Global TeamCity Exploit Opens Door to SolarWinds-Style Nightmare | MITRE Debuts ICS Threat Modeling for Embedded Systems

Russia's APT29 is going after a critical RCE flaw in the JetBrains TeamCity software developer platform, prompting governments worldwide to issue an urgent warning to patch [TechWeb]( Follow Dark Reading: [RSS]( December 14, 2023 LATEST SECURITY NEWS & COMMENTARY [Global TeamCity Exploitation Opens Door to SolarWinds-Style Nightmare]( Russia's APT29 is going after a critical RCE flaw in the JetBrains TeamCity software developer platform, prompting governments worldwide to issue an urgent warning to patch. [MITRE Debuts ICS Threat Modeling for Embedded Systems]( EMB3D, like ATT&CK and CWE, seeks to provide a common understanding of cyber-threats to embedded devices and of the security mechanisms for addressing them. [Apple: 2.5B Records Exposed, Marking Staggering Surge in Data Breaches]( Data breaches are rapidly accelerating, according to a number-crunching report from Apple this week — heightening the need to finally implement end-to-end data encryption. [Attackers Target Microsoft Accounts to Weaponize OAuth Apps]( After compromising Azure and Outlook user accounts, threat actors are creating malicious apps with high privileges to conduct cryptomining, phishing, and password spraying. [Dozens of Bugs Patched in Apple TVs and Watches, Macs, iPads, iPhones]( A laundry list of tweaks to Safari, Bluetooth, Accessibility, and much more. [Ransomware, Data Breaches Inundate OT & Industrial Sector]( Because of the criticality of remaining operational, industrial companies and utilities are far more likely to pay, attracting even more threat groups and a focus on OT systems. [ALPHV/BlackCat Takedown Appears to Be Law Enforcement Related]( Threat intel sources confirm the ransomware group's site has been shuttered by law enforcement. [Increased Cyber Regulation in the Offing as Attacks Mount]( Cybersecurity could be heading for a Sarbanes Oxley-type of regulation in light of escalating attacks, but the devil is in the details. [Municipalities Face a Constant Battle as Ransomware Snowballs]( As record-breaking volumes of ransomware hit cities, towns, and counties this year, municipalities remain easy targets that pay, and there's no end of the attacks in sight. [Microsoft: Mystery Group Targeting Telcos Linked to Chinese APTs]( Analysis shows evidence the previously unknown Sandman group shares backdoor malware with various Chinese APT groups. [Ex-Uber CISO Advocates 'Personal Incident Response Plan' for Security Execs]( Why Joe Sullivan feels paying off attackers was a way of solving the problem. [Critical WordPress Plug-in RCE Bug Exposes Reams of Websites to Takeover]( Attackers can inject and execute arbitrary PHP code using a flaw in Backup Migration, which has been downloaded more than 90K times. [4 Metrics That Help CISOs Become Strategic Partners With the Board]( To demonstrate the CISO role's value, frame your work using metrics that align with the most critical parts of every business: risk, growth, expenses, and people. [Data's Perilous Journey & Lessons Not Learned From the Target Breach]( A decade after Target suffered a major security breach, are we still disregarding the gaping holes in our cyber fortifications? [The 3 Most Prevalent Cyber Threats of the Holidays]( Chaos and volume of holiday season sales make a perfect storm of threat opportunity. Companies need to prepare — and practice! — action plans, identify key stakeholders, and consider cyber insurance. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Responsibly Implementing AI, the Unstoppable Force]( Balancing the good and bad of AI/ML means being able to control what data you're feeding into AI systems and solving the privacy issues to securely enable generative AI. [As SAT Goes Digital, Schools Must Prepare for Disruption]( Local school districts nationwide need to ensure the basic security and readiness of their network infrastructure before spring 2024. [Software & Security: How to Move Supply Chain Security Up the Agenda]( Getting more insight helps you to prioritize across all your systems, letting you drive more collaboration, real change, and real success for your teams. [MORE]( PRODUCTS & RELEASES [Survey: 90% of IT Pros Felt Prepared for a Password-Based Cyberattack, Yet More Than Half Fell Victim to One]( [Fortress Information Security & CodeSecure Team Up to Analyze SBOMs & Remediate Critical Vulnerabilities]( [CISOs See Software Supply Chain Security as Bigger Blind Spot Than GenAI: Cycode]( [Cybersixgill Announces Identity Intelligence Module for Threat Analysis]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Microsoft Gives Admins a Reprieve With Lighter-Than-Usual Patch Update]( The company's final patch release for 2023 contained fixes for a total of just 36 vulnerabilities — none of which, for a change, were zero-days. LATEST FROM THE EDGE [Tips for Modernizing SecOps Teams]( Dark Reading's special report looks at ways security operations teams can improve their efficiency and effectiveness to address the latest threats. LATEST FROM DR TECHNOLOGY [Confidential AI Protects Data and Models Across Clouds]( Confidential AI integrates zero trust and confidential computing to guard data and models during inferencing, training, learning, and fine-tuning. LATEST FROM DR GLOBAL [Debate Roils Over Extent of Nation-State Cyber Involvement in Gaza]( Are hacktivists under the control of nation-states, or are they just independent contractors acting on their behalf? WEBINARS - [Everything You Need to Know About DNS Attacks]( - [SecOps & DevSecOps in the Cloud]( Security teams today face the dual challenge of securing cloud-native applications as well as their software development processes that increasingly operate in the cloud. At the same time, attacks are rising against misconfigured cloud instances as well as a new ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [The Ultimate Guide to the CISSP]( [View More White Papers >>]( FEATURED REPORTS - [What Ransomware Groups Look for in Enterprise Victims]( Ransomware attackers cast a wide net -- they just care about causing damage, making money, and gaining new victims. That means no organization is automatically immune to attack just because of its size or industry. Organizations need to take steps ... - [Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware]( - [Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks]( The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ... [View More Dark Reading Reports >>]( Dark Reading Weekly -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=119917&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Weekly_12.14.23&sp_cid=50990&utm_content=DR_NL_Dark%20Reading%20Weekly_12.14.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#7b If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)