CISA Issues Emergency Directive After Midnight Blizzard Microsoft Hits

Though Federal Civilian Executive Branch (FCEB) agencies are the primary targets, CISA encourages all organizations to up their security, given the high risk. [TechWeb]( Follow Dark Reading: [RSS]( April 15, 2024 LATEST SECURITY NEWS & COMMENTARY [CISA Issues Emergency Directive After Midnight Blizzard Microsoft Hits]( Though Federal Civilian Executive Branch (FCEB) agencies are the primary targets, CISA encourages all organizations to up their security, given the high risk. [CISO Corner: Securing the AI Supply Chain; AI-Powered Security Platforms; Fighting for Cyber Awareness]( Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: facing hard truths in software security, and the latest guidance from the NSA. [CISA's Malware Analysis Platform Could Foster Better Threat Intel]( But just how the government differentiates its platform from similar private-sector options remains to be seen. [Critical Infrastructure Security: Observations From the Front Lines]( Attacks on critical infrastructure are ramping up — but organizations now have the knowledge and tools needed to defend against them. [(Sponsored Article) See Your Attack Surface as Threat Actors Do With EASM and CNAPP]( Layering external attack surface management with a cloud-native application protection platform gives visibility into unknown vulnerabilities. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Sisense Password Breach Triggers 'Ominous' CISA Warning]( With stores of mega-corporate business intelligence, a Sisense compromise could potentially mushroom into supply chain cyberattack disaster, experts fear. [Why MLBOMs Are Useful for Securing the AI/ML Supply Chain]( A machine learning bill of materials (MLBOM) framework can bring transparency, auditability, control, and forensic insight into AI and ML supply chains. [Critical Rust Flaw Poses Exploit Threat in Specific Windows Use Cases]( Project behind the Rust programming language asserted that any calls to a specific API would be made safe, even with unsafe inputs, but researchers found ways to circumvent the protections. [How Nation-State DDoS Attacks Impact Us All]( Global organizations and geopolitical entities must adopt new strategies to combat the growing sophistication in attacks that parallel the complexities of our new geopolitical reality. [MORE]( PRODUCTS & RELEASES [Knostic Raises $3.3M for Enterprise GenAI Access Control]( [Cohesity Extends Collaboration to Strengthen Cyber Resilience With IBM Investment in Cohesity]( [National Security Agency Announces Dave Luber As Director of Cybersecurity]( [MedSec Launches Cybersecurity Program For Resource-Constrained Hospitals]( [Wiz Acquires Gem Security to Expand Cloud Detection and Response Offering]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [DPRK Exploits 2 MITRE Sub-Techniques: Phantom DLL Hijacking, TCC Abuse]( North Korean hackers break ground with new exploitation techniques for Windows and macOS. LATEST FROM THE EDGE [How Do We Integrate LLMs Security Into Application Development?]( Large language models require rethinking how to bake security into the software development process earlier. LATEST FROM DR TECHNOLOGY [The Race for AI-Powered Security Platforms Heats Up]( Microsoft, Google, and Simbian each offers generative AI systems that allow security operations teams to use natural language to automate cybersecurity tasks. LATEST FROM DR GLOBAL [Japan, Philippines & US Forge Cyber Threat Intel-Sharing Alliance]( Following the Volt Typhoon attacks on critical infrastructure in the region by China, the US reportedly will share cybersecurity threat information with both countries. WEBINARS - [The fuel in the new AI race: Data]( - [Defending Against Today's Threat Landscape with MDR]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [Application Security's New Mandate in a DevOps World]( - [Making Sense of Your Security Data: The 6 Hardest Problems]( - [Use the 2023 MITRE ATT&CK Evaluation Results for Turla to Inform EDR Buying Decisions]( - [FortiSASE Customer Success Stories - The Benefits of Single Vendor SASE]( - [Fortinet Named a Leader in the Forrester Wave: Zero Trust Edge (ZTE) Solutions]( - [2023 Gartner Magic Quadrant for Single-Vendor SASE]( - [Zero Trust Access For Dummies, 2nd Fortinet Special Edition]( [View More White Papers >>]( FEATURED REPORTS - [Industrial Networks in the Age of Digitalization]( - [Zero-Trust Adoption Driven by Data Protection]( - [How Enterprises Assess Their Cyber-Risk]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=122820&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_04.15.24&sp_cid=53009&utm_content=DR_NL_Dark%20Reading%20Daily_04.15.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#17 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)