When AI Becomes the Hacker | SolarWinds Attack Began Earlier Than Previously Thought

[TechWeb]( Follow Dark Reading: [RSS]( May 20, 2021 LATEST SECURITY NEWS & COMMENTARY [When AI Becomes the Hacker]( Bruce Schneier explores the potential dangers of artificial intelligence (AI) systems gone rogue in society. [SolarWinds CEO: Attack Began Much Earlier Than Previously Thought]( Investigation shows threat actors began probing SolarWinds' network in January 2019, according to Sudhakar Ramakrishna. [Researchers Create Covert Channel Over Apple AirTag Network]( Small amounts of data could be sent from nearly anywhere using Apple's "Find My" network, hidden in the large volume of traffic as AirTags become widely used, two researchers say. [Attackers Took 5 Minutes to Start Scanning for Exchange Server Flaws]( Research underscores the acceleration of attack activity and points to a growing concern that defenders can't keep pace. [Wi-Fi Design, Implementation Flaws Allow a Range of Frag Attacks]( Every Wi-Fi product is affected by at least one fragmentation and aggregation vulnerability, which could lead to a machine-in-the-middle attack, researcher says. [47% of Criminals Buying Exploits Target Microsoft Products]( Researchers examine English- and Russian-language underground exploits to track how exploits are advertised and sold. [Rapid7 Is the Latest Victim of a Software Supply Chain Breach]( Security vendor says attackers accessed some of its source code using a previously compromised Bash Uploader script from Codecov. [How Ransomware Encourages Opportunists to Become Criminals]( And what's needed to stop it: Better information sharing among private organizations and with law enforcement agencies. [How to Mitigate Against Domain Credential Theft]( Attackers routinely reuse stolen domain credentials. Here are some ways to thwart their access. [DarkSide Ransomware Variant Targets Disk Partitions]( A newly discovered DarkSide ransomware variant can detect and compromise partitioned hard drives, researchers report. [DDoS Attacks Up 31% in Q1 2021: Report]( If pace continues, DDoS attack activity could surpass last year's 10-million attack threshold. [MORE NEWS & COMMENTARY]( HOT TOPICS [85% of Data Breaches Involve Human Interaction: Verizon DBIR]( Ransomware, phishing, and Web application attacks all increased during a year in which the majority of attacks involved a human element. [Why Anti-Phishing Training Isn't Enough]( Not only is relying on employees' awareness insufficient to prevent sophisticated social engineering attacks, some training methods can create other problems. [How Faster COVID-19 Research Is Being Made Possible by Secure Silicon]( When Intel and Leidos set up a "trusted execution environment" to enable a widespread group of researchers to securely share and confidentially compute real-world data, it was no small achievement. [MORE]( EDITORS' CHOICE [7 Modern-Day Cybersecurity Realities]( Security pros may be working with a false sense of security. We explore seven places where old methods and techniques have to change to keep their organizations safe. [Defending the Castle: How World History Can Teach Cybersecurity a Lesson]( Cybersecurity attackers follow the same principles practiced in warfare for millennia. They show up in unexpected places, seeking out portions of an organization's attack surface that are largely unmonitored and undefended. LATEST FROM THE EDGE [How to Get Employees to Care About Security]( Want to a security awareness program that sticks? Make it fun and personal -- and offer free lunch. Tech Resources - [2021 Application Security Statistics Report Vol.2]( - [The State of Endpoint Security]( - [Tech Insights: Detecting and Preventing Insider Data Leaks]( - [Assessing Cybersecurity Risk in Today's Enterprises]( - [Enabling Enterprise Resiliency Through Cyberthreat Detection]( - [Are We Cyber-Resilient? The Key Question Every Organization Must Answer]( - [The InformationWeek 2021 State of ITOps and SecOps Report]( [ACCESS TECH LIBRARY NOW]( - [Threat Deception: Tricking Attackers for Fun and Defense]( - [Web Security: Protecting Your Data from Internet Threats]( One of the most accessible methods of cracking your corporate data is through a simple Internet connection. In this webinar, experts offer a look at some of the most common ways that cyber attackers use to crack enterprise systems via ... [MORE WEBINARS]( FEATURED REPORTS - [Tech Insights: Detecting and Preventing Insider Data Leaks]( - [Assessing Cybersecurity Risk in Today’s Enterprises]( [MORE REPORTS]( CURRENT ISSUE [2021 Top Enterprise IT Trends]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [New Kaspersky Machine Learning for Anomaly Detection Predicts Breakdown of Production Processes]( [ThycoticCentrify Announces New Solution to Govern and Manage Privileged Access to Cloud Platforms]( [LastPass by LogMeIn Delivers Enhanced Authentication Experience for Businesses]( [ETSI Releases Mitigation Strategy Report on Securing Artificial Intelligence]( [BlackBerry Builds Out Extended Detection and Response (XDR) Capabilities with New Cybersecurity Innovations]( [CYBER.ORG Seeks Public Commentary on National K-12 Cybersecurity Learning Standards]( [MORE PRODUCTS & RELEASES]( Dark Reading Weekly -- Published By [Dark Reading]( Informa Tech 303 Second St., Suite 900 South Tower, San Francisco, CA 94107 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:customerservice_informationhub@techweb.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2021]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:customerservice_informationhub@techweb.com)