Majority of US IT Pros Told to Keep Quiet About Data Breaches

To report or not report? While more than half of all companies have suffered a data breach, 71% of IT professionals say they have been told to not report an incident, which could mean legal jeopardy. [TechWeb]( Follow Dark Reading: [RSS]( April 14, 2023 LATEST SECURITY NEWS & COMMENTARY [Majority of US IT Pros Told to Keep Quiet About Data Breaches]( To report or not report? While more than half of all companies have suffered a data breach, 71% of IT professionals say they have been told to not report an incident, which could mean legal jeopardy. [New Mirai Variant Employs Uncommon Tactics to Distribute Malware]( RapperBot's initial infection tactic is one example of the different methods attackers are using to distribute malware. [Remcos RAT Targets Tax Pros to Scurry Off With Workers' Filing Info]( Something exciting to liven up tax season: cybercriminals accessing sensitive personal information for individuals through the army of accountants preparing for Tax Day in the US. [Legion Malware Marches onto Web Servers to Steal Credentials, Spam Mobile Users]( A novel credential harvester compromises SMTP services to steal data from a range of hosted services and providers, and can also launch SMS-based spam attacks against devices using US mobile carriers. [How to Define Tier-Zero Assets in Active Directory Security]( There are plenty of AD objects and groups that should be considered tier zero in every environment, but some will vary among organizations. [The Internet Reform Trilemma]( An "open" Internet faces challenges from autocratic governance models. Policymakers should instead think about creating an Internet that's equitable, inclusive, and secure. [Money Ransomware Group Enters Double-Extortion Fray]( Ransomware group uses API calls to spread throughout shared network resources, researchers say. [Super-Yacht Specialist Lürssen in Dry Dock After Ransomware Attack]( The ransomware attack proves that even the wealthiest cannot buy their immunity from threat actors. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [LastPass Breach Reveals Important Lessons]( Devastating cyberattacks often can be prevented with basic cybersecurity measures. [7 Things Your Ransomware Response Playbook Is Likely Missing]( Incident response experts share their secrets for success when it comes to creating a professional-grade ransomware response playbook. Are you ready for the worst? [Microsoft Patches 97 CVEs, Including Zero-Day & Wormable Bugs]( The April 2023 Patch Tuesday security update also included a reissue of a fix for a 10-year-old bug that a threat actor recently exploited in the supply chain attack on 3CX. [MORE]( EDITORS' CHOICE [Microsoft: NSO Group-Like 'QuaDream' Actor Selling Mobile Spyware to Governments]( Researchers at Microsoft have discovered links between a threat group tracked as DEV-0196 and an Israeli private-sector company, QuaDream, that sells a platform for exfiltrating data from mobile devices. LATEST FROM THE EDGE [Designing Tabletop Exercises That Actually Thwart Attacks]( Have you ever wondered how they design blue team exercises? One ransomware and cyber extortion simulation demonstrates the best practices. LATEST FROM DR TECHNOLOGY [Why the US Needs Quantum-Safe Cryptography Deployed Now]( Quantum computers might be a decade away, but guess how long it will take to switch systems over to post-quantum cryptography? WEBINARS - [Artificial Intelligence, ChatGPT and Cybersecurity: A Match Made in Heaven or a Hack Waiting to Happen?]( Artificial intelligence (AI) is no longer science fiction. Software vendors have been integrating AI into products for years, which has led to innovations such as improved threat detection and training opportunities. But the emergence of newer technologies like DALL-E and ... - [How to Launch a Threat Hunting Program]( Security teams need to be more proactive about finding threats before they can cause too much damage. How do these enterprises build threat hunting programs? What stakeholders needs to be involved? What skills are necessary for the threat hunting team? ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [The Essential Guide to Secure Web Gateway]( - [The Relationship Between Security Maturity and Business Enablement]( - [How to Simplify Security with a Cybersecurity Mesh Architecture]( - [Unit 42 Retainer]( - [Cloud Incident Response Datasheet]( - [Transform Your Security Strategy]( - [2022 Unit 42 Incident Response Report]( [View More White Papers >>]( FEATURED REPORTS - [The 10 Most Impactful Types of Vulnerabilities for Enterprises Today]( The enterprise attack surface is constantly expanding. Enterprises have to think beyond zero day vulnerabilities. It's imperative security teams start looking at vulnerabilities in 5G, firmware, edge, and ICS/OT, among others. Managing system vulnerabilities is one of the old ... - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [(ISC)² Certified in Cybersecurity Earns ANAB Accreditation to ISO 17024 and Surpasses 15,000 Certification Holders]( [Menlo Security Illustrates Importance of Browser Security as 4 in 5 Ransomware Attacks Include Threats Beyond Data Encryption]( [VulnCheck Named CVE Numbering Authority for Common Vulnerabilities and Exposures]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [The 10 Most Impactful Types of Vulnerabilities for Enterprises Today]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)