Cops Swarm Global Cybercrime Botnet Infrastructure in 2 Massive Ops

Europol undertook dropper malware botnet takedown while US law enforcement dismantled a sprawling cybercrime botnet for hire. [TechWeb]( Follow Dark Reading: [RSS]( May 31, 2024 LATEST SECURITY NEWS & COMMENTARY [Cops Swarm Global Cybercrime Botnet Infrastructure in 2 Massive Ops]( Europol undertook dropper malware botnet takedown while US law enforcement dismantled a sprawling cybercrime botnet for hire. [Flawed AI Tools Create Worries for Private LLMs, Chatbots]( Companies are looking to large language models to help their employees glean information from unstructured data, but vulnerabilities could lead to disinformation and, potentially, data leaks. [Okta Warns Once Again of Credential-Stuffing Attacks]( This time it's the identity management service provider's cross-origin authentication feature that's being targeted by adversaries. [Shady 'Merry-Go-Round' Ad Fraud Network Leaves Orgs Hemorrhaging Cash]( Stealthy ad fraud rings turn legitimate marketing into spam at a large scale, creating 200M+ bid requests daily. [An Argument for Coordinated Disclosure of New Exploits]( By adopting a stance of coordinated disclosure for exploits, security researchers can give organizations time to patch vulnerabilities before they are exploited in the wild. [(Sponsored Article) A Comprehensive Approach to SAP Security]( Implement this checklist to help protect your SAP environment against bad actors. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Microsoft: 'Moonstone Sleet' APT Melds Espionage, Financial Goals]( North Korea's newest threat actor uses every trick in the nation-state APT playbook, and most of cybercrime's tricks, too. It also developed a whole video game company to hide malware. [The SEC's New Take on Cybersecurity Risk Management]( Insights from three companies that recently reported breaches under the new disclosure regulations. [Leak Site BreachForums Springs Back to Life Weeks After FBI Takedown]( It's unclear whether a dataset for sale on the site allegedly containing data from more than 500 million Ticketmaster users is real or just law enforcement bait. [Attackers Target Check Point VPNs to Access Corporate Networks]( Using VPNs as an initial access vector is ironic, given that security is the very reason enterprises employ them in the first place. [Why CVEs Are an Incentives Problem]( It's time to rethink the pivotal role incentives play in shaping behavior to find and disclose software vulnerabilities. More accurate guidance to reflect real-world risks and a tiered verification process to establish potential impact could slow misleading submissions. [MORE]( PRODUCTS & RELEASES [VicOne Partners With 42Crunch to Deliver Comprehensive Security Across SDV and Connected-Vehicle Ecosystem]( [Digital Twin Technology Can Improve Water Utility Management, Says Info-Tech Research Group]( [NRECA Signs MOU With Electricity Information Sharing and Analysis Center]( [BforeAI Launches PreCrime™ Guarantee Program for Seamless Cyber Risk Coverage]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Exploit for Fortinet Critical RCE Bug Allows SIEM Root Access]( Corporate admins should patch the max-severity CVE-2024-23108 immediately, which allows unauthenticated command injection. LATEST FROM THE EDGE [Persistent Burnout Is Still a Crisis in Cybersecurity]( Burnout has been an oft-reported problem among security professionals for years. Are there any new ideas for supporting mental health in the industry? LATEST FROM DR TECHNOLOGY [10 Ways a Digital Shield Protects Apps and APIs]( Layers of protection can bring defense-in-depth practices to distributed clouds and other modern network architectures. LATEST FROM DR GLOBAL [6 Facts About How Interpol Fights Cybercrime]( So you think you know Interpol? Here are some key details of how this international law enforcement entity disrupts cybercrime worldwide. WEBINARS - [Preventing Attackers From Wandering Through Your Enterprise Infrastructure]( - [Assessing Software Supply Chain Risk]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [Google Threat Intelligence]( - [How Cyber Threat Intelligence Empowers the C-Suite]( - [Leveling Up Cyber-Threat Intelligence Maturity for More Value and Better Insights]( - [Elastic named a Leader in The Forrester Wave™: Security Analytics Platforms, Q4 2022]( - [2023 Global Threat Report]( - [The Cloud Threat Landscape: Security learnings from analyzing 500+ cloud environments]( - [ESG E-Book: Taking a Holistic Approach to Securing Cloud-Native Application Development]( [View More White Papers >>]( FEATURED REPORTS - [Elastic named a Leader in The Forrester Wave™: Security Analytics Platforms, Q4 2022]( - [EMA: AI at your fingertips: How Elastic AI Assistant simplifies cybersecurity]( - [Industrial Networks in the Age of Digitalization]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=123787&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_05.31.24&sp_cid=53742&utm_content=DR_NL_Dark%20Reading%20Daily_05.31.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#30 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)