Sophisticated Vishing Campaigns Take World by Storm | Typosquatting Wave Shows No Signs of Abating

One South Korean victim gave up $3 million to cybercriminals, thanks to convincing law-enforcement impersonation scams that combine both psychology and technology. [TechWeb]( Follow Dark Reading: [RSS]( March 14, 2024 LATEST SECURITY NEWS & COMMENTARY [Sophisticated Vishing Campaigns Take World by Storm]( One South Korean victim gave up $3 million to cybercriminals, thanks to convincing law-enforcement impersonation scams that combine both psychology and technology. [Typosquatting Wave Shows No Signs of Abating]( A spate of recent typosquatting attacks shows the scourge of this type of attack is still very much with us, even after decades of cyber defender experience with it. [Microsoft Discloses Critical Hyper-V Flaws in Low-Volume Patch Update]( Microsoft has disclosed fewer flaws and zero-days in the first three months of 2024 compared with the first quarter of the prior four years. [The CISO Role Is Changing. Can CISOs Themselves Keep Up?]( What happens to security leaders that don't communicate security well enough? "Ask SolarWinds." [Russia-Sponsored Cyberattackers Infiltrate Microsoft's Code Base]( The Midnight Blizzard APT is mounting a sustained, focused cyber campaign against the computing kahuna, using secrets it stole from emails back in January. ['The Weirdest Trend in Cybersecurity': Nation-States Returning to USBs]( USBs are fetch again, as major APTs from Russia, China, and beyond are turning to them for BYOD cyberattacks. [Stealth Bomber: Atlassian Confluence Exploits Drop Web Shells In-Memory]( The proof-of-concept exploits for Atlassian Confluence would enable arbitrary code execution without requiring file system access. [Japan Blames North Korea for PyPI Supply Chain Cyberattack]( Open source software ecosystem compromise leaves developers in Asia and around the globe at risk. [Broke Cyber Pros Flock to Cybercrime Side Hustles]( Burned-out cybersecurity professionals dealing with layoffs and stressful working conditions are increasingly finding a better way to earn a buck: cybercrime. [How Not to Become the Target of the Next Microsoft Hack]( The alarming number of cyber threats targeting Microsoft cloud applications shows cybersecurity needs an overhaul. [The Ongoing Struggle to Protect PLCs]( A decade after Stuxnet, vulnerabilities in OT systems and programmable logic controllers remain exposed. [How to Identify a Cyber Adversary: Standards of Proof]( Identifying the who, what, and how behind a cyberattack is crucial for preventing future strikes. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Don't Give Your Business Data to AI Companies]( Handing over your business data to artificial intelligence companies comes with inherent risks. [Why You Need to Know Your AI's Ancestry]( Securing AI can't wait an hour, let alone a decade. [What Cybersecurity Chiefs Need From Their CEOs]( By helping CISOs navigate the expectations being placed on their shoulders, CEOs can greatly benefit their companies. [MORE]( PRODUCTS & RELEASES [Codezero Raises $3.5M Seed Funding From Ballistic Ventures to Secure Multicloud Application Development]( [Claroty Launches Advanced Anomaly Threat Detection for Medigate]( [IT-Harvest Reaches Milestone With Ingestion of 10K Cybersecurity Products Into Dashboard]( [Claroty Team82: 63% of Known Exploited Vulnerabilities Tracked by CISA Are on Healthcare Organization Networks]( [Silence Laboratories Raises $4.1M Funding to Enable Privacy Preserving Collaborative Computing]( [Bipartisan Members of Congress Introduce Enhanced Cybersecurity for SNAP Act to Secure Food Benefits Against Hackers and Thieves]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Patch Now: Kubernetes RCE Flaw Allows Full Takeover of Windows Nodes]( Attackers can remotely execute code with system privileges by exploiting a vulnerability in the source code of the open source container management system. LATEST FROM THE EDGE [Creating Security Through Randomness]( How lava lamps, pendulums, and suspended rainbows keep the Internet safe. LATEST FROM DR TECHNOLOGY [Google's Post-Quantum Upgrade Doesn't Mean We're All Protected Yet]( Just because Google has put in the work to quantum-proof Chrome doesn't mean post-quantum security is all set. LATEST FROM DR GLOBAL [Nissan Oceania Breached; 100K People Affected Down Under]( A possible ransomware attack has exposed government and personal data of Australians and New Zealanders, encompassing the carmaker's customers, dealers, and employees. WEBINARS - [How To Optimize and Accelerate Cybersecurity Initiatives for Your Business]( - [Assessing Your Critical Applications' Cyber Defenses]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [The State of Incident Response]( - [Secure Access for Operational Technology at Scale]( - [Strengthen Microsoft Defender with MDR]( - [Incident Response Planning Guide]( - [Zero Trust Access For Dummies, 2nd Fortinet Special Edition]( - [Building Cyber Resiliency: Key Strategies for Proactive Security Operations]( - [Mandiant Threat Intelligence at Penn State Health]( [View More White Papers >>]( FEATURED REPORTS - [Industrial Networks in the Age of Digitalization]( - [Zero-Trust Adoption Driven by Data Protection]( - [How Enterprises Assess Their Cyber-Risk]( [View More Dark Reading Reports >>]( Dark Reading Weekly -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=122087&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Weekly_03.14.24&sp_cid=52500&utm_content=DR_NL_Dark%20Reading%20Weekly_03.14.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#26 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)