China Infiltrates US Critical Infrastructure in Ramp-up to Conflict

Threat actors linked to the People's Republic of China, such as Volt Typhoon, continue to "pre-position" themselves in the critical infrastructure of the United States, according to military and law enforcement officials. [TechWeb]( Follow Dark Reading: [RSS]( February 02, 2024 LATEST SECURITY NEWS & COMMENTARY [China Infiltrates US Critical Infrastructure in Ramp-up to Conflict]( Threat actors linked to the People's Republic of China, such as Volt Typhoon, continue to "pre-position" themselves in the critical infrastructure of the United States, according to military and law enforcement officials. [Cloudflare Falls Victim to Okta Breach, Atlassian Systems Cracked]( The cyberattackers, believed to be state sponsored, didn't get far into Cloudflare's global network, but not for lack of trying. [CISA Orders Ivanti VPN Appliances Disconnected: What to Do]( US federal agencies have to disconnect, rebuild, and reconfigure all Ivanti Connect Secure and Policy Secure VPN appliances. This Tech Tip lists all the steps that need to happen. [FritzFrog Botnet Exploits Log4Shell on Overlooked Internal Hosts]( Everyone knows to patch vulnerabilities for Internet-facing assets, but what about internal ones? One botnet is counting on your complacency. [Ukraine Military Targeted With Russian APT PowerShell Attack]( The attack, associated with Shuckworm, employs TTPs observed in prior campaigns against the Ukrainian military, predominantly using PowerShell. ['Commando Cat' Is Second Campaign of the Year Targeting Docker]( The threat actor behind the campaign is still unknown, but it shares some similarities with other cyptojacking groups. [3 ISIS Members Slapped With Sanctions From US Treasury]( New sanctions aim to disrupt their cyber and financial operations. [CMMC Is the Starting Line, Not the Finish]( Cybersecurity Maturity Model Certification (CMMC) and a harden, detect, and respond mindset are key to protecting defense and critical infrastructure companies. [The Imperative for Robust Security Design in the Health Industry]( It is imperative that healthcare and health-tech companies move beyond reactive measures and adopt a proactive stance in safeguarding sensitive patient information. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Fulton County Suffers Power Outages as Cyberattack Continues]( County services have come to a halt and are not expected to resume until next week; no threat actor has yet been identified. [Recognizing Security as a Strategic Component of Business]( In today's environments, security can be a revenue enabler, not just a cost center. Organizations should take advantage of the opportunities. ['Leaky Vessels' Cloud Bugs Allow Container Escapes Globally]( The four security vulnerabilities are found in Docker and beyond, and one affecting runC affects essentially every cloud-native developer worldwide. [Top 3 Data Breaches of 2023, and What Lies Ahead in 2024]( Take a look at last year's most impactful data breaches and what companies can do to protect themselves going forward. [MORE]( PRODUCTS & RELEASES [ProcessUnity Introduces Industry's All-In-One Third-Party Risk Management Platform]( [Kaspersky's ICS CERT Predictions for 2024: Ransomware Rampage, Cosmopolitical Hacktivism, and Beyond]( [New NCCoE Guide Helps Major Industries Observe Incoming Data While Using Latest Internet Security Protocol]( [Delinea Research Reveals that Ransomware Is Back on the Rise As Cybercriminals' Motivation Shifts to Data Exfiltration]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [More Ivanti VPN Zero-Days Fuel Attack Frenzy as Patches Finally Roll]( Both China-backed APTs and ordinary cyberattackers have seized on a pair of Ivanti VPN bugs for global exploitation. LATEST FROM THE EDGE [Time to Secure Cloud-Native Apps Is Now]( While the challenges and risks associated with securing cloud-native environments are significant, with the right security measures and a focus on cybersecurity basics, organizations can effectively secure their cloud-native systems and development pipelines. LATEST FROM DR TECHNOLOGY [CISA Orders Ivanti VPN Appliances Disconnected: What to Do]( US federal agencies have to disconnect, rebuild, and reconfigure all Ivanti Connect Secure and Policy Secure VPN appliances. This Tech Tip lists all the steps that need to happen. LATEST FROM DR GLOBAL [Saudi Arabia Debuts 'Generative AI for All' Program]( The initiative is aimed at promoting policy, ethics, and expansion of AI in the country. WEBINARS - [Making Sense of Security Operations Data]( - [Top Cloud Security Threats Targeting Enterprises]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [SANS ICS/OT Cybersecurity Survey: 2023's Challenges and Tomorrow's Defenses]( - [Threat Terrain of the Modern Factory: Survey of Programmable Assets and Robot Software]( - [IT Zero Trust vs. OT Zero Trust: It's all about Availability]( - [2023 Snyk AI-Generated Code Security Report]( - [Migrations Playbook for Saving Money with Snyk + AWS]( - [Buyer's Guide: Choosing a True DevSecOps Solution for Your Apps on AWS]( - [2023 Software Supply Chain Attack Report]( [View More White Papers >>]( FEATURED REPORTS - [Passwords Are Passe: Next Gen Authentication Addresses Today's Threats]( - [The State of Supply Chain Threats]( - [How to Deploy Zero Trust for Remote Workforce Security]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=120983&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_02.02.24&sp_cid=51771&utm_content=DR_NL_Dark%20Reading%20Daily_02.02.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#15 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)