MITRE ATT&CKED: InfoSec's Most Trusted Name Falls to Ivanti Bugs | Nations Mandate Certification of Cybersecurity Pros

The irony is lost on few, as a nation-state threat actor used eight MITRE techniques to breach MITRE itself — including exploiting the Ivanti bugs that attackers have been swarming on for months. [TechWeb]( Follow Dark Reading: [RSS]( April 25, 2024 LATEST SECURITY NEWS & COMMENTARY [MITRE ATT&CKED: InfoSec's Most Trusted Name Falls to Ivanti Bugs]( The irony is lost on few, as a nation-state threat actor used eight MITRE techniques to breach MITRE itself — including exploiting the Ivanti bugs that attackers have been swarming on for months. [Licensed to Bill? Nations Mandate Certification & Licensure of Cybersecurity Pros]( Malaysia, Singapore, and Ghana are among the first countries to pass laws that require cybersecurity firms — and in some cases, individual consultants — to obtain licenses to do business, but concerns remain. [Hackers Create Legit Phishing Links With Ghost GitHub, GitLab Comments]( An utterly innocuous feature in popular Git CDNs allows anyone to conceal malware behind brand names, without those brands being any the wiser. [Evil XDR: Researcher Turns Palo Alto Software Into Perfect Malware]( It turns out that a powerful security solution can double as even more powerful malware, capable of granting comprehensive access over a targeted machine. [FBI Director Wray Issues Dire Warning on China's Cybersecurity Threat]( Chinese actors are ready and poised to do "devastating" damage to key US infrastructure services if needed, he said. [GPT-4 Can Exploit Most Vulns Just by Reading Threat Advisories]( Existing AI technology can allow hackers to automate exploits for public vulnerabilities in minutes flat. Very soon, diligent patching will no longer be optional. [Rebalancing NIST: Why 'Recovery' Can't Stand Alone]( The missing ingredient in NIST's newest cybersecurity framework? Recovery. ['MagicDot' Windows Weakness Allows Unprivileged Rootkit Activity]( Malformed DOS paths in file-naming nomenclature in Windows could be used to conceal malicious content, files, and processes. [Cyberattack Takes Frontier Communications Offline]( The local phone and business communications company said that attackers accessed unspecified PII, after infiltrating its internal networks. [Lessons for CISOs From OWASP's LLM Top 10]( It's time to start regulating LLMs to ensure they're accurately trained and ready to handle business deals that could affect the bottom line. [2023: A 'Good' Year for OT Cyberattacks]( Attacks increased by "only" 19% last year. But that number is expected to grow significently. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Name That Toon: Last Line of Defense]( Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. [AI Lowers Barrier for Cyber-Adversary Manipulation in 2024 Election]( Securing the presidential election requires vigilance and hardened cybersecurity defenses. [Where Hackers Find Your Weak Spots]( The five intelligence sources that power social engineering scams. [MORE]( PRODUCTS & RELEASES [KnowBe4 to Acquire Egress]( [Black Girls Do Engineer Signs Education Partnership Agreement With NSA]( [CompTIA Supports Department of Defense Efforts to Strengthen Cyber Knowledge and Skills]( [Miggo Launches Application Detection and Response (ADR) Solution]( [Auburn's McCrary Institute and Oak Ridge National Laboratory to Partner on Regional Cybersecurity Center]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Patch Now: CrushFTP Zero-Day Cloud Exploit Targets US Orgs]( An exploit for the vulnerability allows unauthenticated attackers to escape a virtual file system sandbox to download system files and potentially achieve RCE. LATEST FROM THE EDGE [5 Hard Truths About the State of Cloud Security 2024]( Dark Reading talks cloud security with John Kindervag, the godfather of zero trust. LATEST FROM DR TECHNOLOGY [Cisco's Complex Road to Deliver on Its Hypershield Promise]( The tech giant tosses together a word salad of today's business drivers — AI, cloud-native, digital twins — and describes a comprehensive security strategy for the future, but can the company build the promised platform? LATEST FROM DR GLOBAL [North Korea APT Triumvirate Spied on South Korean Defense Industry For Years]( Lazarus, Kimsuky, and Andariel all got in on the action, stealing "important" data from firms responsible for defending their southern neighbors (from them). WEBINARS - [Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks]( - [Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [How Enterprises Secure Their Applications]( - [Making Sense of Your Security Data: The 6 Hardest Problems]( - [The State of Incident Response]( - [Understanding Today's Threat Actors]( - [A Solution Guide to Operational Technology Cybersecurity]( - [Demystifying Zero Trust in OT]( - [Causes and Consequences of IT and OT Convergence]( [View More White Papers >>]( FEATURED REPORTS - [Industrial Networks in the Age of Digitalization]( - [Zero-Trust Adoption Driven by Data Protection]( - [How Enterprises Assess Their Cyber-Risk]( [View More Dark Reading Reports >>]( Dark Reading Weekly -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=123064&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Weekly_04.25.24&sp_cid=53192&utm_content=DR_NL_Dark%20Reading%20Weekly_04.25.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#7f If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)