Audit: Big Tech Often Ignores CA Privacy Law Opt-Out Requests – Dark Reading
Google, Meta, and Microsoft about half the time don’t comply with requests to opt out of online tracking per a California law mandate, privacy watchdog finds. – Read More
Dark Reading
Microsoft, Salesforce Patch AI Agent Data Leak Flaws – Dark Reading
Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker to leak sensitive data. – Read More
Microsoft Bets $10 Billion to Boost Japan’s AI, Cybersecurity – Dark Reading
The deal aims to accelerate AI adoption, train workers, and develop cybersecurity partnerships — the latest move by a hyperscaler to compete for sovereign AI and data centers. – Read…
Privilege Elevation Dominates Massive Microsoft Patch Update – Dark Reading
Elevation-of-privilege bugs accounted for more than half of the 165 vulnerabilities patched, with two zero-days in that mix. – Read More
EDR-Killer Ecosystem Expansion Requires Stronger BYOVD Defenses – Dark Reading
Stopping EDR killers, which employ bring-your-own-vulnerable-driver (BYOVD) attack techniques, is difficult, but not impossible. – Read More
Wargame Exercise Demonstrates How Social Media Manipulation Works – Dark Reading
In an educational game called “Capture the Narrative,” students created bots to sway a fictional election, simulating influence in real-world political scenarios. – Read More
Why Orgs Need to Test Networks to Withstand DDoS Attacks During Peak Loads – Dark Reading
Security teams can’t test distributed denial-of-service defenses in a vacuum. They need to test during periods of high demand, such as tax filing deadlines. – Read More
CSA: CISOs Should Prepare for Post-Mythos Exploit Storm – Dark Reading
Security experts warn of an “AI vulnerability storm” triggered by the introduction of Anthropic’s Claude Mythos in a new paper from the Cloud Security Alliance (CSA). – Read More
Adobe Patches Actively Exploited Zero-Day That Lingered for Months – Dark Reading
An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four months. – Read More
Empty Attestations: OT Lacks the Tools for Cryptographic Readiness – Dark Reading
OT asset owners are being asked by regulators to attest to their post-quantum cryptographic readiness without the appropriate tooling, resulting in paperwork dressed up to look like genuine security. –…
APT41 Delivers ‘Zero-Detection’ Backdoor to Harvest Cloud Credentials – Dark Reading
The prolific China-backed threat group is targeting AWS, Google, Azure, and Alibaba cloud environments and using typosquatting to obscure C2 communication. – Read More
Hims Breach Exposes the Most Sensitive Kinds of PHI – Dark Reading
Threat actors breached the telehealth brand, and now they may know who’s bald, overweight, and impotent. What could they do with that information? – Read More
Your Next Breach Will Look Like Business as Usual – Dark Reading
These are the fundamental detection model shifts cybersecurity teams need to make to keep up with the rising number of credential-based attacks. – Read More
FINRA Launches Financial Intelligence Fusion Center to Combat Cybersecurity and Fraud Threats – Dark Reading
Post Content – Read More
Orange Business Reimagines Enterprise Voice Communications With Trust and AI – Dark Reading
Post Content – Read More