Category: Dark Reading

Saudi Arabia’s Tuwaiq Academy Opens Cybersecurity Bootcamp

Registration has opened for the cybersecurity specialty track at Tuwaiq Academy, where students will learn a variety of related skills. This article has been indexed from Dark Reading Read the original article: Saudi Arabia’s Tuwaiq Academy Opens Cybersecurity Bootcamp

Meet the Finalists for the 2023 Pwnie Awards

Hosts Sophia d’Antoine and Ian Roos presented the list at Summercon in Brooklyn, where they also handed out a surprise Lifetime Achievement Award. This article has been indexed from Dark Reading Read the original article: Meet the Finalists for the…

White House, Big Tech Ink Commitments to Secure AI

With Big Tech companies pledging voluntary safeguards, industry-watchers assume that smaller AI purveyors will follow in their wake to make AI safer for all. This article has been indexed from Dark Reading Read the original article: White House, Big Tech…

The Dark Side of AI

Sophisticated fraudsters are exploiting ChatGPT and CAPTCHAs to evade enterprise security defenses. This article has been indexed from Dark Reading Read the original article: The Dark Side of AI

Critical Infrastructure Workers Better At Spotting Phishing

Critical-infrastructure employees are comparatively more engaged in organizational security — and compliance training — than those in other sectors. This article has been indexed from Dark Reading Read the original article: Critical Infrastructure Workers Better At Spotting Phishing

Kevin Mandia Brings the HammerCon

US Air Force veteran and Mandiant CEO discussed dwell time and state-sponsored attacks at the Military Cyber Professionals Association’s HammerCon conference. This article has been indexed from Dark Reading Read the original article: Kevin Mandia Brings the HammerCon

Should You Be Using a Cybersecurity Careers Framework?

Frameworks can help improve hiring practices and retention, and help guide education — which makes them an important asset worth exploiting. This article has been indexed from Dark Reading Read the original article: Should You Be Using a Cybersecurity Careers…

Enterprise Choices in Measuring Risk

Organizations have options when it comes to choosing the right tool to quantify risk This article has been indexed from Dark Reading Read the original article: Enterprise Choices in Measuring Risk

Netskope Launches Managed Service Provider Program

Updated Evolve Partner Program offerings expand support and solution options for MSPs driving security modernization and network transformation. This article has been indexed from Dark Reading Read the original article: Netskope Launches Managed Service Provider Program

SophosEncrypt Ransomware Fools Security Researchers

The ransomware-as-a-service offering was first assumed to be a red team exercise before being detected for true malicious activity. This article has been indexed from Dark Reading Read the original article: SophosEncrypt Ransomware Fools Security Researchers

China’s APT41 Linked to WyrmSpy, DragonEgg Mobile Spyware

Nation-states see the opportunity in targeting people directly through their mobile phones, in this case with sophisticated Android surveillanceware. This article has been indexed from Dark Reading Read the original article: China’s APT41 Linked to WyrmSpy, DragonEgg Mobile Spyware

P2P Self-Replicating Cloud Worm Targets Redis

Although not all Redis instances are vulnerable to the P2P worm variant, all of them can expect a compromise attempt, researchers warn. This article has been indexed from Dark Reading Read the original article: P2P Self-Replicating Cloud Worm Targets Redis

3 Ways AI Could Improve Authentication

As companies navigate how to protect themselves from the onslaught of increasingly sophisticated fraud threats, artificial intelligence will be a critical piece of next-gen authentication. This article has been indexed from Dark Reading Read the original article: 3 Ways AI…

Reducing Security Debt in the Cloud

Security debt exists in on-premises data centers as well as in cloud platforms — but preventing it from accumulating in the cloud requires different skills, processes, and tools. This article has been indexed from Dark Reading Read the original article:…

VirusTotal Data Leak Affects 5K+ Users

Some of the users who were impacted include the US Department of Justice, the NSA, and the FBI, alongside German intelligence agencies. This article has been indexed from Dark Reading Read the original article: VirusTotal Data Leak Affects 5K+ Users

Hacker Infected & Foiled by Own Infostealer

A prolific threat actor has been operating on Russian-language forums since 2020, but then he accidentally infected his own computer and sold off its contents to threat researchers. This article has been indexed from Dark Reading Read the original article:…

Name That Toon: Shark Sighting

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. This article has been indexed from Dark Reading Read the original article: Name That Toon: Shark Sighting

Sogu, SnowyDrive Malware Spreads, USB-Based Cyberattacks Surge

Two separate threat actors are using poisoned USB drives to distribute malware in cyber-espionage campaigns targeting organizations across different sectors and geographies. This article has been indexed from Dark Reading Read the original article: Sogu, SnowyDrive Malware Spreads, USB-Based Cyberattacks…

Startup Spotlight: Binarly Hardens Firmware Security

The company, one of four finalists in this year’s Black Hat USA Startup Spotlight competition, uses AI/ML to find firmware vulnerabilities. This article has been indexed from Dark Reading Read the original article: Startup Spotlight: Binarly Hardens Firmware Security

How AI-Augmented Threat Intelligence Solves Security Shortfalls

Researchers explore how overburdened cyber analysts can improve their threat intelligence jobs by using ChatGPT-like large language models (LLMs). This article has been indexed from Dark Reading Read the original article: How AI-Augmented Threat Intelligence Solves Security Shortfalls

5 Major Takeaways From Microsoft’s July Patch Tuesday

July’s updates contained 100+ patches and security policy notes, leaving vulnerability management teams stressed and scrambling to prioritize. We’re here to help find some zen. This article has been indexed from Dark Reading Read the original article: 5 Major Takeaways…

Insider Risk Management Starts With SaaS Security

SaaS security posture management helps mitigate common threats posed by malicious or negligent insiders. This article has been indexed from Dark Reading Read the original article: Insider Risk Management Starts With SaaS Security

Cisco Flags Critical SD-WAN Vulnerability

A flaw in the REST API of Cisco’s SD_WAN vManage software could allow remote, unauthenticated attackers to perform data exfiltration. This article has been indexed from Dark Reading Read the original article: Cisco Flags Critical SD-WAN Vulnerability

SBOMs Still More Mandate Than Security

A software bills of materials standard gets an update, but the driver is compliance rather than security. This article has been indexed from Dark Reading Read the original article: SBOMs Still More Mandate Than Security

How Hackers Can Hijack a Satellite

We rely on them for communications, military activity, and everyday tasks. How long before attackers really start to look up at the stars? This article has been indexed from Dark Reading Read the original article: How Hackers Can Hijack a…

Rogue Azure AD Guests Can Steal Data via Power Apps

A few default guest setting manipulations in Azure AD and over-promiscuous low-code app developer connections can upend data protections. This article has been indexed from Dark Reading Read the original article: Rogue Azure AD Guests Can Steal Data via Power…

Zimbra Zero-Day Demands Urgent Manual Update

A bug in Zimbra email servers is already being exploited in the wild, Google TAG researchers warn. This article has been indexed from Dark Reading Read the original article: Zimbra Zero-Day Demands Urgent Manual Update

Black Hat Announces Sustainability Pledge

Pledge stems from Black Hat’s commitment to become a net zero carbon business by 2030. This article has been indexed from Dark Reading Read the original article: Black Hat Announces Sustainability Pledge

Safe Security Acquires RiskLens

A combination of SAFE Platform’s industry defining AI capabilities coupled with the industry standard FAIR model for cyber risk quantification, that was pioneered by RiskLens. This article has been indexed from Dark Reading Read the original article: Safe Security Acquires…

SolarWinds Attackers Dangle BMWs to Spy on Diplomats

Cloaked Ursa/Nobelium gets creative by appealing to the more personal needs of government employees on foreign missions in Kyiv. This article has been indexed from Dark Reading Read the original article: SolarWinds Attackers Dangle BMWs to Spy on Diplomats

Creating a Patch Management Playbook: 6 Key Questions

The vulnerability gap continues to persist, and IT and security teams can play a major role in reducing their attack surface. This article has been indexed from Dark Reading Read the original article: Creating a Patch Management Playbook: 6 Key…

Hackers Target Chinese Gamers With Microsoft-Signed Rootkit

Kernel mode driver can download second-stage payload directly to memory, allowing threat actors to evade endpoint detection and response tools. This article has been indexed from Dark Reading Read the original article: Hackers Target Chinese Gamers With Microsoft-Signed Rootkit

Startup Spotlight: Mobb Aims to Be the Fixer

The startup, one of four finalists in this year’s Black Hat USA Startup Spotlight competition, automates vulnerability remediation using AI. This article has been indexed from Dark Reading Read the original article: Startup Spotlight: Mobb Aims to Be the Fixer

Less Than Half of SMBs Deploy Privileged Access Management

Keeper Security highlights S&P Market Intelligence’s latest research showing that lack of PAM is leaving SMBs vulnerable to attack. This article has been indexed from Dark Reading Read the original article: Less Than Half of SMBs Deploy Privileged Access Management

Hackers Exploit Policy Loophole in Windows Kernel Drivers

Using open source tools, attackers target Chinese speakers with malicious drivers with expired certificates, potentially allowing for full system takeover. This article has been indexed from Dark Reading Read the original article: Hackers Exploit Policy Loophole in Windows Kernel Drivers

Ransomware, From a Different Perspective

A good backup strategy can be effective at mitigating a ransomware attack, but how many organizations consider that their backup data can also be targeted? This article has been indexed from Dark Reading Read the original article: Ransomware, From a…

Bangladesh Government Website Leaks Personal Data

Personal details of Bangladeshi citizens found online by researcher included full names, phone numbers, email addresses, and national ID numbers. This article has been indexed from Dark Reading Read the original article: Bangladesh Government Website Leaks Personal Data

Critical VMware Bug Exploit Code Released Into the Wild

The exploit code was brought to VMware’s attention by an anonymous researcher, in tandem with the Trend Micro Zero Day Initiative. This article has been indexed from Dark Reading Read the original article: Critical VMware Bug Exploit Code Released Into…

Top Takeaways From Table Talks With Fortune 100 CISOs

As organizations struggle to keep up with new regulations and hiring challenges, chief information security officers share common challenges and experiences. This article has been indexed from Dark Reading Read the original article: Top Takeaways From Table Talks With Fortune…

‘ScarletEel’ Hackers Worm Into AWS Cloud

A toolset upgrade is making ScarletEel more slippery than ever while it continues to manipulate the cloud to perform cryptojacking, DDoS, and more. This article has been indexed from Dark Reading Read the original article: ‘ScarletEel’ Hackers Worm Into AWS…

Analysts: Cybersecurity Funding Set for Rebound

Analysts seem bullish about funding and M&A activity for the second half of the year, though transaction volumes and values dipped again in Q2. This article has been indexed from Dark Reading Read the original article: Analysts: Cybersecurity Funding Set…

NIST Launches Generative AI Working Group

The public working group will develop guidance around the special risks of AI technologies that generate content. This article has been indexed from Dark Reading Read the original article: NIST Launches Generative AI Working Group

Amazon Prime Day Draws out Cyber Scammers

Cybercriminals lining up to score off Amazon Prime Day shoppers, who spent more than $22B in US online sales alone last year, according to estimates. This article has been indexed from Dark Reading Read the original article: Amazon Prime Day…