Holiday Spam, Phishing Campaigns Challenge Retailers

Revived levels of holiday spending have caught the eye of threat actors who exploit consumer behaviors and prey on the surge of online payments and digital activities during the holidays. [TechWeb]( Follow Dark Reading: [RSS]( December 20, 2022 LATEST SECURITY NEWS & COMMENTARY [Holiday Spam, Phishing Campaigns Challenge Retailers]( Revived levels of holiday spending have caught the eye of threat actors who exploit consumer behaviors and prey on the surge of online payments and digital activities during the holidays. [Malicious Python Trojan Impersonates SentinelOne Security Client]( A fully functional SentinelOne client is actually a Trojan horse that hides malicious code within; it was found lurking in the Python Package Index repository ecosystem. [Sophisticated DarkTortilla Malware Serves Imposter Cisco, Grammarly Pages]( Sites spoofing Grammarly and a Cisco webpage are spreading the DarkTortilla threat, which is filled with follow-on malware attacks. [Security Skills Command Premiums in Tight Market]( Recession fears notwithstanding, cybersecurity skills — both credentialed and noncredentialed — continue to attract higher pay and more job security. [Fortnite Developer Epic Games Slapped With $275M Penalty]( Epic Games has been fined for violating children's online privacy, banned from using collected data. [Rethinking Risk After the FTX Debacle]( Risk is no longer a single entity, but rather an interconnected web of resources, assets, and users. [T-Mobile Carrier Scammer Gets Decade in the Slammer]( A mobile phone store owner stole T-Mobile employee credentials to "unlock" phones for resale, earning him millions in illicit profits. [(Sponsored Article) Single Sign-on: It's Only as Good as Your Ability to Use It]( Increased federal cybersecurity regulations provide a pivot point for manufacturers to reconsider their access management strategy. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Cyber Threats Loom as 5B People Prepare to Watch World Cup Final]( The 2022 FIFA Men's World Cup final in Qatar will be the most-watched sporting event in history — but will cybercriminals score a hat trick off its state-of-the-art digital footprint? [Compliance Is Not Enough: How to Manage Your Customer Data]( Effective customer data management helps companies avoid data breaches and the resulting cascade of issues. From validating "clean" data to centralized storage and a data governance strategy, management steps can help keep data safe. [Live From London: Next-Gen Cybersecurity Takes Stage at Black Hat Europe]( Check out our slideshow detailing the emerging cybersecurity trends in cloud, creating a defensible Internet, malware evolution, and more that lit up audiences in London. [MORE]( EDITORS' CHOICE [New Botnet Targeting Minecraft Servers Poses Potential Enterprise Threat]( Microsoft warns enterprises should pay attention to a new botnet used to launch DDoS attacks on private Minecraft Java servers. LATEST FROM THE EDGE [Are 100% Security Guarantees Possible?]( Large vendors are commoditizing capabilities that claim to provide absolute security guarantees backed up by formal verification. How significant are these promises? LATEST FROM DR TECHNOLOGY [Credential Canaries Create Minefield for Attackers]( Canary tokens — also known as honey tokens — force attackers to second-guess their potential good fortune when they come across user and application secrets. WEBINARS - [The Craziest Cyberattacks Seen In the Wild and How You Can Avoid Them]( It feels like we hear about a new devastating cyberattack in the news every day. And attack methods seem to be proliferating at an exponential rate. So, which tactics should you be aware of beyond standard "click and infect" attack ... - [A Roadmap to Zero Trust: Steps for Meaningful Progress Amongst the Hype]( Join this webinar as our Zero Trust experts discuss "quick wins" like: --Enforcing strong multifactor authentication and Zero Trust policies for critical applications. --Closing inbound ports open to the Internet. --Areas not always included in the Zero Trust conversation, like ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( - [State of Email Security]( - [Ransomware Resilience and Response: The Next-Generation]( - [Ransomware Is On The Rise]( - [State of Ransomware Readiness: Facing the Reality Gap]( - [How Hybrid Work Fuels Ransomware Attacks]( [View More White Papers >>]( FEATURED REPORTS - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( - [2022 State of Network Management (a $499 Value FREE)]( We surveyed networking professionals about their networking budgets, spending priorities, and concerns. Find out how big of a role security is playing and how they plan to address it. Download the report today! [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Bugcrowd Launches Bug Bounty Program for Australian-Based Navitas]( [Axonius Bolsters SaaS Management Offering With Behavioral Analytics and SaaS User-Device Association Capabilities]( [WatchGuard Threat Lab Report Finds Top Threat Arriving Exclusively Over Encrypted Connections]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [10 Hot Talks From Black Hat USA 2022]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2022]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)