Technology, Regulations Can't Save Orgs From Deepfake Harm

Monetary losses, reputational damage, share price declines — it's hard to counter, much less try to stay ahead of, AI-based attacks. [TechWeb]( Follow Dark Reading: [RSS]( June 07, 2024 LATEST SECURITY NEWS & COMMENTARY [Technology, Regulations Can't Save Orgs From Deepfake Harm]( Monetary losses, reputational damage, share price declines — it's hard to counter, much less try to stay ahead of, AI-based attacks. ['Commando Cat' Digs Its Claws Into Exposed Docker Containers]( Attackers are taking advantage of misconfigured containers to deploy cryptocurrency mining software. [Attacks Surge on Check Point's Recent VPN Zero-Day Flaw]( One monitoring firm has detected exploitation attempts targeting CVE-2024-24919 from more than 780 unique IP addresses in the past week. [Mallox Ransomware Variant Targets Privileged VMWare ESXi Environments]( Novel attack vector uses a custom shell for payload delivery and execution — and only goes after systems with administrative privileges. [Interpol, FBI Disrupt Moldova-Based Cyber Ring]( Four suspects were taken into custody, accused of paying intermediaries in Moldova to inform criminals of their Red Notice status and wipe law-enforcement flags from the system. [Understanding Security's New Blind Spot: Shadow Engineering]( In the rush to digital transformation, many organizations are exposed to security risks associated with citizen developer applications without even knowing it. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Hijacking Scheme Takes Over High-Profile TikTok Accounts]( Hijacking malware gets spread through TikTok's direct messaging and doesn't require the victim to click links or download anything. [Remote Work's Hidden Dangers]( Ten cybersecurity strategies for enterprises to keep remote work safer. [Ticketmaster Breach Showcases SaaS Data Security Risks]( MFA and other mechanisms are critical to protect against unauthorized access to data in cloud application environments, but businesses still fall down on the job. [RansomHub Actors Exploit ZeroLogon Vuln in Recent Ransomware Attacks]( CVE-2020-1472 is a privilege escalation flaw that allows an attacker to take over an organization's domain controllers. [MORE]( PRODUCTS & RELEASES [Cloud Security Alliance Survey Finds 70% of Organizations Have Established Dedicated SaaS Security Teams]( [EV Manufacturer BYD Selects Karamba Security to Meet Global Automotive Cybersecurity Regulations]( [Notable Capital Launches Rising in Cyber to Spotlight Promising Cybersecurity Startups]( [ISC2 Provides Opportunity for Employers to Connect With Cybersecurity Job Seekers]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [RansomHub Actors Exploit ZeroLogon Vuln in Recent Ransomware Attacks]( CVE-2020-1472 is a privilege escalation flaw that allows an attacker to take over an organization's domain controllers. LATEST FROM THE EDGE [Making the Case for 'Reasonable' Cybersecurity]( Reasonable cybersecurity is highly subjective. Organizations need to plan carefully in order to quantify cyber-risk and apply security controls. LATEST FROM DR TECHNOLOGY [Inside Baseball: The Red Sox Cloud Security Game]( Inside the baseball team's strategy for building next-gen security operations through zero trust and initiatives aiming to safeguard team data, fan info, and the iconic Fenway Park — which, by the way, is now a smart stadium. LATEST FROM DR GLOBAL [Africa Ranks Low on Phishing Cyber Resilience]( As threats to Africa's cybersecurity continue to grow, the continent faces high risks to its society and economy with a growing cyber skills gap and lack of preparedness. WEBINARS - [Intruders in the Library: Exploring DLL Hijacking Using Cortex XDR Analytics]( - [Preventing Attackers From Wandering Through Your Enterprise Infrastructure]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [A Year in Review of Zero-Days Exploited In-the-Wild in 2023]( - [SecOps Checklist]( - [Purple AI Datasheet]( - [Elastic named a Leader in The Forrester Wave™: Security Analytics Platforms, Q4 2022]( - [2023 Global Threat Report]( - [ESG E-Book: Taking a Holistic Approach to Securing Cloud-Native Application Development]( - [The Cloud Threat Landscape: Security learnings from analyzing 500+ cloud environments]( [View More White Papers >>]( FEATURED REPORTS - [2023 Global Threat Report]( - [Zero-Trust Adoption Driven by Data Protection]( - [How Enterprises Assess Their Cyber-Risk]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=123946&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_06.07.24&sp_cid=53876&utm_content=DR_NL_Dark%20Reading%20Daily_06.07.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#fd If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)