Dark Reading:
- by Rob WrightMandiant researchers found the routers of several unnamed organizations (likely telcos and ISPs) were hacked by UNC3886, and contained a custom backdoor called "TinyShell."
- by Arielle WaldmanThe National Institute of Standards and Technology (NIST) has released updated differential privacy guidelines for organizations to follow to protect personally identifiable information when sharing data.
- by Jai Vijayan, Contributing WriterA threat actor leveraged the vulnerability in an "extremely sophisticated" attack on targeted iOS users, the company says.
- by Elizabeth Montalbano, Contributing WriterThe prolonged attack, which lasted 300+ days, is the first known compromise of the US electric grid by the Voltzite subgroup of the Chinese APT; during it, the APT attempted to exfiltrate critical OT infrastructure data.
- by Kristina Beek, Associate Editor, Dark ReadingIn the past, the vulnerability was exploited to drop Mirai botnet malware. Today, it's being used once more for another botnet campaign with its own malware.
- by Randolph BarrTo truly become indispensable in the boardroom, CISOs need to meet the dual demands of defending against sophisticated adversaries while leading resilience strategies.