Category: Dark Reading

China-inked APT actors could have single-hop access to the gamut of Microsoft cloud services and apps, including SharePoint, Teams, and OneDrive, among many others. This article has been indexed from Dark Reading Read the original article: Microsoft 365 Breach Risk…

Read more →

Registration has opened for the cybersecurity specialty track at Tuwaiq Academy, where students will learn a variety of related skills. This article has been indexed from Dark Reading Read the original article: Saudi Arabia’s Tuwaiq Academy Opens Cybersecurity Bootcamp

Read more →

Hosts Sophia d’Antoine and Ian Roos presented the list at Summercon in Brooklyn, where they also handed out a surprise Lifetime Achievement Award. This article has been indexed from Dark Reading Read the original article: Meet the Finalists for the…

Read more →

With Big Tech companies pledging voluntary safeguards, industry-watchers assume that smaller AI purveyors will follow in their wake to make AI safer for all. This article has been indexed from Dark Reading Read the original article: White House, Big Tech…

Read more →

Sophisticated fraudsters are exploiting ChatGPT and CAPTCHAs to evade enterprise security defenses. This article has been indexed from Dark Reading Read the original article: The Dark Side of AI

Read more →

Analysts continue piecing together who breached JumpCloud, why, and what else they’ve managed to pull off. This article has been indexed from Dark Reading Read the original article: North Korean Attackers Targeted Crypto Companies in JumpCloud Breach

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: TrustArc Announces TRUSTe EU-US Data Privacy Framework Verification

Read more →

Malicious activity targeting vulnerable SQL servers has surged 174% compared to 2022, Palo Alto’s Unit 42 says. This article has been indexed from Dark Reading Read the original article: Mallox Ransomware Group Activity Shifts Into High Gear

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Deloitte Global Expands MXDR Cybersecurity SaaS Solution With Operational Technology and…

Read more →

Critical-infrastructure employees are comparatively more engaged in organizational security — and compliance training — than those in other sectors. This article has been indexed from Dark Reading Read the original article: Critical Infrastructure Workers Better At Spotting Phishing

Read more →

The cosmetics conglomerate was apparently breached through the infamous MOVEit flaw by both Cl0p and BlackCat, at roughly the same time. This article has been indexed from Dark Reading Read the original article: Estée Lauder Breached in Twin MOVEit Hacks,…

Read more →

US Air Force veteran and Mandiant CEO discussed dwell time and state-sponsored attacks at the Military Cyber Professionals Association’s HammerCon conference. This article has been indexed from Dark Reading Read the original article: Kevin Mandia Brings the HammerCon

Read more →

Researcher discovers vulnerabilities in the open source Web application, which were fixed in the latest Apache OpenMeeting update. This article has been indexed from Dark Reading Read the original article: Apache OpenMeetings Wide Open to Account Takeover, Code Execution

Read more →

Frameworks can help improve hiring practices and retention, and help guide education — which makes them an important asset worth exploiting. This article has been indexed from Dark Reading Read the original article: Should You Be Using a Cybersecurity Careers…

Read more →

Kevin Mitnick, former computer hacker turned speaker and author, has died at the age of 59. This article has been indexed from Dark Reading Read the original article: Hacker-Turned-Security-Researcher Kevin Mitnick Dies Aged 59

Read more →

The SaaS product is available under the Company’s early access program as a closed, invitation-only beta experience, as part of the Plurilock AI platform. This article has been indexed from Dark Reading Read the original article: Plurilock Announces Generative AI…

Read more →

Citrix is urging organizations to immediately patch the unauthenticated RCE vulnerability. This article has been indexed from Dark Reading Read the original article: Attackers Exploit Citrix Zero-Day Bug to Pwn NetScaler ADC, Gateway

Read more →

Organizations have options when it comes to choosing the right tool to quantify risk This article has been indexed from Dark Reading Read the original article: Enterprise Choices in Measuring Risk

Read more →

Egress also launches adaptive security architecture, which dynamically adjusts email security controls based on aggregated data including KnowBe4’s user risk score. This article has been indexed from Dark Reading Read the original article: KnowBe4 Partners With Egress to Enhance Organizations’…

Read more →

Updated Evolve Partner Program offerings expand support and solution options for MSPs driving security modernization and network transformation. This article has been indexed from Dark Reading Read the original article: Netskope Launches Managed Service Provider Program

Read more →

Checkmarx’s industry-first AI AppSec plugin works within the ChatGPT interface to protect against new attack types targeting GenAI-generated code. This article has been indexed from Dark Reading Read the original article: Checkmarx Announces CheckAI Plugin for ChatGPT to Detect and…

Read more →

Supports company focus on bridging the cyber skills gap, strengthening cyber defenses, and protecting the front lines. This article has been indexed from Dark Reading Read the original article: Cloud Range Appoints Cybersecurity Leader Galina Antova to Board of Directors

Read more →

Industry pushback prompts Microsoft to drop premium pricing for access to cloud logging data. This article has been indexed from Dark Reading Read the original article: Microsoft Relents, Offers Free Critical Logging to All 365 Customers

Read more →

The ransomware-as-a-service offering was first assumed to be a red team exercise before being detected for true malicious activity. This article has been indexed from Dark Reading Read the original article: SophosEncrypt Ransomware Fools Security Researchers

Read more →

Nation-states see the opportunity in targeting people directly through their mobile phones, in this case with sophisticated Android surveillanceware. This article has been indexed from Dark Reading Read the original article: China’s APT41 Linked to WyrmSpy, DragonEgg Mobile Spyware

Read more →

Although not all Redis instances are vulnerable to the P2P worm variant, all of them can expect a compromise attempt, researchers warn. This article has been indexed from Dark Reading Read the original article: P2P Self-Replicating Cloud Worm Targets Redis

Read more →

While cybersecurity preparedness in Africa is on the upswing, the continent still lacks agreements on international security standards and sharing threat intel. This article has been indexed from Dark Reading Read the original article: Study: Africa Cybersecurity Improves But Lacks…

Read more →

Industry pushback prompts Microsoft to drop premium pricing for access to cloud logging data. This article has been indexed from Dark Reading Read the original article: Microsoft Relents, Offers Free Key Logging to All 365 Customers

Read more →

As companies navigate how to protect themselves from the onslaught of increasingly sophisticated fraud threats, artificial intelligence will be a critical piece of next-gen authentication. This article has been indexed from Dark Reading Read the original article: 3 Ways AI…

Read more →

Security debt exists in on-premises data centers as well as in cloud platforms — but preventing it from accumulating in the cloud requires different skills, processes, and tools. This article has been indexed from Dark Reading Read the original article:…

Read more →

By combining these leading-edge tools, security professionals can amplify the impact of their security strategies. This article has been indexed from Dark Reading Read the original article: Leverage Threat Intelligence, AI, and Data at Scale to Boost Cyber Defenses

Read more →

Google’s fix to the Bad.Build flaw only partially addresses the issue, say security researchers who discovered it. This article has been indexed from Dark Reading Read the original article: Google Cloud Build Flaw Enables Privilege Escalation, Code Tampering

Read more →

Attackers show renewed relentlessness in exploiting OS vulnerabilities that also circumvent defense and detection measures. This article has been indexed from Dark Reading Read the original article: Pernicious Rootkits Pose Growing Blight On Threat Landscape

Read more →

Some of the users who were impacted include the US Department of Justice, the NSA, and the FBI, alongside German intelligence agencies. This article has been indexed from Dark Reading Read the original article: VirusTotal Data Leak Affects 5K+ Users

Read more →

A prolific threat actor has been operating on Russian-language forums since 2020, but then he accidentally infected his own computer and sold off its contents to threat researchers. This article has been indexed from Dark Reading Read the original article:…

Read more →

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. This article has been indexed from Dark Reading Read the original article: Name That Toon: Shark Sighting

Read more →

The cybercrime group has given its backdoor malware a facelift in an attempt to evade detection, making some bug fixes and setting itself up to deliver its latest crimeware toy, BlackCat. This article has been indexed from Dark Reading Read…

Read more →

Two separate threat actors are using poisoned USB drives to distribute malware in cyber-espionage campaigns targeting organizations across different sectors and geographies. This article has been indexed from Dark Reading Read the original article: Sogu, SnowyDrive Malware Spreads, USB-Based Cyberattacks…

Read more →

A barrage of targeted attacks against vulnerable installations peaked at 1.3 million against 157,000 sites over the weekend, aimed at unauthenticated code execution. This article has been indexed from Dark Reading Read the original article: Attackers Pummel Millions of Websites…

Read more →

Organizations running Linux distributions need to prepare to defend their systems against ransomware attacks. Steps to ensure resiliency and basics such as access control reduce major disruptions. This article has been indexed from Dark Reading Read the original article: Linux…

Read more →

The company, one of four finalists in this year’s Black Hat USA Startup Spotlight competition, uses AI/ML to find firmware vulnerabilities. This article has been indexed from Dark Reading Read the original article: Startup Spotlight: Binarly Hardens Firmware Security

Read more →

Researchers explore how overburdened cyber analysts can improve their threat intelligence jobs by using ChatGPT-like large language models (LLMs). This article has been indexed from Dark Reading Read the original article: How AI-Augmented Threat Intelligence Solves Security Shortfalls

Read more →

A recent email compromise by Chinese APT group Storm-0558 highlights a lack of access to security logging by many Microsoft 365 license holders, prompting calls from researchers to abolish it. This article has been indexed from Dark Reading Read the…

Read more →

July’s updates contained 100+ patches and security policy notes, leaving vulnerability management teams stressed and scrambling to prioritize. We’re here to help find some zen. This article has been indexed from Dark Reading Read the original article: 5 Major Takeaways…

Read more →

The TeamTNT threat actor appears to be setting the stage for broader cloud worm attacks, researchers say. This article has been indexed from Dark Reading Read the original article: AWS Cloud Credential Stealing Campaign Spreads to Azure, Google Cloud

Read more →

Only a quarter of hospitals have implemented the strongest level of DMARC, with a third running any version of the email validation protocol. This article has been indexed from Dark Reading Read the original article: UAE and South African Hospitals…

Read more →

Artificial intelligence can be tricked into making password-based authentication even weaker. This article has been indexed from Dark Reading Read the original article: If George Washington Had a TikTok, What Would His Password Be?

Read more →

Cyber threats are intensifying even as budgets are being scrutinized. Now, more than ever, security and finance professionals need to align on cybersecurity strategies. This article has been indexed from Dark Reading Read the original article: Why CFOs & CISOs…

Read more →

SaaS security posture management helps mitigate common threats posed by malicious or negligent insiders. This article has been indexed from Dark Reading Read the original article: Insider Risk Management Starts With SaaS Security

Read more →

A flaw in the REST API of Cisco’s SD_WAN vManage software could allow remote, unauthenticated attackers to perform data exfiltration. This article has been indexed from Dark Reading Read the original article: Cisco Flags Critical SD-WAN Vulnerability

Read more →

A software bills of materials standard gets an update, but the driver is compliance rather than security. This article has been indexed from Dark Reading Read the original article: SBOMs Still More Mandate Than Security

Read more →

We rely on them for communications, military activity, and everyday tasks. How long before attackers really start to look up at the stars? This article has been indexed from Dark Reading Read the original article: How Hackers Can Hijack a…

Read more →

A few default guest setting manipulations in Azure AD and over-promiscuous low-code app developer connections can upend data protections. This article has been indexed from Dark Reading Read the original article: Rogue Azure AD Guests Can Steal Data via Power…

Read more →

A bug in Zimbra email servers is already being exploited in the wild, Google TAG researchers warn. This article has been indexed from Dark Reading Read the original article: Zimbra Zero-Day Demands Urgent Manual Update

Read more →

Because digital substations are critical elements of electrical systems, they are a prime target for sophisticated cyberattacks. This article has been indexed from Dark Reading Read the original article: Electrical Grid Stability Relies on Balancing Digital Substation Security

Read more →

While the plan may convey the right kind of urgency, it lacks both funding and bipartisan support, industry professionals say. This article has been indexed from Dark Reading Read the original article: White House Fills in Details Of National Cybersecurity…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Introducing EncryptionSafe: A Free and Easy-to-Use Encryption App for Windows PC

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Secure Code Warrior Ushers in Next Era in Developer Driven Security…

Read more →

Pledge stems from Black Hat’s commitment to become a net zero carbon business by 2030. This article has been indexed from Dark Reading Read the original article: Black Hat Announces Sustainability Pledge

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Secure Code Warrior Raises $50M to Accelerate Product Innovation

Read more →

A combination of SAFE Platform’s industry defining AI capabilities coupled with the industry standard FAIR model for cyber risk quantification, that was pioneered by RiskLens. This article has been indexed from Dark Reading Read the original article: Safe Security Acquires…

Read more →

Vade’s phishing and malware report reveals phishing volumes increased by more than 54% in H1 2023. This article has been indexed from Dark Reading Read the original article: Facebook and Microsoft are the Most Impersonated Brands in Phishing Attacks

Read more →

Optiv survey highlights organizations’ need for talent, challenges with sophistication of threat actors and expanding attack surface. This article has been indexed from Dark Reading Read the original article: Cybersecurity Leaders Report Reduction in Disruptive Cyber Incidents With MSS/MDR Solutions

Read more →

A cyber attacker gives defenders a taste of their own medicine, with GitHub honeypots concealing infostealers. This article has been indexed from Dark Reading Read the original article: Linux Hacker Exploits Researchers With Fake PoCs Posted to GitHub

Read more →

The draft AI Act represents a significant step in regulating AI technologies, recognizing the need to address the potential risks and ethical concerns. This article has been indexed from Dark Reading Read the original article: How the EU AI Act…

Read more →

Two fierce cloud security competitors are locked in a legal battle, as Orca accuses Wiz of ripping off its intellectual property. This article has been indexed from Dark Reading Read the original article: Orca Sues Wiz for ‘Copying’ Its Cloud…

Read more →

AI-aided BEC, malware, and phishing attacks will push organizations to level up with generative AI and better protect their users, data, and networks. This article has been indexed from Dark Reading Read the original article: WormGPT Heralds An Era of…

Read more →

Rockwell Automation and CISA warn of security vulnerabilities that affect power plants, factories, and other critical infrastructure sites. This article has been indexed from Dark Reading Read the original article: Critical RCE Bug in Rockwell Automation PLCs Zaps Industrial Sites

Read more →

Omdia has published its Omdia Universe on IDaaS. This vendor comparison study highlights the capabilities of the vendors in the space. This article has been indexed from Dark Reading Read the original article: Okta, Ping Identity, CyberArk & Oracle Lead…

Read more →

Cloaked Ursa/Nobelium gets creative by appealing to the more personal needs of government employees on foreign missions in Kyiv. This article has been indexed from Dark Reading Read the original article: SolarWinds Attackers Dangle BMWs to Spy on Diplomats

Read more →

The vulnerability gap continues to persist, and IT and security teams can play a major role in reducing their attack surface. This article has been indexed from Dark Reading Read the original article: Creating a Patch Management Playbook: 6 Key…

Read more →

Killnet has been more effective at generating headlines than in executing attacks or wreaking any real damage, experts say. This article has been indexed from Dark Reading Read the original article: Killnet Tries Building Russian Hacktivist Clout With Media Stunts

Read more →

Kernel mode driver can download second-stage payload directly to memory, allowing threat actors to evade endpoint detection and response tools. This article has been indexed from Dark Reading Read the original article: Hackers Target Chinese Gamers With Microsoft-Signed Rootkit

Read more →

The startup, one of four finalists in this year’s Black Hat USA Startup Spotlight competition, automates vulnerability remediation using AI. This article has been indexed from Dark Reading Read the original article: Startup Spotlight: Mobb Aims to Be the Fixer

Read more →

Foreign state-sponsored actors likely had access to privileged state emails for weeks, thanks to a token validation vulnerability. This article has been indexed from Dark Reading Read the original article: Chinese APT Cracks Microsoft Outlook Emails at 25 Government Agencies

Read more →

Firedome’s on device real-time detection, prevention and response along with Microsoft Defender for IoT cloud-based security provides a holistic view of IoT attacks for the first time. This article has been indexed from Dark Reading Read the original article: Firedome…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Hackers Say Generative AI Unlikely to Replace Human Cybersecurity Skills According…

Read more →

Keeper Security highlights S&P Market Intelligence’s latest research showing that lack of PAM is leaving SMBs vulnerable to attack. This article has been indexed from Dark Reading Read the original article: Less Than Half of SMBs Deploy Privileged Access Management

Read more →

Partnership program empowers underrepresented groups by removing barriers to entering the cybersecurity workforce. This article has been indexed from Dark Reading Read the original article: (ISC)² Strengthens DEI Initiatives through Global Partnerships

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Console & Associates, P.C. Investigates HCA Healthcare After Report of Data…

Read more →

QuickBlox users should update to the latest version of the platform in order to protect against several avenues of exploitation. This article has been indexed from Dark Reading Read the original article: QuickBlox API Vulnerabilities Open Video, Chat Users to…

Read more →

QuickBlox was quick to work with the research teams in order to find solutions to these vulnerabilities and protect its users. This article has been indexed from Dark Reading Read the original article: Team82, Check Point Research Uncover QuickBlox API…

Read more →

Generative AI is the cybersecurity resource that never sleeps. Here are some of the ways security-focused generative AI can benefit different members of the SOC team. This article has been indexed from Dark Reading Read the original article: How to…

Read more →

A group of cybersecurity organizations is urging the White House to move with haste in nominating a new National Cyber Director, amid a complex and shifting threat landscape. This article has been indexed from Dark Reading Read the original article:…

Read more →

Using open source tools, attackers target Chinese speakers with malicious drivers with expired certificates, potentially allowing for full system takeover. This article has been indexed from Dark Reading Read the original article: Hackers Exploit Policy Loophole in Windows Kernel Drivers

Read more →

A good backup strategy can be effective at mitigating a ransomware attack, but how many organizations consider that their backup data can also be targeted? This article has been indexed from Dark Reading Read the original article: Ransomware, From a…

Read more →

Fixes for more than 100 vulnerabilities affect numerous products, including Windows, Office, .Net, and Azure Active Directory, among others. This article has been indexed from Dark Reading Read the original article: Microsoft Discloses 5 Zero-Days in Voluminous July Security Update

Read more →

Personal details of Bangladeshi citizens found online by researcher included full names, phone numbers, email addresses, and national ID numbers. This article has been indexed from Dark Reading Read the original article: Bangladesh Government Website Leaks Personal Data

Read more →

Platform’s independent server “instances” may have different security levels, creating potential for supply chain-like vulnerabilities. This article has been indexed from Dark Reading Read the original article: Mastodon Patches 4 Bugs, but Is the Twitter Killer Safe to Use?

Read more →

The exploit code was brought to VMware’s attention by an anonymous researcher, in tandem with the Trend Micro Zero Day Initiative. This article has been indexed from Dark Reading Read the original article: Critical VMware Bug Exploit Code Released Into…

Read more →

Apple’s emergency fix for a code-execution bug being actively exploited in the wild is reportedly buggy itself, and some indications point to the Cupertino giant halting patch rollouts. This article has been indexed from Dark Reading Read the original article:…

Read more →

Giving ourselves a chance in this fight means acknowledging that yesterday’s successful defensive tactics may already be obsolete. This article has been indexed from Dark Reading Read the original article: Cyberattacks Are a War We’ll Never Win, but We Can…

Read more →

As NATO mulls Ukrainian membership, the threat group is targeting supporters of Ukraine with a backdoor and exploitation of the Microsoft remote code execution (RCE) flaw known as Follina. This article has been indexed from Dark Reading Read the original…

Read more →

As organizations struggle to keep up with new regulations and hiring challenges, chief information security officers share common challenges and experiences. This article has been indexed from Dark Reading Read the original article: Top Takeaways From Table Talks With Fortune…

Read more →

A toolset upgrade is making ScarletEel more slippery than ever while it continues to manipulate the cloud to perform cryptojacking, DDoS, and more. This article has been indexed from Dark Reading Read the original article: ‘ScarletEel’ Hackers Worm Into AWS…

Read more →

Analysts seem bullish about funding and M&A activity for the second half of the year, though transaction volumes and values dipped again in Q2. This article has been indexed from Dark Reading Read the original article: Analysts: Cybersecurity Funding Set…

Read more →

The public working group will develop guidance around the special risks of AI technologies that generate content. This article has been indexed from Dark Reading Read the original article: NIST Launches Generative AI Working Group

Read more →

The Guardz research team discloses the existence of new information stealing malware on the Dark Web. This article has been indexed from Dark Reading Read the original article: Guardz Identifies New ‘ShadowVault’ macOS Stealer Malware

Read more →

SCADAfence will integrate into the Honeywell Forge Cybersecurity+ suite providing expanded asset discovery, threat detection, and compliance management capabilities. This article has been indexed from Dark Reading Read the original article: Honeywell to Acquire SCADAfence, Strengthening its Cybersecurity Software Portfolio

Read more →

Cybercriminals lining up to score off Amazon Prime Day shoppers, who spent more than $22B in US online sales alone last year, according to estimates. This article has been indexed from Dark Reading Read the original article: Amazon Prime Day…

Read more →