Cybersecurity in a Race to Unmask a New Wave of AI-Borne Deepfakes
Kevin Mandia, CEO of Mandiant at Google Cloud, calls for content "watermarks" as the industry braces for a barrage of mind-bending AI-generated fake audio and video traffic.
https://www.darkreading.com/threat-intelligence/cybersecurity-in-a-race-to-unmask-a-new-wave-of-ai-borne-deepfakes
Dark Reading
npub1l8jja0522xuslk4vcu67sgkkac6cmyw66sr8druq4ajxkly967tsgw3gsu@nost.vip
npub1l8jj...3gsu
Dark Reading: Connecting the Information and Security Community
CISA Courts Private Sector to Get Behind CIRCIA Reporting Rules
New regulations will require the private sector to turn over incident data to CISA within three days or face enforcement. Here's how the agency is presenting this as a benefit to the entire private se...
https://www.darkreading.com/cybersecurity-operations/cisa-courts-private-sector-to-get-behind-circia-reporting-rules
'The Mask' Espionage Group Resurfaces After 10-Year Hiatus
Researchers recently spotted the Spanish-speaking threat actor — with nearly 400 previous victims under its belt — in a new campaign in Latin America and Central Africa.
https://www.darkreading.com/cyberattacks-data-breaches/-the-mask-espionage-group-resurfaces-after-10-year-hiatus
2 (or 5) Bugs in F5 Asset Manager Allow Full Takeover, Hidden Accounts
F5 customers should patch immediately, though even that won't protect them from every problem with their networked devices.
https://www.darkreading.com/application-security/2-or-5-bugs-in-f5-asset-manager-allow-full-takeover-hidden-accounts
CyberProof Announces Strategic Partnership With Google Cloud
https://www.darkreading.com/cloud-security/cyberproof-announces-strategic-partnership-with-google-cloud
87% of DDoS Attacks Targeted Windows OS Devices in 2023
https://www.darkreading.com/cyberattacks-data-breaches/87-of-ddos-attacks-targeted-windows-os-devices-in-2023
Aggressive Cloud-Security Player Wiz Scores $1B in Funding Round
The latest round of investment prices the fast-growing cloud native application protection platform (CNAPP) at $12 billion with a simple mandate: Grow quickly through acquisition.
https://www.darkreading.com/cloud-security/aggressive-cloud-security-player-wiz-scores-1-billion-in-funding-round
LockBit Claims Wichita as Its Victim 2 Days After Ransomware Attack
The city is still investigating the attack, and neither the group nor city officials have offered details about the ransomware demands.
https://www.darkreading.com/cyberattacks-data-breaches/lockbit-claims-wichita-as-its-victim-two-days-after-ransomware-attack
Vast Network of Fake Web Shops Defrauds 850,000 & Counting
China-based cybercriminal group "BogusBazaar" created tens of thousands of fraudulent online stores based on expired domains to steal payment credentials.
https://www.darkreading.com/cyberattacks-data-breaches/fake-web-shops-defraud-850000
Tech Companies Promise Secure by Design Products
Over 60 companies sign the secure by design pledge from CISA to consider security from the design phase and throughout the product lifecycle.
https://www.darkreading.com/endpoint-security/tech-companies-promise-secure-by-design-products
How Government Agencies Can Leverage Grants to Shore Up Cybersecurity
With the help of grant funding, agencies and organizations can better defend themselves and their constituents.
https://www.darkreading.com/cyberattacks-data-breaches/how-government-agencies-can-leverage-grants-to-shore-up-cybersecurity
Token Security Launches Machine-Centric IAM Platform
Instead of building a list of users and identifying what systems each use can access, Token Security starts with a list of machines and determining who can access each system.
https://www.darkreading.com/identity-access-management-security/token-security-launches-machine-centric-iam-platform
UK Military Data Breach a Reminder of Third-Party Risk in Defense Sector
An attacker accessed personal information of over 225,000 active, reserve, and former UK military members from third-party payroll processing system.
https://www.darkreading.com/cyberattacks-data-breaches/breach-of-uk-military-personnel-data-a-reminder-of-third-party-risk-in-defense-sector
3-Year Iranian Influence Op Preys on Divides in Israeli Society
Iran follows in Russia's disinformation footsteps but with a different, more economical, and potentially higher-impact model.
https://www.darkreading.com/threat-intelligence/three-year-iranian-influence-op-preys-divides-israeli-society
Netcraft Announces New AI-Powered Innovations to Disrupt and Expose Criminal Financial Infrastructure
https://www.darkreading.com/vulnerabilities-threats/netcraft-announces-new-ai-powered-innovations-to-disrupt-and-expose-criminal-financial-infrastructure
Cyolo Partners With Dragos to Unveil Holistic Secure Remote Access Solution for Critical Infrastructure
https://www.darkreading.com/cybersecurity-operations/cyolo-partners-with-dragos-to-unveil-holistic-secure-remote-access-solution-for-critical-infrastructure
runZero Research Explores Unexpected Exposures in Enterprise Infrastructure
https://www.darkreading.com/threat-intelligence/runzero-research-explores-unexpected-exposures-in-enterprise-infrastructure
CISOs Are Worried About Their Jobs & Dissatisfied With Their Incomes
The research shows a significant drop in the number of tech CISOs that got a base salary increase in the past year — roughly 18% year-over-year.
https://www.darkreading.com/cybersecurity-operations/cisos-are-worried-about-their-jobs-and-dissatisfied-with-their-incomes
Critical Bug Could Open 50K+ Tinyproxy Servers to DoS, RCE
Patch now: CVE-2023-49606 in the open source, small-footprint proxy server can potentially lead to remote code execution.
https://www.darkreading.com/cloud-security/critical-bug-50k-tinyproxy-servers-dos-rce
Security Teams & SREs Want the Same Thing: Let's Make It Happen
Site reliability engineers (SREs) and security teams are more powerful when they work together, and being able to combine our efforts can make or break our teams' experiences and outputs.
https://www.darkreading.com/cybersecurity-operations/security-teams-sres-want-same-thing-lets-make-it-happen