Massive macOS Campaign Targets Crypto Wallets, Data

Threat actors are distributing new "Realst" infostealer via fake blockchain games, researchers warn. [TechWeb]( Follow Dark Reading: [RSS]( July 27, 2023 LATEST SECURITY NEWS & COMMENTARY [Massive macOS Campaign Targets Crypto Wallets, Data]( Threat actors are distributing new "Realst" infostealer via fake blockchain games, researchers warn. [Peloton Bugs Expose Enterprise Networks to IoT Attacks]( Hackers have three key pathways — the OS, apps, and malware — for leveraging the popular home fitness equipment as initial access for data. compromise, ransomware, and more ['Nitrogen' Ransomware Effort Lures IT Pros via Google, Bing Ads]( Forget temps and new employees. A new malicious campaign compromises organizations through a high risk, high reward vector: IT professionals. [SEC Adopts New Rule on Cybersecurity Incident Disclosure Requirements]( Boards must now file notice of a "material incident" within four business days, although questions remain. [Thales Agrees to Buy App Security Vendor Imperva in $3.6B Deal]( The deal is expected to give the French vendor a larger presence in the application and API security markets, as well as in North America. [Kubernetes and the Software Supply Chain]( Trusted content is paramount in securing the supply chain. [Cybercrime as a Public Health Crisis]( The impact of fraud on a victim's health and well-being can be more painful than the financial loss. [Former NSA-er Harry Coker Nominated National Cyber Director]( The potential nominee is coming in with a model resume and background in cyberspace, as well as strong political support from the Hill. [(Sponsored Article) How to Use Log Management to Retrace Your Digital Footsteps]( Log management tools help IT and security teams monitor and improve a system's performance by identifying bugs, cybersecurity breaches, and other issues that can create outages or compliance problems. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS ['FraudGPT' Malicious Chatbot Now for Sale on Dark Web]( The subscription-based, generative AI-driven offering joins a growing trend toward "generative AI jailbreaking" to create ChatGPT copycat tools for cyberattacks. [10 Free Purple Team Security Tools to Check Out]( Check out the curated list of cool tools and platforms for both offensive security experts and defenders which will be released or demoed at Black Hat USA 2023. [Beyond ChatGPT: Organizations Must Protect Themselves Against the Power of AI]( Artificial intelligence-powered threats are already affecting businesses, schools, hospitals, and individuals, and it will only get worse as AI advances. [Designing a Security Strategy for Defending Multicloud Architectures]( Complex security issues arise when different clouds and computing models interact. [MORE]( EDITORS' CHOICE [Patch Now: Up to 900K MikroTik Routers Vulnerable to Total Takeover]( Researchers have delivered working exploits for RouterOS, which when combined with default admin passwords can be a recipe for cyber disaster. LATEST FROM DR TECHNOLOGY [Kyndryl Expands Managed Security Services With More SOC Options]( The "SOC as a platform" offers organizations with integrated security and IT operations management. LATEST FROM THE EDGE [Companies Must Have Corporate Cybersecurity Experts, SEC Says]( Enterprises now must describe their management's expertise in cybersecurity. But what exactly does that entail? LATEST FROM DR GLOBAL [ETSI Dismisses Claims of 'Backdoor' Vulnerabilities in TETRA Standard]( Nonetheless, European standards body revised the wireless standard and insists its integrity remains sound. WEBINARS - [Best Practices and Tools for OT and IT Security]( For years, information technology and operations technology systems have existed in parallel, but that is no longer the case. As the attack against Colonial Pipeline illustrated, attacks against IT can potentially impact OT, and vice versa. OT environments have their ... - [Finding a Backup Strategy That Works For You]( You've been hit with a ransomware, DDoS, natural disaster, or destructive cyberattack. One of the first questions: can we get our data back? Good back-ups are key to business continuity and disaster recovery, but backing up your data in preparation ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [The Ultimate Guide to the CISSP]( - [Rediscovering Your Identity]( - [2023 Global Future of Cyber Report]( - [Cybersecurity in a post pandemic world: A focus on financial services]( - [Cybersecurity in 2023 and beyond: 12 leaders share their forecasts]( - [Know your customer: Enable a 360-degree view with customer identity & access management]( [View More White Papers >>]( FEATURED REPORTS - [Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware]( - [Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks]( The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ... - [How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment]( Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Rezilion Uncovers High-Risk Vulnerabilities Missing From CISA KEV Catalog]( [Why Computer Security Advice Is More Confusing Than It Should Be]( [50% of Zero Trust Programs Risk Failure According to PlainID Survey]( [SE Labs Unveils Latest Comparative Analysis of Endpoint Detection and Response Products]( [KnowBe4 Phishing Test Results Reveal Half of Top Malicious Email Subjects Are HR Related]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [How to Use Threat Intelligence to Mitigate Third-Party Risk]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=117503&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_07.27.23&sp_cid=49306&utm_content=DR_NL_Dark%20Reading%20Daily_07.27.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#23 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)