Category: Dark Reading

Tightening access controls and security clearance alone won’t prevent insider threat risks motivated by lack of trust or loyalty. This article has been indexed from Dark Reading Read the original article: Pentagon Leaks Emphasize the Need for a Trusted Workforce

Read more →

New report provides actionable intelligence about attacks, threat actors, and campaigns. This article has been indexed from Dark Reading Read the original article: Top Cyberattacks Revealed in New Threat Intelligence Report

Read more →

Improving the security of open source repositories and keeping malicious components out requires a combination of technology and people. This article has been indexed from Dark Reading Read the original article: 2 Lenses for Examining the Safety of Open Source…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: 130K+ Patients’ Social Security Numbers Leaked in UHS of Delaware Data…

Read more →

Informants have released data that includes thousands of safety complaints the company has received about its self-driving capability, as well as sensitive information regarding current and past employees. This article has been indexed from Dark Reading Read the original article:…

Read more →

Phishing campaigns targeting travelers have evolved from simple, easy-to-spot fraud attempts to highly sophisticated operations. This article has been indexed from Dark Reading Read the original article: Travel-Themed Phishing, BEC Campaigns Get Smarter as Summer Season Arrives

Read more →

To mitigate risk, both developers and users must include security principles and technologies as core foundations in new devices. This article has been indexed from Dark Reading Read the original article: How Safe Is Your Wearable Device?

Read more →

Ukraine’s head of cybersecurity Victor Zhora says the world needs “efficient legal instruments to confront cyber terrorism.” This article has been indexed from Dark Reading Read the original article: Russia’s War in Ukraine Shows Cyberattacks Can Be War Crimes

Read more →

Russian code that could tamper with industrial machines and toggle RTUs on and off was floating around VirusTotal for years before being noticed. It raises new questions about the state of OT security. This article has been indexed from Dark…

Read more →

The new Red Hat Trusted Software Supply Chain services help developers take a secure-by-design approach to build, deploy, and monitor software. This article has been indexed from Dark Reading Read the original article: Red Hat Tackles Software Supply Chain Security

Read more →

This is the first incident where a threat actor from the country appears to be laying the groundwork for disruptive attacks in the future, researchers say. This article has been indexed from Dark Reading Read the original article: ‘Volt Typhoon’…

Read more →

The infamous North Korean APT group is using Log4Shell, the 3CX supply chain attack, and other known vectors to breach Microsoft Web servers. This article has been indexed from Dark Reading Read the original article: Lazarus Group Striking Vulnerable Windows…

Read more →

The streaming giant is looking to bolster flagging subscription growth and profits, but security researchers say the move offers a perfect opportunity to encourage better password hygiene and account safety. This article has been indexed from Dark Reading Read the…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Memcyco Delivers Real-Time Brandjacking Detection and Protection Solution

Read more →

Perception Point’s 2023 Annual Report: Cybersecurity Trends & Insights’ analyzes the most prevalent cyberattack trends amidst today’s complex threat landscape, identifying an overall increase of 87% in the total number of attacks over the course of last year. This article…

Read more →

Bank of Ghana’s security operations center will boost visibility into threats and enable threat intelligence sharing, it says. This article has been indexed from Dark Reading Read the original article: Bank of Ghana Opens SOC to Enable Threat Intelligence Sharing

Read more →

Researchers could access sensitive data and steal secrets by exploiting a vulnerability in GCP’s security layer, eventually running rampant in the environment. This article has been indexed from Dark Reading Read the original article: Google Cloud Bug Allows Server Takeover…

Read more →

A campaign against customers of Portuguese banks uses a capable financial malware strain dubbed PeepingTitle, written in the Delphi programming language. This article has been indexed from Dark Reading Read the original article: ‘Operation Magalenha’ Attacks Gives Window Into Brazil’s…

Read more →

Organizations must be cautious about how they interact with other regions around the world in order to operate safely in an at-times adversarial landscape. This article has been indexed from Dark Reading Read the original article: Dangerous Regions: Isolating Branch…

Read more →

in the wake of the ex-Uber CISO verdict, CISOs ask for clearer rules and less uncertainty in managing disclosures, amid jail-time fears. This article has been indexed from Dark Reading Read the original article: CISO Criminalization, Vague Cyber Disclosure Rules…

Read more →

According to Microsoft and researchers, the state-sponsored threat actor could very well be setting up a contingency plan for disruptive attacks on the US in the wake of an armed conflict in the South China Sea. This article has been…

Read more →

The new software-led solution enables organizations to defend against cybersecurity threats in their operational technology (OT) environments. This article has been indexed from Dark Reading Read the original article: Honeywell Releases Cyber Insights to Better Identify Cybersecurity Threats and Vulnerabilities

Read more →

Attackers primarily target on-premises IT infrastructures. This article has been indexed from Dark Reading Read the original article: Netwrix Report: Enterprises Suffer More Ransomware and Other Malware Attacks Than Smaller Organizations

Read more →

New capability streamlines automated testing of cybersecurity and anti-fraud features in android and iOS apps in virtual and cloud testing suites. This article has been indexed from Dark Reading Read the original article: Appdome Launches Build-to-Test, Automated Testing Option for…

Read more →

DryRun security seeks to bridge the gap between developers and security professionals by automating security analysis in code reviews before deployment. This article has been indexed from Dark Reading Read the original article: Technology Veterans James Wickett and Ken Johnson…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Harvard Pilgrim Health Care Notifies Individuals of Privacy Incident

Read more →

The company’s ESG appliances were breached, but their other services remain unaffected by the compromise. This article has been indexed from Dark Reading Read the original article: Threat Actors Compromise Barracuda Email Security Appliances

Read more →

Security professionals warn that Google’s new top-level domains, .zip and .mov, pose social engineering risks while providing little reason for their existence. This article has been indexed from Dark Reading Read the original article: Google’s .zip, .mov Domains Give Social…

Read more →

A cybersecurity vulnerability found in an implementation of the social login functionality opens the door to account takeovers and more. This article has been indexed from Dark Reading Read the original article: OAuth Flaw in Expo Platform Affects Hundreds of…

Read more →

It’s time to invest in initiatives that engage young women in cybersecurity early and often. This article has been indexed from Dark Reading Read the original article: How Universities Can Bridge Cybersecurity’s Gender Gap

Read more →

Researchers say the Iranian nation-state actor known as Tortoiseshell could be behind the attacks. This article has been indexed from Dark Reading Read the original article: Israeli Shipping, Logistics Companies Targeted in Watering Hole Attacks

Read more →

Any new cybersecurity technology should be not just a neutral addition to a security stack but a benefit to the other technologies or people managing them. This article has been indexed from Dark Reading Read the original article: 5 Questions…

Read more →

Companies are starting to address AI misuse. At Google I/O, for example, executives promised its AI has safety measures. This article has been indexed from Dark Reading Read the original article: Google Adds Guardrails to Keep AI in Check

Read more →

Secure email gateways and end users alike are being fooled by a cyberattack campaign that’s enjoying skyrocketing volumes against businesses in every industry, globally. This article has been indexed from Dark Reading Read the original article: SuperMailer Abuse Bypasses Email…

Read more →

Widespread cyber incidents will happen, but unlike for natural disasters, specific security controls can help prevent a catastrophe. This article has been indexed from Dark Reading Read the original article: What Security Professionals Need to Know About Aggregate Cyber Risk

Read more →

Changes in the way risk is viewed are leading to changes in the way training is conducted. This article has been indexed from Dark Reading Read the original article: A New Look for Risk in Awareness Training

Read more →

A February 2022 attack, knocked the giant tire maker’s North American operations offline for several days. This article has been indexed from Dark Reading Read the original article: Bridgestone CISO: Lessons From Ransomware Attack Include Acting, Not Thinking

Read more →

Threat actors are circumventing geo-location-based security detections, using a combination of cybercrime-as-a-service platforms and the purchasing of local IP addresses. This article has been indexed from Dark Reading Read the original article: Microsoft: BEC Attackers Evade ‘Impossible Travel’ Flags With…

Read more →

Shorter certificate lifespans are beneficial, but they require a rethink of how to properly manage them. This article has been indexed from Dark Reading Read the original article: Enterprises Must Prepare Now for Shorter TLS Certificate Lifespans

Read more →

Security vendors, businesses, and US government agencies need to work together to fight ransomware and protect critical infrastructure. This article has been indexed from Dark Reading Read the original article: Improving Cybersecurity Requires Building Better Public-Private Cooperation

Read more →

The technology conglomerate has until later this year to end its transfer of European user’s data across the Atlantic. This article has been indexed from Dark Reading Read the original article: Meta Hit With $1.3B Record-Breaking Fine for GDPR Violations

Read more →

The climate of concern around open source security and supply chain attacks may have caused a small story to become a big one. This article has been indexed from Dark Reading Read the original article: PyPI Shuts Down Over the…

Read more →

The purchase gives IBM access to a new category of products called “data security posture management” for security data in cloud and SaaS repositories. This article has been indexed from Dark Reading Read the original article: IBM’s Polar Buy Creates…

Read more →

Techniques used in cyber warfare can be sold to anyone — irrespective of borders, authorities, or affiliations. We need to develop strategies to respond at scale. This article has been indexed from Dark Reading Read the original article: Cyber Warfare…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: CommonMagic APT Campaign Broadens Target Scope to Central and Western Ukraine

Read more →

It’s not lack of data that’s the problem, but the inability to piece that together to truly understand and reduce risk. This article has been indexed from Dark Reading Read the original article: Data Siloes: Overcoming the Greatest Challenge in…

Read more →

In an advisory released by the company, Apple revealed patches for three previously unknown bugs it says may already have been used by attackers. This article has been indexed from Dark Reading Read the original article: Apple Patches 3 Zero-Days…

Read more →

The data shows how most cyberattacks start, so basic steps can help organizations avoid becoming the latest statistic. This article has been indexed from Dark Reading Read the original article: 3 Common Initial Attack Vectors Account for Most Ransomware Campaigns

Read more →

As we share an increasing amount of personal information online, we create more opportunities for threat actors to steal our identities. This article has been indexed from Dark Reading Read the original article: Keep Your Friends Close and Your Identity…

Read more →

New rules aim to level up the quality of submissions to Google and Android device Vulnerability Reward Program. This article has been indexed from Dark Reading Read the original article: Google Debuts Quality Ratings for Security Bug Disclosures

Read more →

As enterprises adopt multicloud, the security picture has gotten foggy. Cloud workload protection platforms and distributed firewalls are creating clarity. This article has been indexed from Dark Reading Read the original article: Enterprises Rely on Multicloud Security to Protect Cloud…

Read more →

A newly discovered bug in the open source password manager, if exploited, lets attackers retrieve a target’s master password — and proof-of-concept code is available. This article has been indexed from Dark Reading Read the original article: KeePass Vulnerability Imperils…

Read more →

Plug X and other information-stealing remote-access Trojans are among the malware targeting networking, manufacturing, and logistics companies in Taiwan. This article has been indexed from Dark Reading Read the original article: Trojan-Rigged Phishing Attacks Pepper China-Taiwan Conflict

Read more →

Risk from artificial intelligence vectors presents a growing concern among security professionals in 2023. This article has been indexed from Dark Reading Read the original article: 10 Types of AI Attacks CISOs Should Track

Read more →

Cybercrime group that often uses smishing for initial access bypassed traditional OS targeting and evasion techniques to directly gain access to the cloud. This article has been indexed from Dark Reading Read the original article: Microsoft Azure VMs Highjacked in…

Read more →

Security by design can’t be just a best practice — it has to become a fundamental part of software development. This article has been indexed from Dark Reading Read the original article: Embedding Security by Design: A Shared Responsibility

Read more →

With the new additions to Satori’s Data Security Platform, companies gain unprecedented visibility to answer “Where is all my data?” and “Who has access to it?” This article has been indexed from Dark Reading Read the original article: Satori Augments…

Read more →

Customized fix recommendations and cut and paste code fixes dramatically reduce remediation times. This article has been indexed from Dark Reading Read the original article: OX Security Launches OX-GPT, AppSec’s First ChatGPT Integration

Read more →

Turkorat-poisoned packages sat in the npm development library for months, researchers say. This article has been indexed from Dark Reading Read the original article: Once Again, Malware Discovered Hidden in npm

Read more →

New retainer provides expert support starting in the first 72 hours of the incident response process to contain the attack and improve preparedness for the future. This article has been indexed from Dark Reading Read the original article: WithSecure Launches…

Read more →

Elevated attack rate expected to remain during 2023 as cybercrime becomes more sophisticated and widespread. This article has been indexed from Dark Reading Read the original article: LexisNexis Risk Solutions Cybercrime Report Reveals 20% Annual Increase in Global Digital Attack…

Read more →

SECOM CO., LTD, a $15B enterprise and one of the largest security integration companies in the world, invests in the two global cloud physical security leaders, accelerating the use of AI and improving safety and security. This article has been…

Read more →

Launched in partnership with Immunefi, bounty to promote Web3 security. This article has been indexed from Dark Reading Read the original article: LayerZero Labs Launches $15M Bug Bounty; Largest in the World

Read more →

AI-powered cyber defense service protects against phishing attacks for businesses on unlimited handset plans. This article has been indexed from Dark Reading Read the original article: ActZero Teams Up With UScellular to Secure Mobile Devices From Ransomware Attacks

Read more →

As ChatGPT adoption grows, the industry needs to proceed with caution. Here’s why. This article has been indexed from Dark Reading Read the original article: 3 Ways Hackers Use ChatGPT to Cause Security Headaches

Read more →

Lemon Group’s Guerrilla malware model an example of how threat actors are monetizing compromised Android devices, researchers say. This article has been indexed from Dark Reading Read the original article: Lemon Group Uses Millions of Pre-Infected Android Phones to Enable…

Read more →

CISA urges small and midsized organizations as well as critical infrastructures to implement mitigations to shield from further attacks. This article has been indexed from Dark Reading Read the original article: BianLian Cybercrime Group Changes Attack Methods, CISA Advisory Notes

Read more →

Organizations can focus on these key considerations to develop their cybersecurity testing program sustainably. This article has been indexed from Dark Reading Read the original article: 5 Ways Security Testing Can Aid Incident Response

Read more →

Pro-Houthi OilAlpha uses spoofed Android apps to monitor victims across the Arab peninsula working to bring stability to Yemen. This article has been indexed from Dark Reading Read the original article: Houthi-Backed Spyware Effort Targets Yemen Aid Workers

Read more →

The mobile phone and MacBook giant also rejected nearly 1.7 million app submissions last year in an effort to root out malware and fraud. This article has been indexed from Dark Reading Read the original article: Apple Boots a Half-Million…

Read more →

It’s as they say: A Teams is only as strong as its weakest links. Microsoft’s collaboration platform offers Tabs, Meetings, and Messages functions, and they all can be exploited. This article has been indexed from Dark Reading Read the original…

Read more →

Pending new SEC rules reinforce how integral cybersecurity is to modern business operations, and will help close the gap between security teams and those making policy decisions. This article has been indexed from Dark Reading Read the original article: Talking…

Read more →

Cobalt’s fifth edition of “The State of Penetration Testing Report” taps into data from 3,100 pen tests and more than 1,000 responses from security practitioners. This article has been indexed from Dark Reading Read the original article: How to Protect…

Read more →

It’s still unclear when systems for Pennsylvania’s largest media outlet will be fully restored, as employees were told to stay at home through Tuesday. This article has been indexed from Dark Reading Read the original article: Sunday Paper Debacle: Philadelphia…

Read more →

Three pieces of advice to startups serious about winning funding and support for their nascent companies: Articulate your key message clearly, have the founder speak, and don’t use a canned demo. This article has been indexed from Dark Reading Read…

Read more →

In part three of this three-part series, Microsoft dissects these twinned threats and what organizations can do to reduce or eliminate their risk. This article has been indexed from Dark Reading Read the original article: Microsoft Digital Defense Report: Nation-State…

Read more →

Cyberattckers can easily exploit a command-injection bug in the popular device, but Belkin has no plans to address the security vulnerability. This article has been indexed from Dark Reading Read the original article: Unpatched Wemo Smart Plug Bug Opens Countless…

Read more →

Threat actors seen using Go-language implementation of the red-teaming tool on Intel and Apple silicon-based macOS systems. This article has been indexed from Dark Reading Read the original article: Attackers Target macOS With ‘Geacon’ Cobalt Strike Tool

Read more →

Partnership will provide SAP customers with comprehensive exposure management capabilities and in-depth visibility of attack surfaces. This article has been indexed from Dark Reading Read the original article: XM Cyber Announces Partnership With SAP to Deliver Robust Security for Hybrid…

Read more →

LockBit, Babuk, and Hive ransomware used by Russian to target critical US organizations, DOJ says. This article has been indexed from Dark Reading Read the original article: Russian Ransomware Perp Charged After High-Profile Hive, Babuk & LockBit Hits

Read more →

Researchers infiltrate a ransomware operation and discover slick services behind Qilin’s Rust-based malware variant. This article has been indexed from Dark Reading Read the original article: Qilin Ransomware Operation Outfits Affiliates With Sleek, Turnkey Cyberattacks

Read more →

Joint integration delivers effective DSPM enforcement for self-managed customers starting with credential-free access, risk-based continuous authentication, and protection from data exposure. This article has been indexed from Dark Reading Read the original article: Circle Security Technology Partnership With ForgeRock to…

Read more →

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. This article has been indexed from Dark Reading Read the original article: Name That Toon: One by One

Read more →

Researchers found 11 vulnerabilities in products from three industrial cellular router vendors that attackers can exploit through various vectors, bypassing all security layers. This article has been indexed from Dark Reading Read the original article: Severe RCE Bugs Open Thousands…

Read more →

What works successfully in IT may be problematic in an operational technology/industrial control systems environment where availability and safety of operations must be maintained. This article has been indexed from Dark Reading Read the original article: 4 Big Mistakes to…

Read more →

Former Humu, Google, and Twitter security leader adds deep security experience. This article has been indexed from Dark Reading Read the original article: Lacework Appoints Lea Kissner as Chief Information Security Officer

Read more →

Former Humu, Google, and Twitter security leader adds deep security experience. This article has been indexed from Dark Reading Read the original article: Lacework Appoints Lea Kissner As Chief Information Security Officer

Read more →

The freshly minted ransomware gang is customizing leaked Babuk source code to go after cyber targets in the US and South Korea — and it’s expanding its operations quickly. This article has been indexed from Dark Reading Read the original…

Read more →

Relatives are being alerted that a PharMerica compromise exposed the sensitive data of their deceased loved ones, which could be used for identity theft. This article has been indexed from Dark Reading Read the original article: PharMerica Leaks 5.8M Deceased…

Read more →

With the introduction of generative AI, even more business users are going to create low-code/no-code applications. Prepare to protect them. This article has been indexed from Dark Reading Read the original article: Generative AI Empowers Users but Challenges Security

Read more →

A misconfigured cloud instance exposed vehicle data, but not personally identifiable information, the car maker says. This article has been indexed from Dark Reading Read the original article: Toyota Discloses Decade-Long Data Leak Exposing 2.15M Customers’ Data

Read more →

This Tech Tip demonstrates how security engineers can best use rate limits to mitigate distributed denial-of-service attacks. This article has been indexed from Dark Reading Read the original article: Breaking the DDoS Attack Loop With Rate Limiting

Read more →

A two-bit comedian is using a patched Microsoft vulnerability to attack the hospitality industry, and really laying it on thick along the way. This article has been indexed from Dark Reading Read the original article: Microsoft Follina Bug Is Back…

Read more →

US Transportation Security Agency (TSA) administrator reflects on how the Colonial Pipeline incident has moved the needle in public-private cooperation. This article has been indexed from Dark Reading Read the original article: TSA Official: Feds Improved Cybersecurity Response Post-Colonial Pipeline

Read more →

A predictable patch cadence is nice, but the software giant can do more. This article has been indexed from Dark Reading Read the original article: Microsoft Advisories Are Getting Worse

Read more →

The privilege escalation flaw is one in thousands that researchers have disclosed in recent years. This article has been indexed from Dark Reading Read the original article: WordPress Plugin Used in 1M+ Websites Patched to Close Critical Bug

Read more →

The deal will enhance the capabilities of both companies and provide customers with a more comprehensive way to protect their digital assets. This article has been indexed from Dark Reading Read the original article: An Analyst View of XM Cyber’s…

Read more →

Retired hardware and forgotten cloud virtual machines are a trove of insecure confidential data. Here’s how to ameliorate that weakness. This article has been indexed from Dark Reading Read the original article: Making Sure Lost Data Stays Lost

Read more →

The Technology Innovation Institute’s year-long cryptographic challenge invites participants to assess concrete hardness of McEliece public-key encryption scheme. This article has been indexed from Dark Reading Read the original article: New Competition Focuses on Hardening Cryptosystems

Read more →

Dubbed “ChattyGoblin,” the China-backed actors use chatbots to scam Southeast Asian gambling companies. This article has been indexed from Dark Reading Read the original article: Malicious Chatbots Target Casinos in Southeast Asia

Read more →