Category: Dark Reading

The Role of the CISO in Digital Transformation

A successful CISO should play a leading role in digital transformation and cloud migration initiatives in their organization. The CISO is responsible for making sure technical security controls are designed and implemented appropriately, and changes are properly managed, with security…

Cyber Threats to Watch Out for in 2024

As cyber threats evolve in 2024, organizations must prepare for deepfakes, extortion, cloud targeting, supply chain compromises, and zero day exploits. Robust security capabilities, employee training, and incident response plans are key. This article has been indexed from Dark Reading…

Ardent Health Hospitals Disrupted After Ransomware Attack

More than two dozen hospitals have been impacted by the breach and are diverting emergency care for patients to other healthcare facilities. This article has been indexed from Dark Reading Read the original article: Ardent Health Hospitals Disrupted After Ransomware…

Balancing Simplicity and Security in the Digital Experience

New data shows consumer preferences for security in digital experiences and indicates ways businesses can best protect digital identity in today’s digital world. This article has been indexed from Dark Reading Read the original article: Balancing Simplicity and Security in…

Fake Browser Updates Targeting Mac Systems With Infostealer

A pervasive ClearFake campaign targeting Windows systems with Atomic Stealer has expanded its social engineering scams to MacOS users, analysts warn. This article has been indexed from Dark Reading Read the original article: Fake Browser Updates Targeting Mac Systems With…

Qatar Cyber Agency Runs National Cyber Drills

Qatari organizations participate in cybersecurity exercises to hone their incident response plans and processes. This article has been indexed from Dark Reading Read the original article: Qatar Cyber Agency Runs National Cyber Drills

Web Shells Gain Sophistication for Stealth, Persistence

A favorite post-exploitation tool continues to gain sophistication, with one recent example adding disguised log-in pages, credential stealing, and information gathering via services such as VirusTotal. This article has been indexed from Dark Reading Read the original article: Web Shells…

Rootkit Turns Kubernetes From Orchestration to Subversion

Kubernetes compromises have usually led to attackers creating cryptomining containers, but the outcomes could be much worse, say researchers presenting at the Black Hat Europe conference. This article has been indexed from Dark Reading Read the original article: Rootkit Turns…

Citrix Bleed Bug Inflicts Mounting Wounds, CISA Warns

Patch or isolate now: Organizations in every sector run the risk of hemorrhaging data as opportunistic attacks from LockBit ransomware and others grow. This article has been indexed from Dark Reading Read the original article: Citrix Bleed Bug Inflicts Mounting…

Exploit for Critical Windows Defender Bypass Goes Public

Threat actors were actively exploiting CVE-2023-36025 in Windows SmartScreen as a zero-day vulnerability before Microsoft patched it in November. This article has been indexed from Dark Reading Read the original article: Exploit for Critical Windows Defender Bypass Goes Public

AutoZone Files MOVEit Data Breach Notice With State of Maine

The company temporarily disabled the application and patched the vulnerability, though affected individuals should still remain vigilant. This article has been indexed from Dark Reading Read the original article: AutoZone Files MOVEit Data Breach Notice With State of Maine

The Role of the CISO in Digital Transformation

A successful CISO should play a leading role in digital transformation and cloud migration initiatives in their organization. The CISO is responsible for making sure technical security controls are designed and implemented appropriately, and changes are properly managed, with security…

Inside Job: Cyber Exec Admits to Hospital Hacks

Healthcare cyber services executive Vikas Singla admits to hobbling hospital operations, then using the incidents to try and gin up extra business. This article has been indexed from Dark Reading Read the original article: Inside Job: Cyber Exec Admits to…

Malware Uses Trigonometry to Track Mouse Strokes

The latest LummaC2 infostealer version includes a novel anti-sandbox trick to avoid detonating when no human mouse movements are detected. This article has been indexed from Dark Reading Read the original article: Malware Uses Trigonometry to Track Mouse Strokes

A Detection and Response Benchmark Designed for the Cloud

Does your security operation center’s performance meet the 5/5/5 benchmark for cloud threat detection and incident response? This article has been indexed from Dark Reading Read the original article: A Detection and Response Benchmark Designed for the Cloud

Actions to Take to Defeat Initial Access Brokers

Initial access brokers (IAB) are often difficult to track. This Tech Tip spells out some countermeasures enterprises need to defend against stolen credentials. This article has been indexed from Dark Reading Read the original article: Actions to Take to Defeat…

Hands Off the Security Budget! Find Efficiencies to Reduce Risk

Security budgets will benefit from new priorities, streamlined responses rather than wholesale cost-cutting in light of cyberattacks and increased regulatory requirements. This article has been indexed from Dark Reading Read the original article: Hands Off the Security Budget! Find Efficiencies…

‘Randstorm’ Bug: Millions of Crypto Wallets Open to Theft

The security vulnerability in a component of a widely used JavaScript implementation of Bitcoin makes passwords guessable via brute-force attacks. This article has been indexed from Dark Reading Read the original article: ‘Randstorm’ Bug: Millions of Crypto Wallets Open to…

3 Ways Behavioral Economics Obstructs Cybersecurity

People are not robots; their decisions are based on emotion as much as data. Often, this can lead them to make mistakes with serious security implications for the business. This article has been indexed from Dark Reading Read the original…

ALTR Closes $25M Series C Financing

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: ALTR Closes $25M Series C Financing

Rackspace Ransomware Costs Soar to Nearly $12M

Rackspace’s 2022 ransomware attack only continue to mount, with lawsuits in the offing — and show the long-tail costs of a cyberattack. This article has been indexed from Dark Reading Read the original article: Rackspace Ransomware Costs Soar to Nearly…

Oil Giant Aramco Drills Down on Saudi ICS Security

Saudi Arabia’s national oil and gas company is investing in an operational technology security training academy for organizations across the Kingdom. This article has been indexed from Dark Reading Read the original article: Oil Giant Aramco Drills Down on Saudi…

Combining Agentless and Agent-Based Cloud Security in CNAPPs

Combining both approaches using a cloud-native application protection platform helps organizations make their cybersecurity holistic by tapping into richer automation and prioritization features. This article has been indexed from Dark Reading Read the original article: Combining Agentless and Agent-Based Cloud…

Google Goes After Scammers Abusing Its Bard AI Chatbot

A pair of lawsuits are part of a wider strategy to establish guardrails preventing AI-powered scams, frauds, and harassment, Google’s general counsel says. This article has been indexed from Dark Reading Read the original article: Google Goes After Scammers Abusing…

Royal Ransom Demands Exceed $275M, Rebrand in Offing

The swift-moving ransomware crew continues to evolve quickly and has already attacked more than 350 victims since it was first detected just over a year ago. This article has been indexed from Dark Reading Read the original article: Royal Ransom…

Azerbaijan Agencies Sign Cyber-Partner Deals

The country has signed fresh deals to boost cyber intelligence and preparedness capabilities. This article has been indexed from Dark Reading Read the original article: Azerbaijan Agencies Sign Cyber-Partner Deals

SEC Suit Ushers in New Era of Cyber Enforcement

A federal push to enforce cybersecurity requirements is holding public companies and government contractors accountable as a matter of law and for national security. This article has been indexed from Dark Reading Read the original article: SEC Suit Ushers in…

SaaS Vendor Risk Assessment in 3 Steps

SaaS applications are the new supply chain and, practically speaking, SaaS is the modern vendor. Here are three straightforward steps to manage this new vendor risk. This article has been indexed from Dark Reading Read the original article: SaaS Vendor…

State of Maine Becomes Latest MOVEit Victim to Surface

The state said 1.3 million individuals have been affected by this breach, which includes Social Security numbers and taxpayer information. This article has been indexed from Dark Reading Read the original article: State of Maine Becomes Latest MOVEit Victim to…

ChatGPT: OpenAI Attributes Regular Outages to DDoS Attacks

ChatGPT and the associated APIs have been affected by regular outages, citing DDoS attacks as the reason — the Anonymous Sudan group claimed responsibility. This article has been indexed from Dark Reading Read the original article: ChatGPT: OpenAI Attributes Regular…

Navigating Tech Risks in Modern M&A Waters

Executives must rise to the challenge and take immediate action to grasp the intricacies of data, technology, and infrastructure within M&A. This article has been indexed from Dark Reading Read the original article: Navigating Tech Risks in Modern M&A Waters

What We Can Learn from Major Cloud Cyberattacks

Analysis of six major cloud incidents shows how some common mistakes can lead to serious consequences. This article has been indexed from Dark Reading Read the original article: What We Can Learn from Major Cloud Cyberattacks

When Good Security Awareness Programs Go Wrong

Avoid making these mistakes when crafting a security awareness strategy at your organization. This article has been indexed from Dark Reading Read the original article: When Good Security Awareness Programs Go Wrong