Category: Dark Reading

Industrial devices are less likely to be patched due to expensive downtime, and threat actors have taken notice. This article has been indexed from Dark Reading Read the original article: Piles of Unpatched IoT, OT Devices Attract ICS Cyberattacks

Read more →

A crawl, walk, run approach allows organizations to establish a governance, risk, and compliance (GRC) program that grows and matures with the business. This article has been indexed from Dark Reading Read the original article: How to Create an Effective…

Read more →

Unless the CEO and other C-suite executives defer to the CISO’s decisions on cybersecurity, is that CISO really running things? This article has been indexed from Dark Reading Read the original article: CISOs Need Backing to Take Charge of Security

Read more →

Despite being outed earlier this year, the advanced persistent threat group is trying to sneak past researchers again. This article has been indexed from Dark Reading Read the original article: Russian APT ‘BlueCharlie’ Swaps Infrastructure to Evade Detection

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Menlo Security Establishes Browser Security With AI-Powered Phishing and Ransomware Protection

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Tanium Selected by DHS CISA to Join the Joint Cyber Defense…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Guardio Uncovers Zero-Day Vulnerability in Salesforce’s Email Services

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: BeyondTrust’s Identity Security Insights Provides Unprecedented Visibility into Identity Threats

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Global Optical Sensor Market to Reach $45.56B by 2030, Rising Demand…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: SynSaber and ICS Advisory Project Identify Vulnerability Trends Within The Critical…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Solvo Unveils SecurityGenie: A Revolutionary ChatGPT-Like Solution for Cloud Security Teams

Read more →

Amid the national discussion about AI safety and non-human-originated content in the US, an app researcher spotted an effort by the social media app to flag AI posts for its 2+ billion users. This article has been indexed from Dark…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: VALIC Retirement Services Company Experiences PBI Data Breach Exposing Approximately 798,000…

Read more →

Cloudzy is a command-and-control provider (C2P) to APT groups in Iran, North Korea, and Russia, according to Halcyon. This article has been indexed from Dark Reading Read the original article: Iranian Company Plays Host to Reams of Ransomware, APT Groups

Read more →

Due to the nature of the attack, Hot Topic says that it was unable to tell which accounts were accessed by legitimate users and which were accessed by threat actors, making the situation all the more difficult. This article has…

Read more →

The prolific APT, also known as OilRig and MuddyWater, was caught targeting an IT company’s government clients in the region, with the aim of carrying out cyber espionage. This article has been indexed from Dark Reading Read the original article:…

Read more →

Innovations in continuous controls monitoring may be the only way underwriters can offer cyber-insurance policies that make sense in the market. This article has been indexed from Dark Reading Read the original article: Cyber-Insurance Underwriting Is Still Stuck in the…

Read more →

Want heated seats for free? Self-driving in Europe despite a regulatory ban? Researchers have discovered the road to free car-modding on the popular Tesla EVs. This article has been indexed from Dark Reading Read the original article: Tesla Jailbreak Unlocks…

Read more →

A culture of cybersecurity and implementing industry best practices can go a long way toward protecting a utility. This article has been indexed from Dark Reading Read the original article: Utilities Face Security Challenges as They Embrace Data in New…

Read more →

By integrating detection response with information and event management, organizations can move beyond protective controls and harden their defenses. This article has been indexed from Dark Reading Read the original article: Unified XDR and SIEM Alleviate Security Alert Fatigue

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Devo and Cybermindz Partner to Address the Mental Health of Front-Line…

Read more →

A lot of what the strategy proposes is well-intentioned but somewhat aspirational at the moment, industry experts say. This article has been indexed from Dark Reading Read the original article: White House Cyber Workforce Strategy: No Quick Fix for Skills…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Nile Raises $175M Series C Funding to Redefine Enterprise Networks

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Forescout’s Risk and Exposure Management Solution Delivers Streamlined, Quantitative Approach to…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: MEF and CyberRatings.org Partner on SASE Certification Program

Read more →

Nearly 200 models are affected by vulnerability that may give wireless access to unauthorized third parties. This article has been indexed from Dark Reading Read the original article: Canon Inkjet Printers at Risk for Third-Party Compromise via Wi-Fi

Read more →

The attackers have expanded beyond backdoors and recently started using Deed RAT to step up their attacks. This article has been indexed from Dark Reading Read the original article: Space Pirates Train Cyber Sabers on Russian, Serbian Organizations

Read more →

The DarkBART and DarkBERT cybercriminal chatbots, based on Google Bard, represent a major leap ahead for adversarial AI, including Google Lens integration for images and instant access to the whole of the cyber-underground knowledge base. This article has been indexed…

Read more →

The Hidden Virtual Network Computing (hVNC) malware infests Macs and silently executes complete takeovers, with no user permission needed. It also sports persistence through reboots. This article has been indexed from Dark Reading Read the original article: Apple Users Open…

Read more →

A China-nexus cyber espionage campaign rages on with the fourth backdoor to surface in the wild that takes advantage of the CVE-2023-2868 zero-day security bug — with severe threat of lateral movement, CISA warns. This article has been indexed from…

Read more →

Businesses that develop business-, mission-, or safety-critical software must learn from previous victims of software supply chain attacks. This article has been indexed from Dark Reading Read the original article: Lessons Not Learned From Software Supply Chain Attacks

Read more →

Bill 362 is a perfect template for a nationwide win against data brokers and the privacy infringements they cause. This article has been indexed from Dark Reading Read the original article: Why the California Delete Act Matters

Read more →

CISOs are incorporating biometrics as part of their multifactor authentication strategies. This is what they should be thinking about during implementation. This article has been indexed from Dark Reading Read the original article: What Implementing Biometrics for Authentication Looks Like

Read more →

US officials are concerned that the Beijing-directed cyberattacks could be a precursor to military disruption and broader destructive attacks on citizens and businesses. This article has been indexed from Dark Reading Read the original article: China’s Volt Typhoon APT Burrows…

Read more →

Companies should use a variety of tools and strategies, both technical and policy, to protect their IP from third-party risk. This article has been indexed from Dark Reading Read the original article: Protecting Intellectual Property When It Needs to Be…

Read more →

Researchers uncovered new worming second-stage tools used to locally exfiltrate data from air gapped ICS environments, putting threat actors one step away from transmission of the info to a C2. This article has been indexed from Dark Reading Read the…

Read more →

The 4-month-old ransomware gang is now actively targeting VMware’s virtual environments with a second variant of its custom malware. This article has been indexed from Dark Reading Read the original article: Abyss Locker Ransomware Looks to Drown VMware’s ESXi Servers

Read more →

The revival of the beloved online multiplayer video game was short-lived once players detected unusual activity and behavior that portended malware. This article has been indexed from Dark Reading Read the original article: Call of Duty Self-Spreading Worm Takes Aim…

Read more →

The apparent pro-Iranian Cyber Avengers posted images of BAZAN Groups’s SCADA systems, diagrams, and programmable logic controller (PLC) code. This article has been indexed from Dark Reading Read the original article: Israeli Oil Refinery Taken Offline by Pro-Iranian Attackers

Read more →

Omdia’s latest research with Trend Micro and CTOne sheds light on 5G security challenges and ways to effectively extend enterprise-grade security to 5G networks This article has been indexed from Dark Reading Read the original article: Best Practices for Enterprise…

Read more →

From the upcoming Billion Dollar Heist to docs on the Ashley Madison breach and Stuxnet, here are a bevy of films that can scratch that wanna-be hacker itch. This article has been indexed from Dark Reading Read the original article:…

Read more →

Six focus areas to address the top security challenges facing healthcare organizations today. This article has been indexed from Dark Reading Read the original article: Healthcare Innovation: A Safe and Secure Approach

Read more →

Voice, face, and vein recognition each have its pros and cons. Here’s what CISOs need to know. This article has been indexed from Dark Reading Read the original article: Choose the Best Biometrics Authentication for Your Use Case

Read more →

In a letter to the DoJ, FTC, and CISA, Oregon’s Wyden also called for Microsoft to be held accountable in the sprawling SolarWinds breach. This article has been indexed from Dark Reading Read the original article: Senator Blasts Microsoft for…

Read more →

Techniques are similar to those in previous North Korean attacks and could be linked to well-known cyber-espionage organizations. This article has been indexed from Dark Reading Read the original article: Stark#Mule Malware Campaign Targets Koreans, Uses US Army Documents

Read more →

The malware, along with a sister strain dubbed “FakeTrade,” was found lurking in Google Play. This article has been indexed from Dark Reading Read the original article: CherryBlos Malware Uses OCR to Pluck Android Users’ Cryptocurrency

Read more →

NATO asserts that their cyber experts continue to look into the claims and that its classified networks remain secure. This article has been indexed from Dark Reading Read the original article: Hack Crew Responsible for Stolen Data, NATO Investigates Claims

Read more →

The more artificial intelligence builds out our digital personas, the easier it will become for bad actors to target us with more convincing attacks. This article has been indexed from Dark Reading Read the original article: Another AI Pitfall: Digital…

Read more →

When their roles intersect, IT ops and security teams often find themselves at odds. Here are some ways to foster collaboration. This article has been indexed from Dark Reading Read the original article: IT Ops and Security Teams Need Automation,…

Read more →

The contextual cybersecurity search platform helps security teams gather information about the organization’s environment and security posture. This article has been indexed from Dark Reading Read the original article: Cyclops Launches From Stealth With Generative AI-Based Search Tool

Read more →

Everyone benefits — the CISO, the company, and the insurer — when CISOs are included in arranging cyber insurance. This article has been indexed from Dark Reading Read the original article: Why CISOs Should Get Involved With Cyber Insurance Negotiation

Read more →

Developers need more software security safeguards earlier in the process, especially as AI becomes more common. This article has been indexed from Dark Reading Read the original article: Despite Post-Log4J Security Gains, Developers Can Still Improve

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: CompTIA ChannelCon Technology Vendor Fair Highlights Tech Solutions

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: 7 in 10 MSPs Name Data Security and Network Security As…

Read more →

Living up to its name, Maximus sees a whale of a breach that affects millions of people’s sensitive government records, including health data. This article has been indexed from Dark Reading Read the original article: Millions of People Affected in…

Read more →

Airline violates privacy protections of the EU’s General Data Protection Regulation, plaintiff says, seeking a $210 million fine. This article has been indexed from Dark Reading Read the original article: Ryanair Hit With Lawsuit Over Use of Facial Recognition Technology

Read more →

Ilya Sachkov, convicted of treason by the Kremlin, will serve time in one of Russia’s prison camps, which feature rigid schedules and isolation from the outside world, critics say. This article has been indexed from Dark Reading Read the original…

Read more →

Azerbaijan minister pledges to train many more cyber specialists in the coming years to improve regional cyber-readiness. This article has been indexed from Dark Reading Read the original article: Israeli-Trained Azerbaijan Cyber Students Mark Inaugural Graduation

Read more →

Some 40% of Ubuntu Linux cloud workloads subject to GameOverlay security bugs in the OverlayFS module. This article has been indexed from Dark Reading Read the original article: Ubuntu Linux Cloud Workloads Face Rampant Root Take Takeovers

Read more →

The proposed attestation form is meant to help secure the software chain and formalizes the role of the SBOM as the first line of defense. This article has been indexed from Dark Reading Read the original article: What Will CISA’s…

Read more →

With change happening faster than ever before, tools can help bridge capability gaps, along with accelerated workforce training. This article has been indexed from Dark Reading Read the original article: Why Today’s CISOs Must Embrace Change

Read more →

Enterprises now must describe their management’s expertise in cybersecurity. But what exactly does that entail? This article has been indexed from Dark Reading Read the original article: Companies Must Have Corporate Cybersecurity Experts, SEC Says

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: SE Labs Unveils Latest Comparative Analysis of Endpoint Detection and Response…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Rezilion Uncovers High-Risk Vulnerabilities Missing From CISA KEV Catalog

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Coro Acquires Network Security Startup Privatise

Read more →

Boards must now file notice of a “material incident” within four business days, although questions remain. This article has been indexed from Dark Reading Read the original article: SEC Adopts New Rule on Cybersecurity Incident Disclosure Requirements

Read more →

Threat actors are distributing new “Realst” infostealer via fake blockchain games, researchers warn. This article has been indexed from Dark Reading Read the original article: Massive macOS Campaign Targets Crypto Wallets, Data

Read more →

Forget temps and new employees. A new malicious campaign compromises organizations through a high risk, high reward vector: IT professionals. This article has been indexed from Dark Reading Read the original article: ‘Nitrogen’ Ransomware Effort Lures IT Pros via Google,…

Read more →

Nonetheless, European standards body revised the wireless standard and insists its integrity remains sound. This article has been indexed from Dark Reading Read the original article: ETSI Dismisses Claims of ‘Backdoor’ Vulnerabilities in TETRA Standard

Read more →

Hackers have three key pathways — the OS, apps, and malware — for leveraging the popular home fitness equipment as initial access for data compromise, ransomware, and more This article has been indexed from Dark Reading Read the original article:…

Read more →

Trusted content is paramount in securing the supply chain. This article has been indexed from Dark Reading Read the original article: Kubernetes and the Software Supply Chain

Read more →

The deal is expected to give the French vendor a larger presence in the application and API security markets, as well as in North America. This article has been indexed from Dark Reading Read the original article: Thales Agrees to…

Read more →

By integrating XDR and SIEM, security professionals can automate correlation and prioritization of alerts across a broad swath of security infrastructure. This article has been indexed from Dark Reading Read the original article: Threat Intelligence Is Growing — Here’s How…

Read more →

At least three actors are using the new, improved version, prompting researchers to conclude it was likely developed by a nation-state. This article has been indexed from Dark Reading Read the original article: Decoy Dog Gets an Upgrade With New…

Read more →

KnowBe4 releases Q2 2023 global phishing report and finds HR related email subjects utilized as a phishing strategy and make up 50% of top email subjects. This article has been indexed from Dark Reading Read the original article: KnowBe4 Phishing…

Read more →

CISOs consider zero trust a hot security ticket, but organizations run the risk of leaving gaps in their security infrastructure. This article has been indexed from Dark Reading Read the original article: 50% of Zero Trust Programs Risk Failure According…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Why Computer Security Advice Is More Confusing Than It Should Be

Read more →

Weak encryption algorithms leave radio communications open to attack and abuse. This article has been indexed from Dark Reading Read the original article: Zero-Day Vulnerabilities Discovered in Global Emergency Services Communications Protocol

Read more →

Cyberattackers have used a zero-day exploit to compromise up to 12 Norwegian government departments. This article has been indexed from Dark Reading Read the original article: Ivanti Zero-Day Exploit Disrupts Norway’s Government Services

Read more →

The impact of fraud on a victim’s health and well-being can be more painful than the financial loss. This article has been indexed from Dark Reading Read the original article: Cybercrime as a Public Health Crisis

Read more →

Apple has issued an emergency fix for the latest exploited zero-day bug found affecting its software in 2023 — a list that also includes the Operation Triangulation spyware flaws. This article has been indexed from Dark Reading Read the original…

Read more →

Artificial intelligence-powered threats are already affecting businesses, schools, hospitals, and individuals, and it will only get worse as AI advances. This article has been indexed from Dark Reading Read the original article: Beyond ChatGPT: Organizations Must Protect Themselves Against the…

Read more →

CISOs select winners based on real-world experience; vendor submissions now open. This article has been indexed from Dark Reading Read the original article: CISOs Connect Launches the 2023 CISO Choice Awards

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Global Security Assurance Market to Reach $13B by 2030

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Managing Human Risk: Discoveries From SANS 2023 Security Awareness Report

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: TARA Partners With Plante Moran to Deliver Risk-Based Vulnerability Management

Read more →

Funding will accelerate platform innovation as organizations scale trust across privacy, security, ethics, and ESG. This article has been indexed from Dark Reading Read the original article: OneTrust Secures $150M Investment Led by Generation Investment Management

Read more →

A widespread disinformation campaign aimed at Americans wasn’t that effective, but it was certainly creative, even slipping in influence articles to legitimate news outlets like AZCentral.com. This article has been indexed from Dark Reading Read the original article: China Propaganda…

Read more →

The rise of generative AI is creating new ways to both attack and defend assets. Which threats are solid and which are vapor? This article has been indexed from Dark Reading Read the original article: Are AI-Engineered Threats FUD or…

Read more →

Cl0p stands to make $100M on the MOVEit campaign, and according to a just-released survey, more than half of businesses are willing to pass data breach costs onto customers. This article has been indexed from Dark Reading Read the original…

Read more →

The security vulnerabilities allow full takeover of Atlassian instances, so admins should patch now. This article has been indexed from Dark Reading Read the original article: Atlassian RCE Bugs Plague Confluence, Bamboo

Read more →

KillNet is amassing members, capabilities, and know-how, as it looks to consolidate cybercrime power under its own umbrella. This article has been indexed from Dark Reading Read the original article: KillNet’s Kremlin Connection Unclear as the Cybercrime Collective Grows

Read more →

The North Korean APT is setting up legitimate accounts on GitHub and social media platforms to pose as developers or recruiters — ultimately to fool targets into loading npm repositories with malicious code. This article has been indexed from Dark…

Read more →

Complex security issues arise when different clouds and computing models interact. This article has been indexed from Dark Reading Read the original article: Designing a Security Strategy for Defending Multicloud Architectures

Read more →

Learn the importance of adding security practices into DevOps life cycles and how to make security stronger. This article has been indexed from Dark Reading Read the original article: How to Put the Sec in DevSecOps

Read more →

Considering adopting extended detection and response (XDR) in your cybersecurity defense program? Here’s what you need to know about the technology platform. This article has been indexed from Dark Reading Read the original article: What C-Suite Leaders Need to Know…

Read more →

In a nod to its centrality in IP networking, a Forescout researcher will parse overlooked vulnerabilities in the Border Gateway Protocol at Black Hat USA. This article has been indexed from Dark Reading Read the original article: BGP Software Vulnerabilities…

Read more →

In separate targeted incidents, threat actors tried to upload malware into the Node Package Manager registry to gain access and steal credentials. This article has been indexed from Dark Reading Read the original article: Banks In Attackers’ Crosshairs, Via Open…

Read more →

Detections of rootkit attacks against businesses in the United Arab Emirates are up 167% in 2023, with an increased view of their use in the Middle East overall. This article has been indexed from Dark Reading Read the original article:…

Read more →

CVSS Version 4 arguably performs better, but companies also need to tailor any measure of threat to their own environment to quickly evaluate new software bugs for patching order. This article has been indexed from Dark Reading Read the original…

Read more →