Biden wants UAW style labor deal for all U.S. auto workers

<p>Biden spoke to UAW workers here in Illinois as the Democratic president tries to rally support for his economic agenda and firm up sagging popularity numbers, ahead of a re-election campaign next year.</p>

https://www.autonews.com/manufacturing/j...-uaws-deal

Geely-linked ECARX eyes profitability as it seeks greater brand, geographic diversity

<p>Geely-linked digital cockpit supplier ECARX is "on track" to break even as it rolls out new products and expands its reach to new vehicles, said John Marcus, the company's president of international.</p>

https://www.autonews.com/suppliers/geely...ales-surge

MuddyC2Go: New C2 Framework Iranian Hackers Using Against Israel

Iranian nation-state actors have been observed using a previously undocumented command-and-control (C2) framework called MuddyC2Go as part of attacks targeting Israel.
"The framework's web component is written in the Go programming language," Deep Instinct security researcher Simon Kenin said in a technical report published Wednesday.
The tool has been attributed to MuddyWater, an Iranian 

https://thehackernews.com/2023/11/muddyc...anian.html

When Email Security Meets SaaS Security: Uncovering Risky Auto-Forwarding Rules

While intended for convenience and efficient communication, email auto-forwarding rules can inadvertently lead to the unauthorized dissemination of sensitive information to external entities, putting confidential data at risk of exposure to unauthorized parties. Wing Security (Wing), a SaaS security company, announced yesterday that their SaaS shadow IT discovery methods now include a solution

https://thehackernews.com/2023/11/when-e...urity.html

New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Inst

A new malvertising campaign has been found to employ fake sites that masquerade as legitimate Windows news portal to propagate a malicious installer for a popular system profiling tool called CPU-Z.
"This incident is a part of a larger malvertising campaign that targets other utilities like Notepad++, Citrix, and VNC Viewer as seen in its infrastructure (domain names) and cloaking templates used

https://thehackernews.com/2023/11/new-ma...-fake.html

Zero-Day Alert: Lace Tempest Exploits SysAid IT Support Software Vulnerability

The threat actor known as Lace Tempest has been linked to the exploitation of a zero-day flaw in SysAid IT support software in limited attacks, according to new findings from Microsoft.
Lace Tempest, which is known for distributing the Cl0p ransomware, has in the past leveraged zero-day flaws in MOVEit Transfer and PaperCut servers.
The issue, tracked as CVE-2023-47246, concerns a path traversal

https://thehackernews.com/2023/11/zero-d...loits.html

2024 Ford Mustang GT California Special Adopts Modern Style as Classic Package Retur

As Mustang prepares to celebrate its 60th anniversary, Ford is putting a modern, vibrant spin on the popular California Special®.


https://media.ford.com/content/fordmedia...th-mo.html

Ransomware Mastermind Uncovered After Oversharing on Dark Web

Meet "farnetwork," one of the most prolific RaaS operators around, who spilled too many details during an affiliate "job interview."

https://www.darkreading.com/threat-intel...g-dark-web

Evasive Jupyter Infostealer Campaign Showcases Dangerous Variant

The attacks are another manifestation of the concerning rise in information stealers for harvesting data and enabling persistent access to enterprise networks.

https://www.darkreading.com/attacks-brea...us-variant

Securing Remote Workers Through Zero Trust

Dark Reading's special report looks at how enterprises are turning to zero trust to harden the security of their remote workforce. The challenges are steep.

https://www.darkreading.com/edge-article...zero-trust