Category: Dark Reading

A successful CISO should play a leading role in digital transformation and cloud migration initiatives in their organization. The CISO is responsible for making sure technical security controls are designed and implemented appropriately, and changes are properly managed, with security…

Read more →

US and UK authorities issued new recommendations for companies that build and rely on AI, but they stop short of laying down the law. This article has been indexed from Dark Reading Read the original article: CISA, NCSC Offer a…

Read more →

As cyber threats evolve in 2024, organizations must prepare for deepfakes, extortion, cloud targeting, supply chain compromises, and zero day exploits. Robust security capabilities, employee training, and incident response plans are key. This article has been indexed from Dark Reading…

Read more →

More than two dozen hospitals have been impacted by the breach and are diverting emergency care for patients to other healthcare facilities. This article has been indexed from Dark Reading Read the original article: Ardent Health Hospitals Disrupted After Ransomware…

Read more →

Weapons systems data, AI research, and other classified information may be up for sale, not to mention access to other government agencies. This article has been indexed from Dark Reading Read the original article: General Electric, DARPA Hack Claims Raise…

Read more →

Gaza Cybergang is using a version of the malware rewritten in the Rust programming language. This article has been indexed from Dark Reading Read the original article: Hamas-Linked APT Wields New SysJoker Backdoor Against Israel

Read more →

Companies must do a delicate dance between consumer privacy protection, upholding their product’s efficacy, and de-risking cyber breaches to run the business. This article has been indexed from Dark Reading Read the original article: Data De-Identification: Balancing Privacy, Efficacy &…

Read more →

New data shows consumer preferences for security in digital experiences and indicates ways businesses can best protect digital identity in today’s digital world. This article has been indexed from Dark Reading Read the original article: Balancing Simplicity and Security in…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Hack The Box Launches 5th Annual University CTF Competition

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Kiteworks’ Maytech Acquisition Reaffirms Commitment to UK Market

Read more →

A pervasive ClearFake campaign targeting Windows systems with Atomic Stealer has expanded its social engineering scams to MacOS users, analysts warn. This article has been indexed from Dark Reading Read the original article: Fake Browser Updates Targeting Mac Systems With…

Read more →

Qatari organizations participate in cybersecurity exercises to hone their incident response plans and processes. This article has been indexed from Dark Reading Read the original article: Qatar Cyber Agency Runs National Cyber Drills

Read more →

A favorite post-exploitation tool continues to gain sophistication, with one recent example adding disguised log-in pages, credential stealing, and information gathering via services such as VirusTotal. This article has been indexed from Dark Reading Read the original article: Web Shells…

Read more →

Biometric security on PCs isn’t quite as bulletproof as you might think, as the line between sensors and host computers can be tampered with. This article has been indexed from Dark Reading Read the original article: Researchers Undermine ‘Windows Hello’…

Read more →

The Israel-Gaza conflict could expose the region’s oil and gas operations to renewed cyberattacks, with global ramifications. This article has been indexed from Dark Reading Read the original article: Mideast Oil & Gas Facilities Could Face Cyber-Related Energy Disruptions

Read more →

The actor behind the high-profile MGM incident jumps across segmentations in under an hour, in a ransomware attack spanning Okta, Citrix, Azure, SharePoint, and more. This article has been indexed from Dark Reading Read the original article: Scattered Spider Hops…

Read more →

As organizations increasingly rely on AI-developed code, they must put guardrails in place to prevent major cybersecurity risks related to malicious code. This article has been indexed from Dark Reading Read the original article: 3 Ways to Stop Unauthorized Code…

Read more →

Kubernetes compromises have usually led to attackers creating cryptomining containers, but the outcomes could be much worse, say researchers presenting at the Black Hat Europe conference. This article has been indexed from Dark Reading Read the original article: Rootkit Turns…

Read more →

Loosening attitudes about cloud security are expected to create a nearly $10 billion public cloud market in the Middle East by 2027. This article has been indexed from Dark Reading Read the original article: The Persian Gulf’s March to the…

Read more →

Stay away from using these tactics when trying to educate employees about risk. This article has been indexed from Dark Reading Read the original article: The 7 Deadly Sins of Security Awareness Training

Read more →

Patch or isolate now: Organizations in every sector run the risk of hemorrhaging data as opportunistic attacks from LockBit ransomware and others grow. This article has been indexed from Dark Reading Read the original article: Citrix Bleed Bug Inflicts Mounting…

Read more →

Threat actors were actively exploiting CVE-2023-36025 in Windows SmartScreen as a zero-day vulnerability before Microsoft patched it in November. This article has been indexed from Dark Reading Read the original article: Exploit for Critical Windows Defender Bypass Goes Public

Read more →

The company temporarily disabled the application and patched the vulnerability, though affected individuals should still remain vigilant. This article has been indexed from Dark Reading Read the original article: AutoZone Files MOVEit Data Breach Notice With State of Maine

Read more →

No one has turned the job market into an attack surface quite like North Korea, which plays both sides for financial gain and, possibly, espionage. This article has been indexed from Dark Reading Read the original article: DPRK Hackers Masquerade…

Read more →

A successful CISO should play a leading role in digital transformation and cloud migration initiatives in their organization. The CISO is responsible for making sure technical security controls are designed and implemented appropriately, and changes are properly managed, with security…

Read more →

Healthcare cyber services executive Vikas Singla admits to hobbling hospital operations, then using the incidents to try and gin up extra business. This article has been indexed from Dark Reading Read the original article: Inside Job: Cyber Exec Admits to…

Read more →

Active exploit of the critical RCE flaw targets Linux systems to achieve full system compromise. This article has been indexed from Dark Reading Read the original article: Kinsing Cyberattackers Target Apache ActiveMQ Flaw to Mine Crypto

Read more →

University of Jeddah partners with Resecurity to teach cybersecurity skills. This article has been indexed from Dark Reading Read the original article: Major Saudi University to Offer AI, Cybersecurity Studies

Read more →

Researchers used machine learning to analyze Hungarian media reports and found Russian narratives soured the nation’s perspective on EU sanctions and arms deliveries months before the Ukraine invasion. This article has been indexed from Dark Reading Read the original article:…

Read more →

Cybersecurity isn’t a one-time task. It’s an ongoing effort that needs regular checks, updates, and teamwork. This article has been indexed from Dark Reading Read the original article: Maximize Cybersecurity Returns: 5 Key Steps to Enhancing ROI

Read more →

New cybersecurity regulations from the FDA outline specific steps that medical device companies must take in order to get their devices approved for market. This article has been indexed from Dark Reading Read the original article: What Healthcare Cybersecurity Leaders…

Read more →

The latest LummaC2 infostealer version includes a novel anti-sandbox trick to avoid detonating when no human mouse movements are detected. This article has been indexed from Dark Reading Read the original article: Malware Uses Trigonometry to Track Mouse Strokes

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Lasso Security Emerges From Stealth With $6M Seed Funding for Gen…

Read more →

China pairs cyber and kinetic attacks in the South Pacific as it continues to wrangle control of the South China Sea. This article has been indexed from Dark Reading Read the original article: Amid Military Buildup, China Deploys Mustang Panda…

Read more →

CISA expects to extend this program to include up to 100 critical infrastructure entities in its first year. This article has been indexed from Dark Reading Read the original article: CISA Launches Pilot Program to Address Critical Infrastructure Threats

Read more →

Your business users are building Copilots and GPTs with your enterprise data. What can you do about it? This article has been indexed from Dark Reading Read the original article: Enterprise Generative AI Enters Its Citizen Development Era

Read more →

Chronicle CyberShield will be offered as a managed service with security monitoring and Mandiant incident response included. This article has been indexed from Dark Reading Read the original article: Saudi Arabia Arms Public Sector With Google Cloud Services

Read more →

CISOs and vendors must work together to keep up with emerging threats and find solutions, says a group of CISOs and security entrepreneurs. This article has been indexed from Dark Reading Read the original article: How the Evolving Role of…

Read more →

Does your security operation center’s performance meet the 5/5/5 benchmark for cloud threat detection and incident response? This article has been indexed from Dark Reading Read the original article: A Detection and Response Benchmark Designed for the Cloud

Read more →

Combining a malware sandbox with threat intelligence feeds improves security detection, analysis, and response capabilities. This article has been indexed from Dark Reading Read the original article: Leveraging Sandbox and Threat Intelligence Feeds to Combat Cyber Threats

Read more →

Ransomware group BlackCat/ALPHV files SEC complaint against its latest victim, putting an audacious new twist on cyber extortion tactics. This article has been indexed from Dark Reading Read the original article: Hackers Weaponize SEC Disclosure Rules Against Corporate Targets

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: CompTIA Advises Retailers to Check their Cybersecurity Preparedness Ahead of the…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: VicOne and Block Harbor Deliver Integrated Workflow-Based Cybersecurity System

Read more →

The feds seem to know all about the hacking group brazenly breaking into corporate networks; so why are enterprise teams left on their own to stop their cybercrimes? This article has been indexed from Dark Reading Read the original article:…

Read more →

For several years operators at New Delhi-based Appin hacked into, spied on, and stole data from targets around the world for clients that included private investigators, government agencies, law enforcement, and others. This article has been indexed from Dark Reading…

Read more →

Initial access brokers (IAB) are often difficult to track. This Tech Tip spells out some countermeasures enterprises need to defend against stolen credentials. This article has been indexed from Dark Reading Read the original article: Actions to Take to Defeat…

Read more →

Security budgets will benefit from new priorities, streamlined responses rather than wholesale cost-cutting in light of cyberattacks and increased regulatory requirements. This article has been indexed from Dark Reading Read the original article: Hands Off the Security Budget! Find Efficiencies…

Read more →

Organizations are concerned about generative AI technologies as being a major driver of cybersecurity threats in 2024. This article has been indexed from Dark Reading Read the original article: IT Pros Worry Generative AI Will Be a Major Driver of…

Read more →

Building a resilient incident response team requires more than a simple combination of tools and on-call rotations. This article has been indexed from Dark Reading Read the original article: Detection & Response That Scales: A 4-Pronged Approach

Read more →

There’s no time to waste: For organizations on the fence about patching the critical bug in ActiveMQ, the new proof-of-concept exploit should push them towards action. This article has been indexed from Dark Reading Read the original article: Dangerous Apache…

Read more →

Academics in Germany figured out how to reverse time in AMD virtualization environments, then reap the spoils. This article has been indexed from Dark Reading Read the original article: ‘CacheWarp’ AMD VM Bug Opens the Door to Privilege Escalation

Read more →

The security vulnerability in a component of a widely used JavaScript implementation of Bitcoin makes passwords guessable via brute-force attacks. This article has been indexed from Dark Reading Read the original article: ‘Randstorm’ Bug: Millions of Crypto Wallets Open to…

Read more →

The security holes can allow server takeover, information theft, model poisoning, and more. This article has been indexed from Dark Reading Read the original article: Unpatched Critical Vulnerabilities Open AI Models to Takeover

Read more →

Vehicles are required to meet basic safety standards. Having similar requirements for software would give consumers greater control over their privacy and security. This article has been indexed from Dark Reading Read the original article: Consumer Software Security Assessment: Should…

Read more →

More than half of organizations are nowhere near ditching passwords, even as cyberattackers continue to have a field day with workers’ poor credential choices. This article has been indexed from Dark Reading Read the original article: Despite Hype, the Password-Free…

Read more →

At least four separate campaigns against CVE-2023-37580 in the popular Zimbra Collaboration Suite aimed to siphon up reams of sensitive mail data. This article has been indexed from Dark Reading Read the original article: APTs Swarm Zimbra Zero-Day to Steal…

Read more →

Cybercriminals are playing both sides with simple disaster scams, and it’s working. This article has been indexed from Dark Reading Read the original article: FBI Warns: Five Weeks In, Gaza Email Scams Still Thriving

Read more →

People are not robots; their decisions are based on emotion as much as data. Often, this can lead them to make mistakes with serious security implications for the business. This article has been indexed from Dark Reading Read the original…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: ALTR Closes $25M Series C Financing

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Egress and KnowBe4 Extend Partnership to Offer AI-based Adaptive Email Security…

Read more →

With a two-pronged approach, the group trains its hackers in penetration testing, only to set them free to build a marketplace for pen-testing services. This article has been indexed from Dark Reading Read the original article: ‘AlphaLock’ Hacker Organization Launches…

Read more →

Rackspace’s 2022 ransomware attack only continue to mount, with lawsuits in the offing — and show the long-tail costs of a cyberattack. This article has been indexed from Dark Reading Read the original article: Rackspace Ransomware Costs Soar to Nearly…

Read more →

Organizations in “essential” sectors have until October 2024 to comply with the Network and Information Systems Directive 2022 (NIS2). This article has been indexed from Dark Reading Read the original article: EU Tightens Cybersecurity Requirements for Critical Infrastructure and Services

Read more →

Women in Cyber Security Middle East highlight a requirement for resilience in the face of increased business and cyber challenges. This article has been indexed from Dark Reading Read the original article: Cyber Resilience Requires Maturity, Persistence & Board Engagement

Read more →

After the encryption algorithm used by public safety, military, and governments globally was found to allow eavesdropping, standard maintainers are making TETRA open source. This article has been indexed from Dark Reading Read the original article: After Critical Bug Disclosures,…

Read more →

The two countries will work on AI security guardrails, public key infrastructure, smart city cyber, and more. This article has been indexed from Dark Reading Read the original article: Qatar & Rwanda Partner to Boost Cybersecurity in Africa

Read more →

Saudi Arabia’s national oil and gas company is investing in an operational technology security training academy for organizations across the Kingdom. This article has been indexed from Dark Reading Read the original article: Oil Giant Aramco Drills Down on Saudi…

Read more →

Organizations must approach cybersecurity as if they are defending themselves in a cyberwar. This article has been indexed from Dark Reading Read the original article: Defending Against Attacks on Vulnerable IoT Devices

Read more →

Combining both approaches using a cloud-native application protection platform helps organizations make their cybersecurity holistic by tapping into richer automation and prioritization features. This article has been indexed from Dark Reading Read the original article: Combining Agentless and Agent-Based Cloud…

Read more →

Targeted attacks against two dozen related companies is just the latest evidence that hackers want a piece of energy. This article has been indexed from Dark Reading Read the original article: Danish Energy Attacks Portend Targeting More Critical Infrastructure

Read more →

A pair of lawsuits are part of a wider strategy to establish guardrails preventing AI-powered scams, frauds, and harassment, Google’s general counsel says. This article has been indexed from Dark Reading Read the original article: Google Goes After Scammers Abusing…

Read more →

While China is already among the world’s most formidable threat actors, a focus on exploiting public-facing appliances makes its state-sponsored APTs more dangerous than ever. This article has been indexed from Dark Reading Read the original article: Zero-Days in Edge…

Read more →

In this Black Hat Europe preview, devices bridging critical machinery with the wider Internet are exposed and subject to numerous supply chain-induced bugs. This article has been indexed from Dark Reading Read the original article: 21 Vulnerabilities Discovered in Crucial…

Read more →

The swift-moving ransomware crew continues to evolve quickly and has already attacked more than 350 victims since it was first detected just over a year ago. This article has been indexed from Dark Reading Read the original article: Royal Ransom…

Read more →

The so-called TA402 group continues to focus on cyber espionage against government agencies. This article has been indexed from Dark Reading Read the original article: Molerats Group Wields Custom Cybertool to Steal Secrets in the Middle East

Read more →

By creating a plan of action, organizations can better respond to attacks. This article has been indexed from Dark Reading Read the original article: Steps CISOs Should Take Before, During & After a Cyberattack

Read more →

Details of a major cyberattack against Australia’s shipping industry remain few and far between, but the economic impact is clear. This article has been indexed from Dark Reading Read the original article: Australian Ports Resume Operation After Crippling Cyber Disruption

Read more →

Hunters International appears to have acquired Hive ransomware from its original operators and may be seeking to cash in on the malware’s reputation. This article has been indexed from Dark Reading Read the original article: ‘Hunters International’ Cyberattackers Take Over…

Read more →

The influx of generative AI could cause security leaders to learn new skills and defensive tactics. This article has been indexed from Dark Reading Read the original article: Q&A: Generative AI Comes to the Middle East, Driving Security Changes

Read more →

Complexity impedes the universal and consistent application of security policy, which is an obstacle to adequately securing government environments. This article has been indexed from Dark Reading Read the original article: A Closer Look at State and Local Government Cybersecurity…

Read more →

The country has signed fresh deals to boost cyber intelligence and preparedness capabilities. This article has been indexed from Dark Reading Read the original article: Azerbaijan Agencies Sign Cyber-Partner Deals

Read more →

A federal push to enforce cybersecurity requirements is holding public companies and government contractors accountable as a matter of law and for national security. This article has been indexed from Dark Reading Read the original article: SEC Suit Ushers in…

Read more →

SaaS applications are the new supply chain and, practically speaking, SaaS is the modern vendor. Here are three straightforward steps to manage this new vendor risk. This article has been indexed from Dark Reading Read the original article: SaaS Vendor…

Read more →

A class action suit claims Intel knowingly sold billions of faulty chips for years. The outcome could help define where poor vulnerability remediation becomes outright negligence. This article has been indexed from Dark Reading Read the original article: Intel Faces…

Read more →

Meanwhile, CISA joins the call to patch CVE-2023-4966 immediately amid reports of mass-exploit activity; at least 5,000 orgs remain exposed. This article has been indexed from Dark Reading Read the original article: ‘CitrixBleed’ Linked to Ransomware Hit on China’s State-Owned…

Read more →

The state said 1.3 million individuals have been affected by this breach, which includes Social Security numbers and taxpayer information. This article has been indexed from Dark Reading Read the original article: State of Maine Becomes Latest MOVEit Victim to…

Read more →

A cyberattack is coming, disasters are certain, and the US government wants critical infrastructure firms ready to handle any disruption. Welcome to Shields Ready. This article has been indexed from Dark Reading Read the original article: ‘Shields Ready’ Critical Infrastructure…

Read more →

A 30-year-old, rarely updated protocol for medical devices has exposed reams of highly personal data, thanks to a lack of proper security throughout owner environments. This article has been indexed from Dark Reading Read the original article: Leaky DICOM Medical…

Read more →

ChatGPT and the associated APIs have been affected by regular outages, citing DDoS attacks as the reason — the Anonymous Sudan group claimed responsibility. This article has been indexed from Dark Reading Read the original article: ChatGPT: OpenAI Attributes Regular…

Read more →

A cyberattack is coming, disasters are certain, and the US government wants critical infrastructure firms ready to handle any disruption. Welcome to Shields Ready. This article has been indexed from Dark Reading Read the original article: ‘Shields Ready’ Critical Infrastructure…

Read more →

Despite claims to the contrary, Iranian cyberattackers have been less strategic and more opportunistic over the last month as the Israel-Hamas war continues. This article has been indexed from Dark Reading Read the original article: Microsoft: Iran’s Cyberattacks on Israel…

Read more →

Executives must rise to the challenge and take immediate action to grasp the intricacies of data, technology, and infrastructure within M&A. This article has been indexed from Dark Reading Read the original article: Navigating Tech Risks in Modern M&A Waters

Read more →

The Clop ransomware group is actively exploiting a SysAid zero-day flaw after running rampant through enterprise systems using MOVEit file transfer bug. This article has been indexed from Dark Reading Read the original article: MOVEit Hackers Pivot to SysAid Zero-Day…

Read more →

Checkmarx researchers warn that BlazeStealer can exfiltrate information, steal passwords, disable PCs, and take over webcams. This article has been indexed from Dark Reading Read the original article: ‘BlazeStealer’ Python Malware Allows Complete Takeover of Developer Machines

Read more →

Analysis of six major cloud incidents shows how some common mistakes can lead to serious consequences. This article has been indexed from Dark Reading Read the original article: What We Can Learn from Major Cloud Cyberattacks

Read more →

The US Treasury states that it is in contact with financial regulators as it monitors the breach. This article has been indexed from Dark Reading Read the original article: Treasury Markets Disrupted by ICBC Ransomware Attack

Read more →

Avoid making these mistakes when crafting a security awareness strategy at your organization. This article has been indexed from Dark Reading Read the original article: When Good Security Awareness Programs Go Wrong

Read more →

One of the main challenges for Android users is protecting themselves malicious applications that can damage devices or perform other harmful actions. This article has been indexed from Dark Reading Read the original article: How to Outsmart Malware Attacks That…

Read more →

The Iran-linked group uses redirected websites to compromise victims and exfiltrate data in a campaign that has lasted over 2022 and 2023. This article has been indexed from Dark Reading Read the original article: Imperial Kitten APT Claws at Israeli…

Read more →

The Iran-linked group uses redirected websites to compromise victims and exfiltrate data in a campaign over 2022 and 2023. This article has been indexed from Dark Reading Read the original article: Imperial Kitten APT Claws at Israeli Industry With Multiyear…

Read more →