How the Ukraine War Opened a Fault Line in Cybercrime, Possibly Forever

Infighting, conscription, emigration. The war in Ukraine has pitted cybercriminals against one another like no other event before it. [TechWeb]( Follow Dark Reading: [RSS]( February 28, 2023 LATEST SECURITY NEWS & COMMENTARY [How the Ukraine War Opened a Fault Line in Cybercrime, Possibly Forever]( Infighting, conscription, emigration. The war in Ukraine has pitted cybercriminals against one another like no other event before it. [Attackers Were on Network for 2 Years, News Corp Says]( The publisher of the Wall Street Journal, New York Post, and several other publications had last year disclosed a breach it said was the work of a state-backed actor likely working for China. [Mobile Banking Trojans Surge, Doubling in Volume]( Mobile malware developers were busy bees in 2022, flooding the cybercrime landscape with twice the number of banking trojans than the year before. [As Social Engineering Attacks Skyrocket, Evaluate Your Security Education Plan]( Build a playbook for employees on how to handle suspicious communications, use mail filters, and screen and verify unfamiliar calls to bolster a defensive social engineering security strategy. [Wiz Reaches $10B Valuation With Consolidated Cloud Security Platform]( Cloud security vendor Wiz has raised $900 million since its founding in 2020. [(Sponsored Article) Generative AI Changes Everything We Know About Cyberattacks]( Generative AI is heating up everywhere and fundamentally changing everything we know about how cybercriminals develop and deploy attacks. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Canadian Telecom Firm Telus Reportedly Investigating Breach]( A threat actor has leaked data — purportedly, samples of Telus employee payroll data and source code — on a hacker site. [To Safeguard Critical Infrastructure, Go Back to Basics]( CISA's recently released cybersecurity performance goals can help lower risk and thwart the impact of cyberattacks. [Wiper Malware Surges Ahead, Spiking 53% in 3 Months]( Cybercriminals and hacktivists have joined state-backed actors in using sabotage-bent malware in destructive attacks, new report shows. [Why Are My Employees Integrating With So Many Unsanctioned SaaS Apps?]( Before adopting SaaS apps, companies should set security guardrails to vet new vendors and check security integration for misconfiguration risks. [MORE]( EDITORS' CHOICE ['New Class of Bugs' in Apple Devices Opens the Door to Complete Takeover]( With the right kind of exploit, there's hardly any function, app, or bit of data an attacker couldn't access on your Mac, iPad, or iPhone. LATEST FROM THE EDGE [All CVEs Are Not Created Equal]( Vulnerabilities impact each industry differently, so each sector needs to think about its defenses and vulnerability management differently. LATEST FROM DR TECHNOLOGY [How to Reduce Code Risk Using Pipelineless Security]( The exposure and exploitation of hardcoded secrets continues to drive software supply chain attacks. One solution: zero new hardcoded secrets. WEBINARS - [The Importance of Bespoke Security]( In this webinar, you will hear from our subject matter experts, Hanah Darley, Head of Threat Research and Toby Lewis, Global Head of Threat Analysis. The discussion will cover the difference between media coverage of cyber threats compared with the ... - [Shoring Up the Software Supply Chain Across Enterprise Applications]( Modern-day software development depends heavily on third-party components, libraries, and frameworks. Attackers are increasingly targeting these software building blocks to compromise enterprise applications. In this webinar, experts discuss the ever-expanding software attack surface. Find out where potential attack vectors are ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [The Essential Guide to Secure Web Gateway]( - [The Relationship Between Security Maturity and Business Enablement]( - [How to Simplify Security with a Cybersecurity Mesh Architecture]( - [Why Account Security Doesn't Stop at Login]( - [IT/OT Convergence Enables Security Operations Synergies]( - [Top Three Considerations To Build, Deploy, and Run Your Application Journey]( - [What Elite Threat Hunters See that Others Miss]( [View More White Papers >>]( FEATURED REPORTS - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... - [10 Hot Talks From Black Hat USA 2022]( Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ... - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Active Digital Identity Apps to Surpass 4.1B by 2027]( [Vouched Raises $6.3M to Expand AI Identity Verification Offering to Telemedicine and Healthcare]( [Palo Alto Announces Zero-Trust Security Solution for OT]( [ThreatHunter.ai Launches "More Eyes" Program to Help Large Organizations Mitigate Cyber Threats]( [Edgio Strengthens Security Offering With WAAP Enhancements and DDoS Scrubbing Solution]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [The Promise and Reality of Cloud Security]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)