'Voltzite' Zaps African Utilities as Part of Volt Typhoon's Onslaught

The China-backed APT that's been trying to set itself up inside US critical infrastructure for the purpose of disrupting physical processes is deploying a similar playbook in Africa. [TechWeb]( Follow Dark Reading: [RSS]( February 29, 2024 LATEST SECURITY NEWS & COMMENTARY ['Voltzite' Zaps African Utilities as Part of Volt Typhoon's Onslaught]( The China-backed APT that's been trying to set itself up inside US critical infrastructure for the purpose of disrupting physical processes is deploying a similar playbook in Africa. [Echoes of SolarWinds in New 'Silver SAML' Attack Technique]( A successor to the "Golden SAML" tactic used in the SolarWinds campaign, this new technique taps SAML response forgery to gain illegitimate access to apps and services. [US Government Expands Role in Software Security]( The White House Office of the National Cyber Director puts software developers on notice, calling for a move to memory-safe programming languages and the development of security metrics. [Meet 'XHelper,' the All-in-One Android App for Global Money Laundering]( User-friendly apps allow anybody to serve as traffickers for cybercrime syndicates. [Cyberattackers Lure EU Diplomats With Wine-Tasting Offers]( A targeted attack aiming to exploit geopolitical relations between India and Europe delivers previously undocumented, uniquely evasive backdoor malware. ['Savvy Seahorse' Hackers Debut Novel DNS CNAME Trick]( Petty scammers have figured out how to leverage a core function of DNS in order to maintain scalable, stealthy, pliable malicious infrastructure. [Converging State Privacy Laws and the Emerging AI Challenge]( It's time for companies to look at what they're processing, what types of risk they have, and how they plan to mitigate that risk. [(Sponsored Article) Transform Your Security Operations Center With AI]( Attackers aren't slowing down and are using new methods to infiltrate orgs. To limit their impact, automation in the SOC is more critical now than ever. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Russia's 'Midnight Blizzard' Targets Service Accounts for Initial Cloud Access]( CISA and its counterparts in the UK and other countries this week offered new guidance on how to deal with the threat actor's recent shift to cloud attacks. [U-Haul Reports 67K Customers Impacted by Data Breach]( In the notice letter sent out to affected individuals, U-Haul notes that credit card information was not accessed in the breach. [What Companies & CISOs Should Know About Rising Legal Threats]( Litigation and regulatory enforcement are increasing risks for companies and cybersecurity leaders. Something must be done to protect the profession. [4 Ways Organizations Can Drive Demand for Software Security Training]( Developer-driven security programs place the development team at the center of reducing vulnerabilities. [MORE]( PRODUCTS & RELEASES [Kaspersky Finds Attacks on Mobile Devices Significantly Increased in 2023]( [Fortress Information Security Deploys Automated Patch Notification and Authenticity Tool]( [Delinea to Acquire Fastpath to Revolutionize Privileged Access and Identity Governance]( [Pentera Launches Global Partner Program to Accelerate Growing Channel]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [eBay, VMware, McAfee Sites Hijacked in Sprawling Phishing Operation]( Trusted brands like The Economist are also among the 8,000 entities compromised by Operation SubdoMailing, which is at the heart of a larger operation of a single threat actor. LATEST FROM THE EDGE [Privacy Beats Ransomware as Top Insurance Concern]( Despite ransomware losses remaining high, privacy violations have quickly risen to second in a list of expected cyber insurance claims costs. LATEST FROM DR TECHNOLOGY [Insurers Use Claims Data to Recommend Cybersecurity Technologies]( Policy holders using certain technologies — such as managed detection and response (MDR) services, Google Workspace, and email security gateways — gain premium discounts from cyber insurers. LATEST FROM DR GLOBAL ['Illusive' Iranian Hacking Group Ensnares Israeli, UAE Aerospace and Defense Firms]( UNC1549, aka Smoke Sandstorm and Tortoiseshell, appears to be the culprit behind a cyberattack campaign customized for each targeted organization. WEBINARS - [How Supply Chain Attacks Work -- And How to Stop Them]( - [API Security: Protecting Your Application's Attack Surface]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [Use the 2023 MITRE ATT&CK Evaluation Results for Turla to Inform EDR Buying Decisions]( - [Endpoint Best Practices to Block Ransomware]( - [FortiSASE Customer Success Stories - The Benefits of Single Vendor SASE]( - [2023 Gartner Magic Quadrant for Single-Vendor SASE]( - [Mandiant Threat Intelligence at Penn State Health]( - [2023 Snyk AI-Generated Code Security Report]( - [Buyer's Guide: Choosing a True DevSecOps Solution for Your Apps on AWS]( [View More White Papers >>]( FEATURED REPORTS - [Industrial Networks in the Age of Digitalization]( - [Zero-Trust Adoption Driven by Data Protection]( - [How Enterprises Assess Their Cyber-Risk]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=121725&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_02.29.24&sp_cid=52253&utm_content=DR_NL_Dark%20Reading%20Daily_02.29.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#c4 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)