Cyber-Threat Group Targets Critical RCE Vulnerability in 'Bleed You' Campaign

More than 1,000 systems are exposed to a campaign hunting weak Windows servers and more. [TechWeb]( Follow Dark Reading: [RSS]( November 29, 2022 LATEST SECURITY NEWS & COMMENTARY [Cyber-Threat Group Targets Critical RCE Vulnerability in 'Bleed You' Campaign]( More than 1,000 systems are exposed to a campaign hunting weak Windows servers and more. [Black Basta Gang Deploys Qakbot Malware in Aggressive Cyber Campaign]( The ransomware group is using Qakbot to make the initial point of entry before moving laterally within an organization’s network. [Cybersecurity Consolidation Continues, Even as Valuations Stall]( Financing and acquisitions are trending toward smaller deals, which means fewer high-valuation purchases and funding, but likely fewer post-merger layoffs as well. [Global Cyber-Enforcement Op Nets $130M, Says Interpol]( A worldwide operation aimed at curtailing fraud has led to the arrest of 975 suspects and the seizure of nearly $130 million, as Interpol expands its efforts and brings new tools to its investigations. [Bring Your Own Key — A Placebo?]( BYOK was envisioned to reduce the risk of using a cloud service provider processing sensitive data, yet there are several deficiencies. [$275M Fine for Meta After Facebook Data Scrape]( Meta has been found in violation of Europe's GDPR rules requiring the social media giant to protect user data by "design and default." [(Sponsored Article) Identity Security Needs Humans and AI Working Hand in Hand]( In the cybersecurity world, augmenting the human touch with artificial intelligence has produced extremely positive results. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Hot Ticket: 'Aurora' Go-Based InfoStealer Finds Favor Among Cyber-Threat Actors]( The infostealer Aurora’s low detection rates and newcomer status are helping it fly under the radar, as more cybercriminal gangs target cryptocurrency wallets and communications apps. [Microsoft: Popular IoT SDKs Leave Critical Infrastructure Wide Open to Cyberattack]( Chinese threat actors have already used the vulnerable and pervasive Boa server to infiltrate the electrical grid in India, in spate of malicious incidents. [Better Together: Why It's Time for Ops and Security to Converge]( Threat actors are becoming only more sophisticated and determined. [MORE]( EDITORS' CHOICE [For Gaming Companies, Cybersecurity Has Become a Major Value Proposition]( New users and monetization methods are increasingly profitable for gaming industry, but many companies find they have to stem growth in cheats, hacks, and other fraud to keep customers loyal. LATEST FROM THE EDGE [How the Cloud Changed Digital Forensics Investigations]( The enterprise's shift to the cloud means digital forensics investigators have had to adopt new remote techniques and develop custom tools to uncover and process evidence off compromised devices. LATEST FROM DR TECHNOLOGY [Cybersecurity 'Nutrition' Labels Still a Work in Progress]( Pretty much every aspect of the effort to create easy-to-understand labels for Internet of Things (IoT) products is up in the air, according to participants in the process. WEBINARS - [Seeing Your Attack Surface Through the Eyes of an Adversary]( The best way to manage exposure, reduce risk, and improve your security posture is to understand your attack surface through the eyes of an attacker. Cortex Xpanse provides automated Attack Surface Management with an agentless implementation. Xpanse scans the entirety ... - [Developing and Testing an Effective Breach Response Plan]( When cyber attackers hit your network and your databases have been breached, do you know what you have to do and who to call? What do you tell your customers, employees, and other stakeholders, and when do you tell them? ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( - [State of Email Security]( - [Ransomware Is On The Rise]( - [State of Ransomware Readiness: Facing the Reality Gap]( - [BotGuard Supplements CDN and WAF Case Study]( - [The Threat Landscape HEATs Up with Highly Evasive Adaptive Threats]( - [2022 Cyberthreat Defense Report]( [View More White Papers >>]( FEATURED REPORTS - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( - [Implementing Zero Trust In Your Enterprise: How to Get Started]( - [6 Elements of a Solid IoT Security Strategy]( [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [NanoLock Brings Built-In Meter-Level Cybersecurity to Renesas Customers]( [KnowBe4 Launches New Mobile Learner App for Cybersecurity Learning]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Creating an Effective Incident Response Plan]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2022]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)