICS/OT Cybersecurity Survey: 2023's Challenges and Tomorrow's Defenses](
- [The OT Zero Trust Handbook: Implementing the 4 Cornerstones of OT Security](
- [2023 Snyk AI-Generated Code Security Report](
- [Buyer's Guide: Choosing a True DevSecOps Solution for Your Apps on AWS](
- [2023 Software Supply Chain Attack Report](
- [Increase Speed and Accuracy with AI Driven Static Analysis Auditing](
- [The Need for a Software Bill of Materials]( [View More White Papers >>]( FEATURED REPORTS - [The State of Supply Chain Threats](
- [How to Deploy Zero Trust for Remote Workforce Security](
- [How to Use Threat Intelligence to Mitigate Third-Party Risk]( The report discusses the various steps of a continuous third-party intelligence lifecycle: Data collection, Data classification, Data storage, Data analysis, reporting, dissemination, continuous monitoring, data governance, and choosing the right technology stack. The report also includes information about how attackers ... [View More Dark Reading Reports >>]( Dark Reading Daily
-- Published By [Dark Reading](
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.](
Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com)
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=120644&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_01.23.24&sp_cid=51555&utm_content=DR_NL_Dark%20Reading%20Daily_01.23.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#1d
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)