Feds Reportedly Try to Disrupt 'Volt Typhoon' Attack Infrastructure

The China-linked threat actor's attacks on US critical infrastructure organizations have alarmed American intelligence officials, Reuters says. [TechWeb]( Follow Dark Reading: [RSS]( January 31, 2024 LATEST SECURITY NEWS & COMMENTARY [Feds Reportedly Try to Disrupt 'Volt Typhoon' Attack Infrastructure]( The China-linked threat actor's attacks on US critical infrastructure organizations have alarmed American intelligence officials, Reuters says. [Ivanti Zero-Day Patches Delayed as 'KrustyLoader' Attacks Mount]( The RCE/auth bypass bugs in Connect Secure VPNs have gone unpatched for 20 days as state-sponsored groups continue to backdoor Ivanti gear. ['Cactus' Ransomware Strikes Schneider Electric]( Schneider's Sustainability division, which provides software and consulting services to enterprises, was felled by cybercriminals in mid-January. [Apple Warns iPhone Sideloading Changes Will Increase Cyber Threats]( The tech giant says that being more open to comply with EU regulations brings risks such as malware, fraud, and scams. [Solving the Cybersecurity Skills Gap With Racial Inclusivity]( Addressing the growing demand for cybersecurity professionals is also an opportunity to create a more racially inclusive workforce. [UAE Government Cyber Chief: We Face 50K Cyberattacks Daily]( The Emirates see phishing emails, DDoS attacks, and ransomware, as well as port scans, regularly. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Microsoft Shares New Guidance in Wake of 'Midnight Blizzard' Cyberattack]( Threat actors created and abused OAuth apps to access Microsoft's corporate email environment and remain there for weeks. [NRC Issues Recommendations for Better Network, Software Security]( The Network Resilience Coalition pushes adoption of standards like SSDF, OpenEoX and CISA's Secure By Design and Default framework. [Top 3 Data Breaches of 2023, and What Lies Ahead in 2024]( Take a look at last year's most impactful data breaches and what companies can do to protect themselves going forward. [A Cyber Insurer's Perspective on How to Avoid Ransomware]( Insurance companies have a unique view of the ravages of ransomware, which lets us formulate lessons in how to avoid becoming a victim. [MORE]( PRODUCTS & RELEASES [Forcepoint Federal Rebrands As Everfox to Reflect New Era of Defense-Grade Cybersecurity]( [Black Kite Unveils Monthly Ransomware Dashboards]( [Keenan & Associates Reports Data Breach Exposing Social Security Numbers of More Than 1.5M]( [Cohesity Research Reveals Most Companies Pay Millions in Ransoms]( [Wyden Releases Documents Confirming the NSA Buys Americans' Internet Browsing Records]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [SolarWinds Files Motion to Dismiss SEC Lawsuit]( Responding to SEC charges, SolarWinds fired back with a detailed defense of how a Russian-backed cyber espionage attack on its system was handled. LATEST FROM THE EDGE [Is the vCISO Model Right for Your Organization?]( More and more organizations are working with virtual CISOs to handle security-related responsibilities. Here are tips on how to find the right fit. LATEST FROM DR TECHNOLOGY [AI Gives Defenders the Advantage in Enterprise Defense]( A panel of CISOs acknowledged that artificial intelligence has boosted the capabilities of threat actors, but enterprise defenders are actually benefiting more from the technology. LATEST FROM DR GLOBAL [Q&A: How Israeli Cybersecurity Companies Endure Through the Conflict]( As Israeli employees get called up for reserve military duty, the impact on their day jobs and employers is still being calculated. WEBINARS - [Securing the Software Development Life Cycle from Start to Finish]( - [Your Everywhere Security Guide: 4 Steps to Stop Cyberattacks]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [SANS ICS/OT Cybersecurity Survey: 2023's Challenges and Tomorrow's Defenses]( - [Threat Terrain of the Modern Factory: Survey of Programmable Assets and Robot Software]( - [IT Zero Trust vs. OT Zero Trust: It's all about Availability]( - [The OT Zero Trust Handbook: Implementing the 4 Cornerstones of OT Security]( - [2023 Snyk AI-Generated Code Security Report]( - [Migrations Playbook for Saving Money with Snyk + AWS]( - [Buyer's Guide: Choosing a True DevSecOps Solution for Your Apps on AWS]( [View More White Papers >>]( FEATURED REPORTS - [The State of Supply Chain Threats]( - [How to Deploy Zero Trust for Remote Workforce Security]( - [What Ransomware Groups Look for in Enterprise Victims]( Ransomware attackers cast a wide net -- they just care about causing damage, making money, and gaining new victims. That means no organization is automatically immune to attack just because of its size or industry. Organizations need to take steps ... [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=120905&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_01.31.24&sp_cid=51724&utm_content=DR_NL_Dark%20Reading%20Daily_01.31.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#56 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)