FBI Director Wray Issues Dire Warning on China's Cybersecurity Threat

Chinese actors are ready and poised to do "devastating" damage to key US infrastructure services if needed, he said. [TechWeb]( Follow Dark Reading: [RSS]( April 22, 2024 LATEST SECURITY NEWS & COMMENTARY [FBI Director Wray Issues Dire Warning on China's Cybersecurity Threat]( Chinese actors are ready and poised to do "devastating" damage to key US infrastructure services if needed, he said. [Multiple LastPass Users Lose Master Passwords to Ultra-Convincing Scam]( CryptoChameleon attackers trade quantity for quality, dedicating time and resources to trick even the most diligent user into handing over their high-value credentials. [UNDP, City of Copenhagen Targeted in Data-Extortion Cyberattack]( A ransomware gang claimed responsibility for the attack, though it is unknown if a ransom was demanded or paid. [CISO Corner: Breaking Staff Burnout, GPT-4 Exploits, Rebalancing NIST]( SecOps highlights this week include the executive role in "cyber readiness;" Cisco's Hypershield promise; and Middle East cyber ops heat up. [AI Lowers Barrier for Cyber-Adversary Manipulation in 2024 Election]( Securing the presidential election requires vigilance and hardened cybersecurity defenses. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Cisco Warns of Massive Surge in Password-Spraying Attacks on VPNs]( Attackers are indiscriminately targeting VPNs from Cisco and several other vendors in what may be a reconnaissance effort, the vendor says. [Rebalancing NIST: Why 'Recovery' Can't Stand Alone]( The missing ingredient in NIST's newest cybersecurity framework? Recovery. [ICS Network Controllers Open to Remote Exploit, No Patches Available]( CISA advisory warns of critical ICS device flaws, but a lack of available fixes leaves network administrators on defense to prevent exploits. [Evil XDR: Researcher Turns Palo Alto Software Into Perfect Malware]( It turns out that a powerful security solution can double as even more powerful malware, capable of granting comprehensive access over a targeted machine. [MORE]( PRODUCTS & RELEASES [Miggo Launches Application Detection and Response (ADR) Solution]( [Auburn's McCrary Institute and Oak Ridge National Laboratory to Partner on Regional Cybersecurity Center]( [Redgate Launches Enterprise Edition of Redgate Monitor]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [GPT-4 Can Exploit Most Vulns Just by Reading Threat Advisories]( Existing AI technology can allow hackers to automate exploits for public vulnerabilities in minutes flat. Very soon, diligent patching will no longer be optional. LATEST FROM THE EDGE [Rethinking How You Work With Detection and Response Metrics]( Airbnb's Allyn Stott recommends adding the Human Maturity Model (HMM) and the SABRE framework to complement MITRE ATT&CK to improve security metrics analysis. LATEST FROM DR TECHNOLOGY [Cisco's Complex Road to Deliver on Its Hypershield Promise]( The tech giant tosses together a word salad of today's business drivers — AI, cloud-native, digital twins — and describes a comprehensive security strategy for the future, but can the company build the promised platform? LATEST FROM DR GLOBAL [Israeli Defense Forces Hold Hybrid Cyber & Military Readiness Drills]( Israel prepares for a response to Iran's April 14 drone and missile attack. WEBINARS - [Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks]( - [ Key Findings from the State of AppSec Report 2024]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [Application Security's New Mandate in a DevOps World]( - [Making Sense of Your Security Data: The 6 Hardest Problems]( - [The State of Incident Response]( - [Understanding Today's Threat Actors]( - [Use the 2023 MITRE ATT&CK Evaluation Results for Turla to Inform EDR Buying Decisions]( - [Demystifying Zero Trust in OT]( - [Secure Access for Operational Technology at Scale]( [View More White Papers >>]( FEATURED REPORTS - [Industrial Networks in the Age of Digitalization]( - [Zero-Trust Adoption Driven by Data Protection]( - [How Enterprises Assess Their Cyber-Risk]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=122990&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_04.22.24&sp_cid=53137&utm_content=DR_NL_Dark%20Reading%20Daily_04.22.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#ec If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)