In a joint alert with the FBI, CISA seeks to tamp down the pervasiveness of a well-known class of bugs. [TechWeb]( Follow Dark Reading:
[RSS](
March 26, 2024 LATEST SECURITY NEWS & COMMENTARY [CISA Seeks to Curtail 'Unforgivable' SQL Injection Defects](
In a joint alert with the FBI, CISA seeks to tamp down the pervasiveness of a well-known class of bugs.
[Dubious NuGet Package May Portend Chinese Industrial Espionage](
A .NET package available for download right now is either a stealthy industrial systems backdoor or nothing at all.
[Chinese State-Sponsored Hackers Charged, Sanctions Levied by US](
The US and the UK charge seven Chinese nationals for operating as part of threat group APT31.
[UN Adopts Resolution for 'Secure, Trustworthy' AI](
Countries around the world are signaling support of secure AI practices, but not necessarily committing to them.
[Mitigating Third-Party Risk Requires a Collaborative, Thorough Approach](
The issue can seem daunting, but most organizations have more agency and flexibility to deal with third-party risk than they think.
[(Sponsored Article) What SolarWinds Means for DevSecOps](
The SEC's SolarWinds indictment plus its new four-day rule for disclosing cybersecurity incidents have serious implications for DevSecOps teams. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Russian APT Releases More Deadly Variant of AcidRain Wiper Malware]( New AcidPour variant can attack a significantly broader range of targets including IoT devices, storage area networks, and handhelds.
[Cyber Warfare: Understanding New Frontiers in Global Conflicts]( An arms race is developing between those using technology to target adversaries and those using it prevent attacks from succeeding.
[Why AI Obituary Scams Are a Cyber-Risk for Businesses]( Scammers now use AI to instantly whip up SEO-friendly bereavement scams, and it's never been easier to swindle mourners or use them to get to their employers.
[Connectivity Standards Alliance Meets Device Security Challenges With a Unified Standard and Certification]( The new IoT Device Security Specification 1.0, with accompanying certification, aims to offer a unified industry standard and increase consumer awareness. [MORE]( PRODUCTS & RELEASES [Akamai Research Finds 29% of Web Attacks Target APIs]( [Kaspersky Identifies Three New Android Malware Threats]( [Saudi Arabia's National Cybersecurity Authority Announces the GCF Annual Meeting 2024]( [Expel Releases Updated Toolkit in Response to NIST 2.0](
[MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [GitHub Developers Hit in Complex Supply Chain Cyberattack](
The attacker employed various techniques, including distributing malicious dependencies via a fake Python infrastructure linked to GitHub projects. LATEST FROM THE EDGE [It's Time to Stop Measuring Security in Absolutes](
All-or-nothing security policies strain resources by aiming for perfection. We need a better way to assess progress. LATEST FROM DR TECHNOLOGY [A Database-Oriented Operating System Wants to Shake Up Cloud Security](
The operating system, DBOS, natively uses a relational database to reduce cost, ease application development, and maintain cybersecurity and integrity. LATEST FROM DR GLOBAL [Africa Tackles Online Disinformation Campaigns During Major Election Year](
Cyber-disinformation campaigns targeting Africa have taken off in 2024, as 18 nations prepare to hold elections, and cybersecurity efforts are key to taming the threat. WEBINARS - [Defending Against Today's Threat Landscape with MDR](
- [Building a Modern Endpoint Strategy for 2024 and Beyond]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [Stopping Active Adversaries: Lessons from the Cyber Frontline](
- [Endpoint Best Practices to Block Ransomware](
- [Fortinet Named a Leader in the Forrester Wave: Zero Trust Edge (ZTE) Solutions](
- [Zero Trust Access For Dummies, 2nd Fortinet Special Edition](
- [Threat Intelligence: Data, People and Processes](
- [Global Perspectives on Threat Intelligence](
- [Mandiant Threat Intelligence at Penn State Health]( [View More White Papers >>]( FEATURED REPORTS - [Industrial Networks in the Age of Digitalization](
- [Zero-Trust Adoption Driven by Data Protection](
- [How Enterprises Assess Their Cyber-Risk]( [View More Dark Reading Reports >>]( Dark Reading Daily
-- Published By [Dark Reading](
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.](
Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com)
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=122373&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_03.26.24&sp_cid=52706&utm_content=DR_NL_Dark%20Reading%20Daily_03.26.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#46
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)