Toyota Global Supply Chain Portal Flaw Put Hacker in the Driver's Seat

The automaker closed a hole that allowed a security researcher to gain system administrator access to more than 14,000 corporate and partner accounts and troves of sensitive data. [TechWeb]( Follow Dark Reading: [RSS]( February 09, 2023 LATEST SECURITY NEWS & COMMENTARY [Toyota Global Supply Chain Portal Flaw Put Hacker in the Driver's Seat]( The automaker closed a hole that allowed a security researcher to gain system administrator access to more than 14,000 corporate and partner accounts and troves of sensitive data. [CISA Releases Recovery Script for Victims of ESXiArgs Ransomware]( The malware has affected thousands of VMware ESXi hypervisors in the last few days. [Exclu Shutdown Underscores Outsized Role Messaging Apps Play in Cybercrime]( Apps like Telegram, WhatsApp, and Discord are a hotbed of cybercriminal communication and scams. [Gigamon Exits NDR Market, Sells ThreatInsight Business to Fortinet]( Omdia has learned that Gigamon sold its ThreatInsight NDR business to Fortinet for approximately $31 million. The deal highlights what may be a pivot point for the NDR market. [Why ChatGPT Isn't a Death Sentence for Cyber Defenders]( Generative AI combined with user awareness training creates a security alliance that can let organizations work protected from ChatGPT. [It Isn't Time to Worry About Quantum Computing Just Yet]( Don't let something that's a decade away distract you from today's cyber threats. [Jailbreak Trick Breaks ChatGPT Content Safeguards]( Jailbreak command creates ChatGPT alter ego DAN, willing to create content outside of its own content restriction controls. [GAO Calls for Action to Protect Cybersecurity of Critical Energy, Communications Networks]( Enhanced industrial control systems cybersecurity for energy and communications sector among top recommendations in new GAO cybersecurity assessment. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Fresh, Buggy Clop Ransomware Variant Targets Linux Systems]( For the moment, victims can decrypt data without paying a ransom. But Clop is a ransomware variant that has caused havoc on Windows systems, so that's bound to change. [Optimizing Cybersecurity Investments in a Constrained Spending Environment]( Three ways to stay safe in an economically uncertain 2023. ['Money Lover' Finance App Exposes User Data]( A broken access control vulnerability could have led to dangerous follow-on attacks for users of the money-management app. [MORE]( EDITORS' CHOICE [Ongoing VMware ESXi Ransomware Attack Highlights Inherent Virtualization Risks]( The global assault on vulnerable VMware hypervisors may have been mitigated by updating to the latest version of the product, but patch management is only part of the story. LATEST FROM THE EDGE [Why Some Cloud Services Vulnerabilities Are So Hard to Fix]( Five months after AWS customers were alerted about three vulnerabilities, nearly none had plugged the holes. The reasons why underline a need for change. LATEST FROM DR TECHNOLOGY [Building Up IAM in a Multicloud World]( In the cloud-first world, the security goal is to ensure only qualified users can access information across clouds. WEBINARS - [The Importance of Bespoke Security]( In this webinar, you will hear from our subject matter experts, Hanah Darley, Head of Threat Research and Toby Lewis, Global Head of Threat Analysis. The discussion will cover the difference between media coverage of cyber threats compared with the ... - [The Ransomware Evolution: Protecting Against Professionalized Cybercriminal Operations]( Ransomware gangs are highly professional operations, with teams dedicated for customer service, help-desk, software development, distribution, and even marketing. There are marketplaces where attackers can easily pick up ransomware and attack infrastructure. Does your organization understand what kind of cybercriminal ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( - [State of Email Security]( - [Ransomware Resilience and Response: The Next-Generation]( - [Ransomware Is On The Rise]( - [State of Ransomware Readiness: Facing the Reality Gap]( [View More White Papers >>]( FEATURED REPORTS - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... - [10 Hot Talks From Black Hat USA 2022]( Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ... - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [(ISC)² Makes Certified in Cybersecurity Exam Available in More Languages to Address Global Workforce Shortage]( [Corelight Expands Partnership With CrowdStrike to Provide Network Detection and Response Technology for CrowdStrike Services]( [ActZero Unveils Next-Generation MDR Platform]( [Almost Half of Executives Expect a Rise in Cyber Events Targeting Accounting and Financial Data in Year Ahead]( [Leading Energy Companies Tap Fortress to Build and Operate Industry Repository to Identify and Remediate Critical Software Vulnerabilities]( [SecuriThings Brings Managed Service Capabilities to Physical Security, With New Managed Service Platform]( [Skybox Security Appoints Cybersecurity Veteran Mordecai Rosen as CEO]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [The Promise and Reality of Cloud Security]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)