Cybercriminals 'CAN' Steal Your Car, Using Novel IoT Hack

Your family's SUV could be gone in the night thanks to a headlight crack and hack attack. [TechWeb]( Follow Dark Reading: [RSS]( April 10, 2023 LATEST SECURITY NEWS & COMMENTARY [Cybercriminals 'CAN' Steal Your Car, Using Novel IoT Hack]( Your family's SUV could be gone in the night thanks to a headlight crack and hack attack. [Printers Pose Persistent Yet Overlooked Threat]( Vulnerabilities in the device firmware and drivers underscore how printers cannot be set-and-forget technology and need to be managed. [TikTok, Other Mobile Apps Violate Privacy Regulations]( App developers are ignoring laws and guidelines regulating data protection measures aimed at minors, putting their monetization plans in jeopardy and risking user trust. [Bad Actors Will Use Large Language Models — but Defenders Can, Too]( Security teams need to find the best, most effective uses of large language models for defensive purposes. [Microsoft, Fortra & Health-ISAC Team Up to Remove Illicit Cobalt Strike Tools]( The effort aims to disrupt the use of altered Cobalt Strike software by cybercriminals in ransomware and other attacks. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Researcher Tricks ChatGPT Into Building Undetectable Steganography Malware]( Using only ChatGPT prompts, a Forcepoint researcher convinced the AI to create malware for finding and exfiltrating specific documents, despite its directive to refuse malicious requests. [What to Discuss at RSA Conference — and It's Not ChatGPT]( In-person conversations are a productive way to understand the state of the industry and learn new techniques. Take advantage of peers' experience, compare notes, and boost your skill set. [Australia Is Scouring the Earth for Cybercriminals — the US Should Too]( It's time to get ahead of attacks before they even happen. [MORE]( EDITORS' CHOICE ['BEC 3.0' Is Here With Tax-Season QuickBooks Cyberattacks]( In next-gen, credential-harvesting attacks, phishing emails use cloud services and are free from the typical bad grammar or typos they've traditionally used (and which users have learned to spot). LATEST FROM THE EDGE [Almost Half of Former Employees Say Their Passwords Still Work]( It's not hacking if organizations fail to terminate password access after employees leave. LATEST FROM DR TECHNOLOGY [AppSec Looms Large for RSAC 2023 Innovation Sandbox Finalists]( Application security is the dominant trend for this year's startup contest, but AI, blockchain, and compliance are all represented as well. WEBINARS - [Puzzled by Patching: Solve Endpoint Pains]( In this webinar, you'll learn critical steps to improve your security posture and reduce patching complexity so that your IT team can do more with less while keeping security at the forefront. Now is the time to slay the time-consuming ... - [Expert Advice for Getting the Most from Security Orchestration, Automaton & Response Enterprise Tools]( Over the past few years, many enterprises have been improving cybersecurity by implementing the Security Orchestration, Automation, and Response (SOAR) framework, which provides a path to collect threat data from multiple sources and respond to some security events automatically. How ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [The Essential Guide to Secure Web Gateway]( - [Evaluator's Guide for Managed Detection and Response (MDR) Services]( - [How to Simplify Security with a Cybersecurity Mesh Architecture]( - [Unit 42 Retainer]( - [Cloud Incident Response Datasheet]( - [2022 Unit 42 Incident Response Report]( - [The CISOs Report: Perspectives, Challenges, and Plans for 2022 and Beyond]( [View More White Papers >>]( FEATURED REPORTS - [Shoring Up the Software Supply Chain Across Enterprise Applications]( Supply chain security attacks are growing at an alarming pace, and things are going to keep getting worse until DevSecOps teams get on the same page. A little help from the feds could also be welcome Modern-day software development depends ... - [10 Hot Talks From Black Hat USA 2022]( Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ... - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Cybereason Secures $100M in Funding Led by SoftBank Corp.]( [Industrial Defender Launches Phoenix: OT Visibility & Security Solution for Small to Midsized Operations]( [CardinalOps Launches MITRE ATT&CK Security Layers for Measuring Detection Posture]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [The 10 Most Impactful Types of Vulnerabilities for Enterprises Today]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)