Tag: Dark Reading

At least three actors are using the new, improved version, prompting researchers to conclude it was likely developed by a nation-state. This article has been indexed from Dark Reading Read the original article: Decoy Dog Gets an Upgrade With New…

Read more →

KnowBe4 releases Q2 2023 global phishing report and finds HR related email subjects utilized as a phishing strategy and make up 50% of top email subjects. This article has been indexed from Dark Reading Read the original article: KnowBe4 Phishing…

Read more →

CISOs consider zero trust a hot security ticket, but organizations run the risk of leaving gaps in their security infrastructure. This article has been indexed from Dark Reading Read the original article: 50% of Zero Trust Programs Risk Failure According…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Why Computer Security Advice Is More Confusing Than It Should Be

Read more →

Weak encryption algorithms leave radio communications open to attack and abuse. This article has been indexed from Dark Reading Read the original article: Zero-Day Vulnerabilities Discovered in Global Emergency Services Communications Protocol

Read more →

Cyberattackers have used a zero-day exploit to compromise up to 12 Norwegian government departments. This article has been indexed from Dark Reading Read the original article: Ivanti Zero-Day Exploit Disrupts Norway’s Government Services

Read more →

The impact of fraud on a victim’s health and well-being can be more painful than the financial loss. This article has been indexed from Dark Reading Read the original article: Cybercrime as a Public Health Crisis

Read more →

Apple has issued an emergency fix for the latest exploited zero-day bug found affecting its software in 2023 — a list that also includes the Operation Triangulation spyware flaws. This article has been indexed from Dark Reading Read the original…

Read more →

Artificial intelligence-powered threats are already affecting businesses, schools, hospitals, and individuals, and it will only get worse as AI advances. This article has been indexed from Dark Reading Read the original article: Beyond ChatGPT: Organizations Must Protect Themselves Against the…

Read more →

CISOs select winners based on real-world experience; vendor submissions now open. This article has been indexed from Dark Reading Read the original article: CISOs Connect Launches the 2023 CISO Choice Awards

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Global Security Assurance Market to Reach $13B by 2030

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Managing Human Risk: Discoveries From SANS 2023 Security Awareness Report

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: TARA Partners With Plante Moran to Deliver Risk-Based Vulnerability Management

Read more →

Funding will accelerate platform innovation as organizations scale trust across privacy, security, ethics, and ESG. This article has been indexed from Dark Reading Read the original article: OneTrust Secures $150M Investment Led by Generation Investment Management

Read more →

A widespread disinformation campaign aimed at Americans wasn’t that effective, but it was certainly creative, even slipping in influence articles to legitimate news outlets like AZCentral.com. This article has been indexed from Dark Reading Read the original article: China Propaganda…

Read more →

The rise of generative AI is creating new ways to both attack and defend assets. Which threats are solid and which are vapor? This article has been indexed from Dark Reading Read the original article: Are AI-Engineered Threats FUD or…

Read more →

Cl0p stands to make $100M on the MOVEit campaign, and according to a just-released survey, more than half of businesses are willing to pass data breach costs onto customers. This article has been indexed from Dark Reading Read the original…

Read more →

The security vulnerabilities allow full takeover of Atlassian instances, so admins should patch now. This article has been indexed from Dark Reading Read the original article: Atlassian RCE Bugs Plague Confluence, Bamboo

Read more →

KillNet is amassing members, capabilities, and know-how, as it looks to consolidate cybercrime power under its own umbrella. This article has been indexed from Dark Reading Read the original article: KillNet’s Kremlin Connection Unclear as the Cybercrime Collective Grows

Read more →

The North Korean APT is setting up legitimate accounts on GitHub and social media platforms to pose as developers or recruiters — ultimately to fool targets into loading npm repositories with malicious code. This article has been indexed from Dark…

Read more →

Complex security issues arise when different clouds and computing models interact. This article has been indexed from Dark Reading Read the original article: Designing a Security Strategy for Defending Multicloud Architectures

Read more →

Learn the importance of adding security practices into DevOps life cycles and how to make security stronger. This article has been indexed from Dark Reading Read the original article: How to Put the Sec in DevSecOps

Read more →

Considering adopting extended detection and response (XDR) in your cybersecurity defense program? Here’s what you need to know about the technology platform. This article has been indexed from Dark Reading Read the original article: What C-Suite Leaders Need to Know…

Read more →

In a nod to its centrality in IP networking, a Forescout researcher will parse overlooked vulnerabilities in the Border Gateway Protocol at Black Hat USA. This article has been indexed from Dark Reading Read the original article: BGP Software Vulnerabilities…

Read more →

In separate targeted incidents, threat actors tried to upload malware into the Node Package Manager registry to gain access and steal credentials. This article has been indexed from Dark Reading Read the original article: Banks In Attackers’ Crosshairs, Via Open…

Read more →

Detections of rootkit attacks against businesses in the United Arab Emirates are up 167% in 2023, with an increased view of their use in the Middle East overall. This article has been indexed from Dark Reading Read the original article:…

Read more →

CVSS Version 4 arguably performs better, but companies also need to tailor any measure of threat to their own environment to quickly evaluate new software bugs for patching order. This article has been indexed from Dark Reading Read the original…

Read more →

China-inked APT actors could have single-hop access to the gamut of Microsoft cloud services and apps, including SharePoint, Teams, and OneDrive, among many others. This article has been indexed from Dark Reading Read the original article: Microsoft 365 Breach Risk…

Read more →

Registration has opened for the cybersecurity specialty track at Tuwaiq Academy, where students will learn a variety of related skills. This article has been indexed from Dark Reading Read the original article: Saudi Arabia’s Tuwaiq Academy Opens Cybersecurity Bootcamp

Read more →

Hosts Sophia d’Antoine and Ian Roos presented the list at Summercon in Brooklyn, where they also handed out a surprise Lifetime Achievement Award. This article has been indexed from Dark Reading Read the original article: Meet the Finalists for the…

Read more →

With Big Tech companies pledging voluntary safeguards, industry-watchers assume that smaller AI purveyors will follow in their wake to make AI safer for all. This article has been indexed from Dark Reading Read the original article: White House, Big Tech…

Read more →

Sophisticated fraudsters are exploiting ChatGPT and CAPTCHAs to evade enterprise security defenses. This article has been indexed from Dark Reading Read the original article: The Dark Side of AI

Read more →

Analysts continue piecing together who breached JumpCloud, why, and what else they’ve managed to pull off. This article has been indexed from Dark Reading Read the original article: North Korean Attackers Targeted Crypto Companies in JumpCloud Breach

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: TrustArc Announces TRUSTe EU-US Data Privacy Framework Verification

Read more →

Malicious activity targeting vulnerable SQL servers has surged 174% compared to 2022, Palo Alto’s Unit 42 says. This article has been indexed from Dark Reading Read the original article: Mallox Ransomware Group Activity Shifts Into High Gear

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Deloitte Global Expands MXDR Cybersecurity SaaS Solution With Operational Technology and…

Read more →

Critical-infrastructure employees are comparatively more engaged in organizational security — and compliance training — than those in other sectors. This article has been indexed from Dark Reading Read the original article: Critical Infrastructure Workers Better At Spotting Phishing

Read more →

The cosmetics conglomerate was apparently breached through the infamous MOVEit flaw by both Cl0p and BlackCat, at roughly the same time. This article has been indexed from Dark Reading Read the original article: Estée Lauder Breached in Twin MOVEit Hacks,…

Read more →

US Air Force veteran and Mandiant CEO discussed dwell time and state-sponsored attacks at the Military Cyber Professionals Association’s HammerCon conference. This article has been indexed from Dark Reading Read the original article: Kevin Mandia Brings the HammerCon

Read more →

Researcher discovers vulnerabilities in the open source Web application, which were fixed in the latest Apache OpenMeeting update. This article has been indexed from Dark Reading Read the original article: Apache OpenMeetings Wide Open to Account Takeover, Code Execution

Read more →

Frameworks can help improve hiring practices and retention, and help guide education — which makes them an important asset worth exploiting. This article has been indexed from Dark Reading Read the original article: Should You Be Using a Cybersecurity Careers…

Read more →

Kevin Mitnick, former computer hacker turned speaker and author, has died at the age of 59. This article has been indexed from Dark Reading Read the original article: Hacker-Turned-Security-Researcher Kevin Mitnick Dies Aged 59

Read more →

The SaaS product is available under the Company’s early access program as a closed, invitation-only beta experience, as part of the Plurilock AI platform. This article has been indexed from Dark Reading Read the original article: Plurilock Announces Generative AI…

Read more →

Citrix is urging organizations to immediately patch the unauthenticated RCE vulnerability. This article has been indexed from Dark Reading Read the original article: Attackers Exploit Citrix Zero-Day Bug to Pwn NetScaler ADC, Gateway

Read more →

Organizations have options when it comes to choosing the right tool to quantify risk This article has been indexed from Dark Reading Read the original article: Enterprise Choices in Measuring Risk

Read more →

Egress also launches adaptive security architecture, which dynamically adjusts email security controls based on aggregated data including KnowBe4’s user risk score. This article has been indexed from Dark Reading Read the original article: KnowBe4 Partners With Egress to Enhance Organizations’…

Read more →

Updated Evolve Partner Program offerings expand support and solution options for MSPs driving security modernization and network transformation. This article has been indexed from Dark Reading Read the original article: Netskope Launches Managed Service Provider Program

Read more →

Checkmarx’s industry-first AI AppSec plugin works within the ChatGPT interface to protect against new attack types targeting GenAI-generated code. This article has been indexed from Dark Reading Read the original article: Checkmarx Announces CheckAI Plugin for ChatGPT to Detect and…

Read more →

Supports company focus on bridging the cyber skills gap, strengthening cyber defenses, and protecting the front lines. This article has been indexed from Dark Reading Read the original article: Cloud Range Appoints Cybersecurity Leader Galina Antova to Board of Directors

Read more →

Industry pushback prompts Microsoft to drop premium pricing for access to cloud logging data. This article has been indexed from Dark Reading Read the original article: Microsoft Relents, Offers Free Critical Logging to All 365 Customers

Read more →

The ransomware-as-a-service offering was first assumed to be a red team exercise before being detected for true malicious activity. This article has been indexed from Dark Reading Read the original article: SophosEncrypt Ransomware Fools Security Researchers

Read more →

Nation-states see the opportunity in targeting people directly through their mobile phones, in this case with sophisticated Android surveillanceware. This article has been indexed from Dark Reading Read the original article: China’s APT41 Linked to WyrmSpy, DragonEgg Mobile Spyware

Read more →

Although not all Redis instances are vulnerable to the P2P worm variant, all of them can expect a compromise attempt, researchers warn. This article has been indexed from Dark Reading Read the original article: P2P Self-Replicating Cloud Worm Targets Redis

Read more →

While cybersecurity preparedness in Africa is on the upswing, the continent still lacks agreements on international security standards and sharing threat intel. This article has been indexed from Dark Reading Read the original article: Study: Africa Cybersecurity Improves But Lacks…

Read more →

Industry pushback prompts Microsoft to drop premium pricing for access to cloud logging data. This article has been indexed from Dark Reading Read the original article: Microsoft Relents, Offers Free Key Logging to All 365 Customers

Read more →

As companies navigate how to protect themselves from the onslaught of increasingly sophisticated fraud threats, artificial intelligence will be a critical piece of next-gen authentication. This article has been indexed from Dark Reading Read the original article: 3 Ways AI…

Read more →

Security debt exists in on-premises data centers as well as in cloud platforms — but preventing it from accumulating in the cloud requires different skills, processes, and tools. This article has been indexed from Dark Reading Read the original article:…

Read more →

By combining these leading-edge tools, security professionals can amplify the impact of their security strategies. This article has been indexed from Dark Reading Read the original article: Leverage Threat Intelligence, AI, and Data at Scale to Boost Cyber Defenses

Read more →

Google’s fix to the Bad.Build flaw only partially addresses the issue, say security researchers who discovered it. This article has been indexed from Dark Reading Read the original article: Google Cloud Build Flaw Enables Privilege Escalation, Code Tampering

Read more →

Attackers show renewed relentlessness in exploiting OS vulnerabilities that also circumvent defense and detection measures. This article has been indexed from Dark Reading Read the original article: Pernicious Rootkits Pose Growing Blight On Threat Landscape

Read more →

Some of the users who were impacted include the US Department of Justice, the NSA, and the FBI, alongside German intelligence agencies. This article has been indexed from Dark Reading Read the original article: VirusTotal Data Leak Affects 5K+ Users

Read more →

A prolific threat actor has been operating on Russian-language forums since 2020, but then he accidentally infected his own computer and sold off its contents to threat researchers. This article has been indexed from Dark Reading Read the original article:…

Read more →

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. This article has been indexed from Dark Reading Read the original article: Name That Toon: Shark Sighting

Read more →

The cybercrime group has given its backdoor malware a facelift in an attempt to evade detection, making some bug fixes and setting itself up to deliver its latest crimeware toy, BlackCat. This article has been indexed from Dark Reading Read…

Read more →

Two separate threat actors are using poisoned USB drives to distribute malware in cyber-espionage campaigns targeting organizations across different sectors and geographies. This article has been indexed from Dark Reading Read the original article: Sogu, SnowyDrive Malware Spreads, USB-Based Cyberattacks…

Read more →

A barrage of targeted attacks against vulnerable installations peaked at 1.3 million against 157,000 sites over the weekend, aimed at unauthenticated code execution. This article has been indexed from Dark Reading Read the original article: Attackers Pummel Millions of Websites…

Read more →

Organizations running Linux distributions need to prepare to defend their systems against ransomware attacks. Steps to ensure resiliency and basics such as access control reduce major disruptions. This article has been indexed from Dark Reading Read the original article: Linux…

Read more →

The company, one of four finalists in this year’s Black Hat USA Startup Spotlight competition, uses AI/ML to find firmware vulnerabilities. This article has been indexed from Dark Reading Read the original article: Startup Spotlight: Binarly Hardens Firmware Security

Read more →

Researchers explore how overburdened cyber analysts can improve their threat intelligence jobs by using ChatGPT-like large language models (LLMs). This article has been indexed from Dark Reading Read the original article: How AI-Augmented Threat Intelligence Solves Security Shortfalls

Read more →

A recent email compromise by Chinese APT group Storm-0558 highlights a lack of access to security logging by many Microsoft 365 license holders, prompting calls from researchers to abolish it. This article has been indexed from Dark Reading Read the…

Read more →

July’s updates contained 100+ patches and security policy notes, leaving vulnerability management teams stressed and scrambling to prioritize. We’re here to help find some zen. This article has been indexed from Dark Reading Read the original article: 5 Major Takeaways…

Read more →

The TeamTNT threat actor appears to be setting the stage for broader cloud worm attacks, researchers say. This article has been indexed from Dark Reading Read the original article: AWS Cloud Credential Stealing Campaign Spreads to Azure, Google Cloud

Read more →

Only a quarter of hospitals have implemented the strongest level of DMARC, with a third running any version of the email validation protocol. This article has been indexed from Dark Reading Read the original article: UAE and South African Hospitals…

Read more →

Artificial intelligence can be tricked into making password-based authentication even weaker. This article has been indexed from Dark Reading Read the original article: If George Washington Had a TikTok, What Would His Password Be?

Read more →

Cyber threats are intensifying even as budgets are being scrutinized. Now, more than ever, security and finance professionals need to align on cybersecurity strategies. This article has been indexed from Dark Reading Read the original article: Why CFOs & CISOs…

Read more →

SaaS security posture management helps mitigate common threats posed by malicious or negligent insiders. This article has been indexed from Dark Reading Read the original article: Insider Risk Management Starts With SaaS Security

Read more →

A flaw in the REST API of Cisco’s SD_WAN vManage software could allow remote, unauthenticated attackers to perform data exfiltration. This article has been indexed from Dark Reading Read the original article: Cisco Flags Critical SD-WAN Vulnerability

Read more →

A software bills of materials standard gets an update, but the driver is compliance rather than security. This article has been indexed from Dark Reading Read the original article: SBOMs Still More Mandate Than Security

Read more →

We rely on them for communications, military activity, and everyday tasks. How long before attackers really start to look up at the stars? This article has been indexed from Dark Reading Read the original article: How Hackers Can Hijack a…

Read more →

A few default guest setting manipulations in Azure AD and over-promiscuous low-code app developer connections can upend data protections. This article has been indexed from Dark Reading Read the original article: Rogue Azure AD Guests Can Steal Data via Power…

Read more →

A bug in Zimbra email servers is already being exploited in the wild, Google TAG researchers warn. This article has been indexed from Dark Reading Read the original article: Zimbra Zero-Day Demands Urgent Manual Update

Read more →

Because digital substations are critical elements of electrical systems, they are a prime target for sophisticated cyberattacks. This article has been indexed from Dark Reading Read the original article: Electrical Grid Stability Relies on Balancing Digital Substation Security

Read more →

While the plan may convey the right kind of urgency, it lacks both funding and bipartisan support, industry professionals say. This article has been indexed from Dark Reading Read the original article: White House Fills in Details Of National Cybersecurity…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Introducing EncryptionSafe: A Free and Easy-to-Use Encryption App for Windows PC

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Secure Code Warrior Ushers in Next Era in Developer Driven Security…

Read more →

Pledge stems from Black Hat’s commitment to become a net zero carbon business by 2030. This article has been indexed from Dark Reading Read the original article: Black Hat Announces Sustainability Pledge

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Secure Code Warrior Raises $50M to Accelerate Product Innovation

Read more →

A combination of SAFE Platform’s industry defining AI capabilities coupled with the industry standard FAIR model for cyber risk quantification, that was pioneered by RiskLens. This article has been indexed from Dark Reading Read the original article: Safe Security Acquires…

Read more →

Vade’s phishing and malware report reveals phishing volumes increased by more than 54% in H1 2023. This article has been indexed from Dark Reading Read the original article: Facebook and Microsoft are the Most Impersonated Brands in Phishing Attacks

Read more →

Optiv survey highlights organizations’ need for talent, challenges with sophistication of threat actors and expanding attack surface. This article has been indexed from Dark Reading Read the original article: Cybersecurity Leaders Report Reduction in Disruptive Cyber Incidents With MSS/MDR Solutions

Read more →

A cyber attacker gives defenders a taste of their own medicine, with GitHub honeypots concealing infostealers. This article has been indexed from Dark Reading Read the original article: Linux Hacker Exploits Researchers With Fake PoCs Posted to GitHub

Read more →

The draft AI Act represents a significant step in regulating AI technologies, recognizing the need to address the potential risks and ethical concerns. This article has been indexed from Dark Reading Read the original article: How the EU AI Act…

Read more →

Two fierce cloud security competitors are locked in a legal battle, as Orca accuses Wiz of ripping off its intellectual property. This article has been indexed from Dark Reading Read the original article: Orca Sues Wiz for ‘Copying’ Its Cloud…

Read more →

AI-aided BEC, malware, and phishing attacks will push organizations to level up with generative AI and better protect their users, data, and networks. This article has been indexed from Dark Reading Read the original article: WormGPT Heralds An Era of…

Read more →

Rockwell Automation and CISA warn of security vulnerabilities that affect power plants, factories, and other critical infrastructure sites. This article has been indexed from Dark Reading Read the original article: Critical RCE Bug in Rockwell Automation PLCs Zaps Industrial Sites

Read more →

Omdia has published its Omdia Universe on IDaaS. This vendor comparison study highlights the capabilities of the vendors in the space. This article has been indexed from Dark Reading Read the original article: Okta, Ping Identity, CyberArk & Oracle Lead…

Read more →

Cloaked Ursa/Nobelium gets creative by appealing to the more personal needs of government employees on foreign missions in Kyiv. This article has been indexed from Dark Reading Read the original article: SolarWinds Attackers Dangle BMWs to Spy on Diplomats

Read more →

The vulnerability gap continues to persist, and IT and security teams can play a major role in reducing their attack surface. This article has been indexed from Dark Reading Read the original article: Creating a Patch Management Playbook: 6 Key…

Read more →

Killnet has been more effective at generating headlines than in executing attacks or wreaking any real damage, experts say. This article has been indexed from Dark Reading Read the original article: Killnet Tries Building Russian Hacktivist Clout With Media Stunts

Read more →

Kernel mode driver can download second-stage payload directly to memory, allowing threat actors to evade endpoint detection and response tools. This article has been indexed from Dark Reading Read the original article: Hackers Target Chinese Gamers With Microsoft-Signed Rootkit

Read more →