Boeing Confirms Cyberattack, System Compromise

The aerospace giant said it's alerting customers that its parts and distribution systems have been impacted by cyberattack. [TechWeb]( Follow Dark Reading: [RSS]( November 02, 2023 LATEST SECURITY NEWS & COMMENTARY [Boeing Confirms Cyberattack, System Compromise]( The aerospace giant said it's alerting customers that its parts and distribution systems have been impacted by cyberattack. [More Than 100 Vulns in Microsoft 365 Tied to SketchUp 3D Library]( While Microsoft patched the issues in June, support for SketchUp appears to remain disabled in Microsoft 365. [Atlassian Customers Should Patch Latest Critical Vuln Immediately]( Atlassian CISO warns Confluence Data Center and Server customers they're vulnerable to "significant data loss" if all on-premises versions aren't patched. [ISC2 Study: Economic Conditions Continue to Sandbag Cyber Hiring]( Nearly 1.5 million people work in cybersecurity in North America, but even with a growing gap in skilled specialists, they bear a higher chance of hiring freezes and layoffs. [Global AI Cybersecurity Agreement Signed At Turing's Bletchley Park]( Dozens of countries commit to collaborate on artificial intelligence cybersecurity, fittingly at the British home of the WWII codebreakers. [British, Toronto Libraries Struggle After Cyber Incidents]( It's unknown who the threat actors are and whether the outages are connected. [3 Ways to Close the Cybersecurity Skills Gap — Now]( The future of the cybersecurity workforce will rely less on long-led legacy education models and more on skills-now training. [It's Cheap to Exploit Software — and That's a Major Security Problem]( The solution? Follow in the footsteps of companies that have raised the cost of exploitation. [(Sponsored Article) Getting Smart With Cybersecurity: AI Can Help the Good Guys, Too]( With the rapid advancement and adoption of artificial intelligence (AI) in cybersecurity, the benefits of speed and accuracy are becoming clearer every day. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS ['Prolific Puma' Hacker Gives Cybercriminals Access to .us Domains]( Cybercriminals are upping their phishing with shortened links and showing that coveted, regulated top-level domains aren't as exclusive as you'd think. [20 Years Later, Is Patch Tuesday Enough?]( Microsoft's longstanding practice isn't enough to handle its vulnerability problem. [US Leads 40-Country Alliance to Cut Off Ransomware Payments]( The parties within the International Counter Ransomware Initiative intend to use information-sharing tools and AI to achieve their goals of cutting off the financial resources of threat actors. [Survey: AppSec Maturity Hindered by Staffing, Budgets, Vulnerabilities]( Report highlights the challenges impeding the applications industry from achieving AppSec maturity. [MORE]( EDITORS' CHOICE [SEC Charges Against SolarWinds CISO Send Shockwaves Through Security Ranks]( The legal actions may have a chilling effect on hiring CISOs, who are already in short supply, but may also expose just how budget-constrained most security executives are. LATEST FROM THE EDGE [A Ukrainian Company Shares Lessons in Wartime Resilience]( The CTO of MacPaw provides a case study in planning for cybersecurity and uptime in the face of armed conflict. LATEST FROM DR TECHNOLOGY [New Index Finds AI Models Are Murky, Not Transparent At All]( Despite the growing demand for AI transparency, 10 of the better-known models did not score very highly on Stanford's new Foundation Model Transparency Index. LATEST FROM DR GLOBAL [FBI Director Warns of Increased Iranian Attacks]( Christopher Wray tells the US Senate that more US infrastructure will be targeted for cyberattacks in the wake of the Gaza conflict. WEBINARS - [Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication Methods]( Inadequate authentication measures leave your digital identity vulnerable to cybercriminals. Tools like multi-factor authentication, biometrics, passwords, PINs, and tokens are all more vulnerable to attacks and social engineering than you realize. And one wrong move leaves you and your organization ... - [Building an Effective Active Directory Security Strategy]( For many organizations, Microsoft's Active Directory is the source of truth for user identity and system access. For criminals, Active Directory is a gold mine of information for moving laterally through the corporate infrastructure. Despite its importance, many security teams ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [The Forrester Wave: External Threat Intelligence Service Providers, Q3 2023]( - [Threat Intelligence: Data, People and Processes]( - [Global Perspectives on Threat Intelligence]( - [Building Cyber Resiliency: Key Strategies for Proactive Security Operations]( - [Mandiant Threat Intelligence at Penn State Health]( - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [The Ultimate Guide to the CISSP]( [View More White Papers >>]( FEATURED REPORTS - [How to Deploy Zero Trust for Remote Workforce Security]( - [How to Use Threat Intelligence to Mitigate Third-Party Risk]( The report discusses the various steps of a continuous third-party intelligence lifecycle: Data collection, Data classification, Data storage, Data analysis, reporting, dissemination, continuous monitoring, data governance, and choosing the right technology stack. The report also includes information about how attackers ... - [How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment]( Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Graylog Secures $39 Million Investment to Accelerate Growth and Security Product Line Expansion]( [ReasonLabs Unveils RAV VPN for Apple iOS]( [Proofpoint Signs Definitive Agreement to Acquire Tessian]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Effective Security Analytics for Enterprises]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=119077&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_11.02.23&sp_cid=50357&utm_content=DR_NL_Dark%20Reading%20Daily_11.02.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#85 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)