US AI Experts Targeted in SugarGh0st RAT Campaign

Researchers believe the attacker is likely China-affiliated, since a previous version of the malware was used by a China nation-state attack group. [TechWeb]( Follow Dark Reading: [RSS]( May 17, 2024 LATEST SECURITY NEWS & COMMENTARY [US AI Experts Targeted in SugarGh0st RAT Campaign]( Researchers believe the attacker is likely China-affiliated, since a previous version of the malware was used by a China nation-state attack group. [Santander Falls Victim to Data Breach Involving Third-Party Provider]( The company reports that customers based in Chile, Spain, and Uruguay were the primary victims of the breach, alongside some former employees of the global bank. [GE Ultrasound Gear Riddled With Bugs, Open to Ransomware & Data Theft]( Thankfully, GE ultrasounds aren't Internet-facing. Exploiting most of the bugs to cause serious damage to patients would require physical device access. [Windows Quick Assist Anchors Black Basta Ransomware Gambit]( When abused by threat actors with sophisticated social-engineering chops, remote-access tools demand that enterprises remain sharp in both defense strategy and employee-awareness training. [FCC Reveals 'Royal Tiger' Robocall Campaign]( In a first-ever move, the commission's enforcement bureau has high hopes that official classification will allow law enforcement partners to better combat these kinds of threats [The Fall of the National Vulnerability Database]( Since its inception, three key factors have affected the NVD's ability to classify security concerns — and what we're experiencing now is the result. [(Sponsored Article) A Comprehensive Approach to SAP Security]( Implement this checklist to help protect your SAP environment against bad actors. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Dark Reading 'Drops' Its First Podcast]( Our brand-new podcast, Dark Reading Confidential, has officially launched. You don't want to miss our first episode with the CISO and chief legal officer from Reddit and a cybersecurity attorney, who share their thoughts and advice for CISOs on the new SEC breach disclosure rules. [Flaw in Wi-Fi Standard Can Enable SSID Confusion Attacks]( Attackers can exploit the issue to trick users into connecting to insecure networks, but it works only under specific conditions. [There Is No Cyber Labor Shortage]( There are plenty of valuable candidates on the market. Hiring managers are simply looking in the wrong places. [3 Tips for Becoming the Champion of Your Organization's AI Committee]( CISOs are now considered part of the organizational executive leadership and have both the responsibility and the opportunity to drive not just security but business success. [MORE]( PRODUCTS & RELEASES [Alkira Raises $100M in Series C Funding to Simplify, Secure and Scale Critical Network Infrastructure]( [Palo Alto Networks and IBM to Jointly Provide AI-Powered Security Offerings]( [87% of DDoS Attacks Targeted Windows OS Devices in 2023]( [CyberProof Announces Strategic Partnership With Google Cloud]( [Notice of a Data Breach]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Scammers Fake Docusign Templates to Blackmail & Steal From Companies]( Cybercriminals are trafficking Docusign assets that allow for easy extortion and business email compromise. LATEST FROM THE EDGE [CISO as a CTO: When and Why It Makes Sense]( Enterprises are increasingly recognizing that a CISO's skills and experience building risk-based cyber programs translate well to other C-suite positions. LATEST FROM DR TECHNOLOGY [Addressing the Cybersecurity Vendor Ecosystem Disconnect]( How security teams can bridge the gap between short-term profits and long-term business needs. LATEST FROM DR GLOBAL [Nigeria Halts Cybersecurity Tax After Public Outrage]( In the midst of an economy struggling with soaring inflation, the Nigerian government paused plans to place a levy on domestic transactions that was aimed at enhancing cybersecurity. WEBINARS - [Why Effective Asset Management is Critical to Enterprise Cybersecurity]( - [Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [5 Essential Insights into Generative AI for Security Leaders]( - [Shining a light in the dark: observability and security, a SANS profile]( - [EMA: AI at your fingertips: How Elastic AI Assistant simplifies cybersecurity]( - [ESG E-Book: Taking a Holistic Approach to Securing Cloud-Native Application Development]( - [The Cloud Threat Landscape: Security learnings from analyzing 500+ cloud environments]( - [Cisco Panoptica for Simplified Cloud-Native Application Security]( - [The State of Incident Response]( [View More White Papers >>]( FEATURED REPORTS - [2023 Global Threat Report]( - [Industrial Networks in the Age of Digitalization]( - [Zero-Trust Adoption Driven by Data Protection]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=123558&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_05.17.24&sp_cid=53540&utm_content=DR_NL_Dark%20Reading%20Daily_05.17.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#89 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)