US Lawmakers Face Cyberattacks, Potential Physical Harm After DC Health Link Breach

The threat actor who posted the data for sale has claimed credit for multiple other breaches, including one at grocery platform Weee! that exposed data on more than 1.1 million customers. The threat actor who posted the data for sale has claimed credit for multiple other breaches, including one at grocery platform Weee! that exposed data on more than 1.1 million customers. [TechWeb]( Follow Dark Reading: [RSS]( March 10, 2023 LATEST SECURITY NEWS & COMMENTARY [US Lawmakers Face Cyberattacks, Potential Physical Harm After DC Health Link Breach]( The threat actor who posted the data for sale has claimed credit for multiple other breaches, including one at grocery platform Weee! that exposed data on more than 1.1 million customers. [IceFire Ransomware Portends a Broader Shift From Windows to Linux]( IceFire has changed up its OS target in recent cyberattacks, emblematic of ransomware actors increasingly targeting Linux enterprise networks, despite the extra work involved. [Inside Threat: Developers Leaked 10M Credentials, Passwords in 2022]( More than five out of every 1,000 commits to GitHub included a software secret, half again the rate in 2021, putting applications and businesses at risk. [Iranian APT Targets Female Activists With Mahsa Amini Protest Lures]( A top Iranian, state-sponsored threat is a spear-phishing campaign that uses a fake Twitter persona to target women interested in Iranian political affairs and human rights. [AT&T Vendor Breach Exposes Data on 9M Wireless Accounts]( AT&T is notifying customers of a Customer Proprietary Network Information compromise, exposing years-old upgrade details. [Medusa Gang Video Shows Minneapolis School District's Ransomed Data]( Much like a hostage's proof-of-life video, the ransomware gang offers the film as verification that it has the goods, and asks $1 million for the data. [5 Critical Components of Effective ICS/OT Security]( These agile controls and processes can help critical infrastructure organizations build an ICS security program tailored to their own risk profile. [How to Jump-Start Your Cybersecurity Career]( With more than 700,000 cybersecurity jobs available, now is a good time to consider a career change. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [AI-Powered 'BlackMamba' Keylogging Attack Evades Modern EDR Security]( Researchers warn that polymorphic malware created with ChatGPT and other LLMs will force a reinvention of security automation. [Rising Public Cloud Adoption Is Accelerating Shadow Data Risks]( Using a risk-based approach to deal with policy violations and continuous compliance monitoring will help avoid data exposures and fines. [Scams Security Pros Almost Fell For]( By working together as an industry, we can develop the technologies needed to account for human error. [MORE]( EDITORS' CHOICE [TSA Issues Urgent Directive to Make Aviation More Cyber Resilient]( Will stricter cybersecurity requirements make flying safer? The TSA says yes, and sees it as a time-sensitive imperative. LATEST FROM THE EDGE [Name That Edge Toon: Domino Effect]( Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card. LATEST FROM DR TECHNOLOGY [Machine Learning Improves Prediction of Exploited Vulnerabilities]( The third iteration of the Exploit Prediction Scoring System (EPSS) performs 82% better than previous versions, giving companies a better tool for evaluating vulnerabilities and prioritizing patching. WEBINARS - [ChatGPT: Defending Your Business Against AI-Supercharged Ransomware]( This webinar will dig into the ways criminals are projected to take advantage of ChatGPT and other AI tools to improve the reach and effectiveness of their ransomware attacks. The session will conclude with a review of a 12-step plan ... - [SecDevOps: The Smart Way to Shift Left]( DevOps has changed the way software is developed, written, and run. But many organizations are still trying to figure out how to build security into application development. In this webinar, experts discuss the integration of security and DevOps - sometimes ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [Evaluator's Guide for Managed Detection and Response (MDR) Services]( - [Making Cybersecurity Mesh a Reality]( - [Why Account Security Doesn't Stop at Login]( - [IT/OT Convergence Enables Security Operations Synergies]( - [What Elite Threat Hunters See that Others Miss]( - [State of Enterprise Cybersecurity: Invest Now, or Pay Big Later]( - [The 2022 State of Cloud Security Report]( [View More White Papers >>]( FEATURED REPORTS - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... - [10 Hot Talks From Black Hat USA 2022]( Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ... - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Keeper Security Issues Top 5 Cybersecurity Tips for 2023 College Basketball Tournament]( [Forrester Study Reveals Businesses Are Insufficiently Prepared to Manage Enterprise Risks]( [Avast Introduces Avast One Platinum]( [ThreatBlockr Announces Partnership With Engaged Security Partners]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [The Promise and Reality of Cloud Security]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)