Just in time for the US election season, one of the Kremlin's favorite hack-and-leak spy groups — Star Blizzard — has developed its very first custom backdoor. [TechWeb]( Follow Dark Reading:
[RSS](
January 19, 2024 LATEST SECURITY NEWS & COMMENTARY [Google: Russia's ColdRiver APT Unleashes Custom 'Spica' Malware](
Just in time for the US election season, one of the Kremlin's favorite hack-and-leak spy groups â Star Blizzard â has developed its very first custom backdoor.
[Threat Actors Team Up for Post-Holiday Phishing Email Surge](
Just like you and me, cyberattackers returned from winter break and immediately started sending thousands of emails.
[Cybercrooks Target Docker Containers With Novel Pageview Generator](
Cyberattackers are exploiting Docker instances to drop the bot-tastic 9hits Web traffic generator and "earn" valuable credits that can be turned into cash.
[With Attacks on the Upswing, Cyber-Insurance Premiums Poised to Rise Too](
Insurers doubled premiums in late 2021 to offset losses from ransomware claims. With attacks rising again, organizations can anticipate a new round of increases.
[Stealthy New macOS Backdoor Hides on Chinese Websites](
Modified malware from the Khepri open source project that shares similarities with the ZuRu data stealer harvests data and drops additional payloads.
['Chaes' Infostealer Code Contains Hidden Threat Hunter Love Notes](
Analysis of the infostealer malware version 4.1 includes hidden ASCII art and a shout-out thanking cybersecurity researchers.
[Citrix Discovers 2 Vulnerabilities, Both Exploited in the Wild](
These vulnerabilities are the second and third for Citrix but are not expected to be as detrimental as "CitrixBleed."
[Building AI That Respects Our Privacy](
Until laws can move at the speed of innovation, we'll see a discrepancy between the protections offered and the risks associated with technology. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Google Chrome Zero-Day Bug Under Attack, Allows Code Injection]( The first Chrome zero-day bug of 2024 adds to a growing list of actively exploited vulnerabilities found in Chromium and other browser technologies.
[Nearly 7K WordPress Sites Compromised by Balada Injector]( Nearly 200K WordPress sites could be vulnerable to the attack thanks to CVE-2023-6000, lurking in the PopUp Builder plug-in.
[Strength in Numbers: The Case for Whole-of-State Cybersecurity]( WoS cybersecurity creates a united front for governments to defend against threat actors, harden security postures, and protect constituents who depend on services. [MORE]( PRODUCTS & RELEASES [Mimecast Announces New CEO]( [Salt Security Delivers API Posture Governance Engine]( [ESET Launches New Managed Detection and Response (MDR) Service for Small and Midsize Businesses]( [Intel 471 Appoints Technology Veteran, Sonja Tsiridis, Chief Technology Officer](
[MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [CISA: AWS, Microsoft 365 Accounts Under Active 'Androxgh0st' Attack](
Cyberattackers are targeting Apache webservers and websites using the popular Laravel Web application framework in order to steal credentials for the apps. LATEST FROM THE EDGE [Effective Incident Response Relies on Internal and External Partnerships](
Dark Reading research finds increased collaboration between security incident responders and groups within the HR, legal, and communications functions. LATEST FROM DR TECHNOLOGY [First Step in AI/ML Security Is Finding Them](
Security teams need to start including AI tools and machine learning models when thinking about the software supply chain: They can't protect what they don't know they have. LATEST FROM DR GLOBAL [Bangladeshi Elections Come Into DDoS Crosshairs](
A government app experiencing slowdowns on election day could be just the tip of the vote-meddling iceberg for the Asian country. But who's behind it? WEBINARS - [Tips for Managing Cloud Security in a Hybrid Environment](
- [Everything You Need to Know About DNS Attacks]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [Threat Terrain of the Modern Factory: Survey of Programmable Assets and Robot Software](
- [Pixelle's OT Security Triumph with Security Inspection](
- [2023 Snyk AI-Generated Code Security Report](
- [Migrations Playbook for Saving Money with Snyk + AWS](
- [Buyer's Guide: Choosing a True DevSecOps Solution for Your Apps on AWS](
- [The Need for a Software Bill of Materials](
- [The Developers Guide to API Security]( [View More White Papers >>]( FEATURED REPORTS - [Passwords Are Passe: Next Gen Authentication Addresses Today's Threats](
- [The State of Supply Chain Threats](
- [How to Use Threat Intelligence to Mitigate Third-Party Risk]( The report discusses the various steps of a continuous third-party intelligence lifecycle: Data collection, Data classification, Data storage, Data analysis, reporting, dissemination, continuous monitoring, data governance, and choosing the right technology stack. The report also includes information about how attackers ... [View More Dark Reading Reports >>]( Dark Reading Daily
-- Published By [Dark Reading](
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.](
Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com)
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=120567&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_01.19.24&sp_cid=51490&utm_content=DR_NL_Dark%20Reading%20Daily_01.19.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#06
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)