Zoom Zoom: 'Dark Power' Ransomware Extorts 10 Targets in Less Than a Month

A new threat actor is racking up victims and showing unusual agility. Part of its success could spring from the use of the Nim programming language. [TechWeb]( Follow Dark Reading: [RSS]( March 27, 2023 LATEST SECURITY NEWS & COMMENTARY [Zoom Zoom: 'Dark Power' Ransomware Extorts 10 Targets in Less Than a Month]( A new threat actor is racking up victims and showing unusual agility. Part of its success could spring from the use of the Nim programming language. [Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest]( In two days, ethical researchers from 10 countries have unearthed more than 22 zero-day bugs in a wide range of technologies at the annual hacking contest. [Malicious ChatGPT Extensions Add to Google Chrome Woes]( The second malicious ChatGPT extension for Chrome has been discovered, giving malicious actors access to users' Facebook accounts through stolen cookies. [Application Security Requires More Investment in Developer Education]( If you haven't done so already, it's time to take the first step toward solving this application security dilemma. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [ChatGPT Gut Check: Cybersecurity Threats Overhyped or Not?]( UK cybersecurity authorities and researchers tamp down fears that ChatGPT will overwhelm current defenses, while the CEO of OpenAI worries about its use in cyberattacks. [Are You Talking to a Carbon, Silicon, or Artificial Identity?]( In the triumvirate of identity types, protecting the identity, privacy, and data of carbon-based forms — humans — is key. Safeguards must be in place as AI becomes more interactive. [Custom 'Naplistener' Malware a Nightmare for Network-Based Detection]( Threat actors are using legitimate network assets and open source code to fly under the radar in data-stealing attacks using a set of custom malware bent on evasion. [MORE]( EDITORS' CHOICE [Okta Post-Exploitation Method Exposes User Passwords]( Accidentally typing a password in the username field of the platform saves them to audit logs, to which threat actors can gain access and use to compromise enterprise services. LATEST FROM THE EDGE [Red Teaming at Scale to Uncover Your Big Unknowns]( A contrarian mindset with applied imagination allows security professionals to assess problems in their organizations, prevent failures, and mitigate vulnerabilities. LATEST FROM DR TECHNOLOGY [Technology Firms Delivering Much-Sought Encryption-in-Use]( If the approaches stand up to scrutiny, companies may soon be able to encrypt most databases in a way that allows using data without the need to decrypt to plaintext. WEBINARS - [How Applications Are Attacked: A Year in Application Security]( Cloudflare sees up to 61 million requests per second, meaning we have an unprecedented view into Internet trends like application attacks and API traffic, and automated bot activity. We have put that incredible visibility to use by profiling a year of ... - [Ten Emerging Vulnerabilities Every Enterprise Should Know]( Every day, black hat attackers and white hat researchers are discovering new security vulnerabilities in widely-used systems and applications that might be exploited to compromise your data. Are you aware of the newest - and potentially most impactful - vulnerabilities ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [The Essential Guide to Secure Web Gateway]( - [Enable and Protect Your Remote Workforce]( - [The Relationship Between Security Maturity and Business Enablement]( - [IT/OT Security Platform Navigator 2022]( - [2022 State of OT Cybersecurity Report]( - [IT/OT Convergence Enables Security Operations Synergies]( - [The 2022 State of Cloud Security Report]( [View More White Papers >>]( FEATURED REPORTS - [The 10 Most Impactful Types of Vulnerabilities for Enterprises Today]( The enterprise attack surface is constantly expanding. Enterprises have to think beyond zero day vulnerabilities. It's imperative security teams start looking at vulnerabilities in 5G, firmware, edge, and ICS/OT, among others. Managing system vulnerabilities is one of the old ... - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... - [10 Hot Talks From Black Hat USA 2022]( Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Red Teaming at Scale to Uncover Your Big Unknowns]( [XM Cyber Announces Acquisition of Confluera, Adding Run-Time Protection on Cloud Workloads]( [BigID's Data Security Posture Management Solution Integrates With SOAR Platforms]( [Prancer Announces Integration With ChatGPT for Enhanced Security Assessments]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [The 10 Most Impactful Types of Vulnerabilities for Enterprises Today]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)