Ubuntu Linux Cloud Workloads Face Rampant Root Take Takeovers

Some 40% of Ubuntu Linux cloud workloads subject to GameOverlay security bugs in the OverlayFS module. [TechWeb]( Follow Dark Reading: [RSS]( July 28, 2023 LATEST SECURITY NEWS & COMMENTARY [Ubuntu Linux Cloud Workloads Face Rampant Root Take Takeovers]( Some 40% of Ubuntu Linux cloud workloads subject to GameOverlay security bugs in the OverlayFS module. [Millions of People Affected in MOVEit Attack on US Gov't Vendor]( Living up to its name, Maximus sees a whale of a breach that affects millions of people's sensitive government records, including health data. [Ryanair Hit With Lawsuit Over Use of Facial Recognition Technology]( Airline violates privacy protections of the EU's General Data Protection Regulation, plaintiff says, seeking a $210 million fine. [Despite Post-Log4j Security Gains, Developers Can Still Improve]( Developers need more software security safeguards earlier in the process, especially as AI becomes more common. [TSA Updates Pipeline Cybersecurity Requirements]( The updates will require pipeline owners and operators to do more than just plan for potential cyberattacks; now, those plans will need to be tested. [Group-IB Co-Founder Sentenced to 14 Years in Russian Penal Colony]( Ilya Sachkov, convicted of treason by the Kremlin, will serve time in one of Russia's prison camps, which feature rigid schedules and isolation from the outside world, critics say. [Why Today's CISOs Must Embrace Change]( With change happening faster than ever before, tools can help bridge capability gaps, along with accelerated workforce training. [What Will CISA's Secure Software Development Attestation Form Mean?]( The proposed attestation form is meant to help secure the software chain and formalizes the role of the SBOM as the first line of defense. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS ['Nitrogen' Ransomware Effort Lures IT Pros via Google, Bing Ads]( Forget temps and new employees. A new malicious campaign compromises organizations through a high risk, high reward vector: IT professionals. [Peloton Bugs Expose Enterprise Networks to IoT Attacks]( Hackers have three key pathways — the OS, apps, and malware — for leveraging the popular home fitness equipment as initial access for data. compromise, ransomware, and more. [Kubernetes and the Software Supply Chain]( Trusted content is paramount in securing the supply chain. [Cybercrime as a Public Health Crisis]( The impact of fraud on a victim's health and well-being can be more painful than the financial loss. [MORE]( EDITORS' CHOICE [Massive macOS Campaign Targets Crypto Wallets, Data]( Threat actors are distributing new "Realst" infostealer via fake blockchain games, researchers warn. LATEST FROM DR TECHNOLOGY [Cyclops Launches From Stealth With Generative AI-Based Search Tool]( The contextual cybersecurity search platform helps security teams gather information about the organization’s environment and security posture. LATEST FROM THE EDGE [Why CISOs Should Get Involved With Cyber Insurance Negotiation]( Everyone benefits — the CISO, the company, and the insurer — when CISOs are included in arranging cyber insurance. LATEST FROM DR GLOBAL [Israeli-Trained Azerbaijan Cyber Students Mark Inaugural Graduation]( Azerbaijan minister pledges to train many more cyber specialists in the coming years to improve regional cyber-readiness. WEBINARS - [The Dark Side of AI: Unmasking its Threats and Navigating the Shadows of Cybersecurity in the Digital Age]( Artificial Intelligence has come roaring to the forefront of today's technology landscape. It has revolutionized industries and will modernize careers, bringing numerous benefits and advancements to our daily lives. However, it is crucial to recognize that AI also introduces unseen ... - [Best Practices and Tools for OT and IT Security]( For years, information technology and operations technology systems have existed in parallel, but that is no longer the case. As the attack against Colonial Pipeline illustrated, attacks against IT can potentially impact OT, and vice versa. OT environments have their ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [The Ultimate Guide to the CISSP]( - [Rediscovering Your Identity]( - [2023 Global Future of Cyber Report]( - [Cybersecurity in a post pandemic world: A focus on financial services]( - [Cybersecurity in 2023 and beyond: 12 leaders share their forecasts]( - [Know your customer: Enable a 360-degree view with customer identity & access management]( [View More White Papers >>]( FEATURED REPORTS - [Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware]( - [Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks]( The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ... - [Shoring Up the Software Supply Chain Across Enterprise Applications]( Supply chain security attacks are growing at an alarming pace, and things are going to keep getting worse until DevSecOps teams get on the same page. A little help from the feds could also be welcome Modern-day software development depends ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Coro Acquires Network Security Startup Privatise]( [Rezilion Uncovers High-Risk Vulnerabilities Missing From CISA KEV Catalog]( [SE Labs Unveils Latest Comparative Analysis of Endpoint Detection and Response Products]( [50% of Zero Trust Programs Risk Failure According to PlainID Survey]( [KnowBe4 Phishing Test Results Reveal Half of Top Malicious Email Subjects Are HR Related]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [How to Use Threat Intelligence to Mitigate Third-Party Risk]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=117517&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_07.28.23&sp_cid=49320&utm_content=DR_NL_Dark%20Reading%20Daily_07.28.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#19 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)