Sprawling Qakbot Malware Takedown Spans 700,000 Infected Machines

"Operation Duck Hunt" is not likely to eliminate the initial access botnet forever, but the proactive removal of the malware from victim machines by law enforcement is one of the largest and most significant efforts of its kind. [TechWeb]( Follow Dark Reading: [RSS]( August 30, 2023 LATEST SECURITY NEWS & COMMENTARY [Sprawling Qakbot Malware Takedown Spans 700,000 Infected Machines]( "Operation Duck Hunt" is not likely to eliminate the initial access botnet forever, but the proactive removal of the malware from victim machines by law enforcement is one of the largest and most significant efforts of its kind. [Unpatched Citrix NetScaler Devices Targeted by Ransomware Group FIN8]( Citrix issued a patch for the critical remote code execution bug in July for its NetScaler devices. [Meta Cripples China's Signature 'Spamouflage' Influence Op]( The social media giant is taking on Dragonbridge, the "largest known cross-platform covert influence operation in the world." [Kroll's Crypto Breach Highlights SIM-Swapping Risk]( Information was exposed on hundreds of crypto-related bankruptcy claimants in proceedings involving FTX, Genesis, and BlockFI. [Rackspace Faces Massive Cleanup Costs After Ransomware Attack]( Eight months after the cyberattack, the cloud hosting services company's remediation costs top $10 million as it tries to repair the damage caused by the Play ransomware gang. [Addressing Cybersecurity's Talent Shortage & Its Impact on CISOs]( CISOs need to educate all arms of the business on security best practices so it becomes part of the business culture, thus expanding who's keeping watch. Automating routine tasks will help scale security. [Here's What Your Breach Response Plan Might Be Missing]( The best way to withstand a data breach is to be prepared. Here are four elements that are easily overlooked in breach response plans. [Somalia Orders ISPs to Block Telegram and TikTok]( Officials said the apps were used to "spread horrific content and misinformation to the public." [(Sponsored Article) Better SaaS Security Goes Beyond Procurement]( The impulse to achieve strong SaaS security adherence through strict gatekeeping during procurement fails to reduce the risk that matters most. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [5 Ways to Prepare for Google's 90-Day TLS Certificate Expiration]( With bad guys frequently upping their game, security can't leave these protections to a once-a-year upgrade. [Cybercriminals Harness Leaked LockBit Builder in Wave of New Attacks]( Enterprising, or simply lazy, cybercriminals are using Lockbit v3 to cut corners on ransomware. [China Unleashes Flax Typhoon APT to Live Off the Land, Microsoft Warns]( The cyber-espionage group has created a stealthy, hard-to-mitigate network of persistent access across a range of organizations, but the endgame is unclear. [Legal Liability for Insecure Software Might Work, but It's Dangerous]( Imposing government-regulated security requirements on software companies may go too far and create unintended consequences. [MORE]( EDITORS' CHOICE [Motherboard Mishaps Undermine Trust, Security]( MSI and Microsoft warn about new Windows Preview blue screens on some motherboards, the latest mishap to raise questions over the reliability of hardware and firmware. LATEST FROM THE EDGE [Vendors Training AI With Customer Data Is an Enterprise Risk]( While Zoom has scrapped plans to harvest customer content for use in its AI and ML models, the incident should raise concerns for enterprises and consumers alike. LATEST FROM DR TECHNOLOGY [6 Ways AI Can Revolutionize Digital Forensics]( Artificial intelligence tools can automate the analysis of logs, video, and other important but tedious aspects of investigations. LATEST FROM DR GLOBAL [South African Department of Defence Denies Stolen Data Claims]( Attackers leaked 1.6TB of stolen data, which government officials dismissed as "fake news." WEBINARS - [The Evolution of the Vulnerability Landscape in 2023]( While this summer has been jokingly called "zero-day summer" by some, 2023 fits Mandiant observations that zero-day exploitation has been trending upward for the last few years. As shown in our zero-day trends blog post, Mandiant tracked 55 zero-day vulnerabilities that we ... - [Passwords Are Passe: Next Gen Authentication for Today's Threats]( Cyber experts agree: end-user authentication needs more than the simple password. But what are the right tools and strategies for authentication in your organization? What does the world of passwordless look like for your organization? In this webinar, experts offer ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [Global Perspectives on Threat Intelligence]( - [Causes and Consequences of IT and OT Convergence]( - [2023 Work-From-Anywhere Global Study]( - [2023 Global Future of Cyber Report]( - [Cybersecurity in a post pandemic world: A focus on financial services]( - [Cybersecurity in 2023 and beyond: 12 leaders share their forecasts]( - [Know your customer: Enable a 360-degree view with customer identity & access management]( [View More White Papers >>]( FEATURED REPORTS - [Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware]( - [Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks]( The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ... - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [PurFoods Mom's Meals Reports Data Breach Exposing Social Security Numbers of Over 1.2 Million Consumers]( [Delinea Research Reveals a Cyber Insurance Gap]( [Everest Group Research: C-Suite Must Recognize Critical Difference Between Cybersecurity and Cyber Resilience]( [SPHERE Appoints Former Johnson & Johnson CISO Marene Allison to Board of Directors]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Where and When Automation Makes Sense for Enterprise Security]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=117913&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_08.30.23&sp_cid=49637&utm_content=DR_NL_Dark%20Reading%20Daily_08.30.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#a0 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)