Microsoft Disrupts Russian Group's Cyber-Espionage Campaign | Patch Madness: Vendor Bug Advisories Are Broken

"Seaborgium" is a highly persistent threat actor that has been targeting organizations and individuals of likely interest to the Russian government since at least 2017. [TechWeb]( Follow Dark Reading: [RSS]( August 18, 2022 LATEST SECURITY NEWS & COMMENTARY [Microsoft Disrupts Russian Group's Multiyear Cyber-Espionage Campaign]( "Seaborgium" is a highly persistent threat actor that has been targeting organizations and individuals of likely interest to the Russian government since at least 2017, company says. [Patch Madness: Vendor Bug Advisories Are Broken, So Broken]( Dustin Childs and Brian Gorenc of ZDI take the opportunity at Black Hat USA to break down the many vulnerability disclosure issues making patch prioritization a nightmare scenario for many orgs. ['DarkTortilla' Malware Wraps in Sophistication for High-Volume RAT Infections]( The stealthy crypter, active since 2015, has been used to deliver a wide range of information stealers and RATs at a rapid, widespread clip. [Google Chrome Zero-Day Found Exploited in the Wild]( The high-severity security vulnerability (CVE-2022-2856) is due to improper user-input validation. [Most Q2 Attacks Targeted Old Microsoft Vulnerabilities]( The most heavily targeted flaw last quarter was a remote code execution vulnerability in Microsoft Office that was disclosed and patched four years ago. [China-Backed RedAlpha APT Builds Sprawling Cyber-Espionage Infrastructure]( The state-sponsored group particularly targets organizations working on behalf of the Uyghurs, Tibet, and Taiwan, looking to gather intel that could lead to human-rights abuses, researchers say. [DEF CON 30: Hackers Come Home to Vibrant Community]( After 30 years and a brief pandemic hiatus, DEF CON returns with "Hacker Homecoming," an event that put the humans behind cybersecurity first. [Cisco Confirms Data Breach, Hacked Files Leaked]( Ransomware gang gained access to the company's VPN in May by convincing an employee to accept a multifactor authentication (MFA) push notification. [7 Smart Ways to Secure Your E-Commerce Site]( Especially if your e-commerce and CMS platforms are integrated, you risk multiple potential sources of intrusion, and the integration points themselves may be vulnerable to attack. [Name That Toon: Vicious Circle]( Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. [Lessons From the Cybersecurity Trenches]( Threat hunting not only serves the greater good by helping keep users safe, it rewards practitioners with the thrill of the hunt and solving of complex problems. Tap into your background and learn to follow your instincts. [How to Clear Security Obstacles and Achieve Cloud Nirvana]( Back-end complexity of cloud computing means there's plenty of potential for security problems. Here's how to get a better handle on SaaS application security. [Whack-a-Mole: More Malicious PyPI Packages Spring Up Targeting Discord, Roblox]( Just as one crop of malware-laced software packages is taken down from the popular Python code repository, a new host arrives, looking to steal a raft of data. [MORE NEWS /]( [MORE COMMENTARY]( HIGHLIGHTS FROM BLACK HAT [Krebs: Taiwan, Geopolitical Headwinds Loom Large]( During a keynote at Black Hat 2022, former CISA director Chris Krebs outlined the biggest risk areas for the public and private sectors for the next few years. [After Colonial Pipeline, Critical Infrastructure Operators Remain Blind to Cyber-Risks]( In her keynote address at Black Hat USA 2022, Kim Zetter gives a scathing rebuke of Colonial Pipeline for not foreseeing the attack. [Supply Chain Security Startup Phylum Wins the First Black Hat Innovation Spotlight]( Up-and-coming companies shoot their shot in a new feature introduced at the 25th annual cybersecurity conference. [Microsoft: We Don't Want to Zero-Day Our Customers]( The head of Microsoft's Security Response Center defends keeping its initial vulnerability disclosures sparse — it is, she says, to protect customers. [4 Flaws, Other Weaknesses Undermine Cisco ASA Firewalls]( More than 1 million instances of firewalls running Cisco Adaptive Security Appliance (ASA) software have four vulnerabilities that undermine its security, a researcher finds. [More Black Hat News]( Didn't make it to Black Hat USA this year? Get caught up now! [MORE]( EDITORS' CHOICE [Windows Vulnerability Could Crack DC Server Credentials Open]( The security flaw tracked as CVE-2022-30216 could allow attackers to perform server spoofing or trigger authentication coercion on the victim. LATEST FROM THE EDGE [Cybercriminals Weaponizing Ransomware Data for BEC Attacks]( Attacked once, victimized multiple times: Data marketplaces are making it easier for threat actors to find and use data exfiltrated during ransomware attacks in follow-up attacks. LATEST FROM DR TECHNOLOGY [Transitioning From VPNs to Zero-Trust Access Requires Shoring Up Third-Party Risk Management]( ZTNA brings only marginal benefits unless you ensure that the third parties you authorize are not already compromised. WEBINARS - [Understanding Machine Learning, Artificial Intelligence, & Deep Learning, and When to Use Them]( Advancements in artificial intelligence technology and machine learning and deep learning algorithms promise to transform enterprise security by giving IT security teams tools to detect and respond to attacks faster than before. Before security teams can use these tools, they ... - [Assessing Cyber Risk]( Top executives often ask, "how safe are we from a cyber breach?" But it can be difficult to quantitatively measure cyber risk, and even harder to assess your organization's attack surface. In this webinar, you'll learn how to evaluate your ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [6 Elements of a Solid IoT Security Strategy]( - [Five Best Practices for AWS Security Monitoring]( - [Sumo Logic for Continuous Intelligence]( - [AppSec Considerations For Modern Application Development]( - [Endpoint Detection Net Suite Use Cases]( - [Optimizing Endpoint Protection]( - [Ambush Attackers at the Endpoint with the Endpoint Detection Net (EDN) Suite]( [View More White Papers >>]( FEATURED REPORTS - [Incorporating a Prevention Mindset into Threat Detection and Response]( - [State of the Cloud: A Security Perspective]( Cloud computing has evolved over the years from a nice-to-have item on the IT wish list to a core technology driving business initiatives. But despite widespread adoption, cloud-based IT systems continue to be saddled with issues related to data security, ... - [How Enterprises Are Securing the Application Environment]( Download this report from Dark Reading to learn more about the measures enterprises have adopted to ensure the security of their internally developed applications and third-party packaged applications. [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [ThreatX Raises $30 Million in Series B Funding to Accelerate Growth in Global API Protection Market]( [AuditBoard Launches Third-Party Risk Management Solution, Empowering Enterprises to Tackle IT Vendor Risk at Scale]( [SEPT. 7-9: Ukraine, Election, AI, Cybercrime, 5G Among Topics Explored by 125+ Speakers at 13th Billington Cybersecurity Summit]( [Mimecast Announces Mimecast X1™ Platform Providing Customers With Email and Collaboration Security]( [OPSWAT Presents New Malware Analysis Capabilities for Operational Technology at Black Hat USA 2022]( [Bugcrowd Taps Top Hackers for Live Hacking Event with Indeed at 2022 Black Hat Conference]( [Deepfence ThreatMapper 1.4 Unveils Open Source Threat Graph to Visualize Cloud-Native Threat Landscape]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Living on the Edge: Building and Maintaining Security at the Network Edge]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Weekly -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2022]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)