Category: Dark Reading

Securing APIs is specialized work. Here’s what organizations should look for when selecting an outside partner. This article has been indexed from Dark Reading Read the original article: 10 Features an API Security Service Needs to Offer

Read more →

Iran-linked APT35 group crafted specific Mac malware when targeting a member of the media with new tools to add backdoors. This article has been indexed from Dark Reading Read the original article: APT35 Develops Mac Bespoke Malware

Read more →

A consumer finance journalist and television personality took to Twitter to warn his followers about advertisements using his name and face to scam victims. This article has been indexed from Dark Reading Read the original article: Deepfake Quantum AI Investment…

Read more →

An attack involves a multi-stage infection chain with custom malware hosted on Amazon EC2 that ultimately steals critical system and browser data; so far, targets have been located in Latin America. This article has been indexed from Dark Reading Read…

Read more →

Amid IT/OT convergence, organizations must adopt an “assume breach” mindset to stop bad actors and limit their impact. This article has been indexed from Dark Reading Read the original article: Zero Trust Keeps Digital Attacks From Entering the Real World

Read more →

Log management tools help IT and security teams monitor and improve a system’s performance by identifying bugs, cybersecurity breaches, and other issues that can create outages or compliance problems. This article has been indexed from Dark Reading Read the original…

Read more →

Security firms analyze attack paths and seek out weak identities to find compromise vectors and critical assets that need better controls. This article has been indexed from Dark Reading Read the original article: Exposure Management Looks to Attack Paths, Identity…

Read more →

Hack The Box launches Capture The Flag competition, including offensive and defensive challenges, to unite teams as cyberattacks increase in 2023 to unprecedented levels. This article has been indexed from Dark Reading Read the original article: Global Hacking Competition Addresses…

Read more →

Guardrails need to be set in place to ensure confidentiality of sensitive information, while still leveraging AI as a force multiplier for productivity. This article has been indexed from Dark Reading Read the original article: How to Safely Architect AI…

Read more →

US and Canadian government agencies find that new variants of the malware are increasingly being utilized. This article has been indexed from Dark Reading Read the original article: Truebot Malware Variants Abound, According to CISA Advisory

Read more →

GDPR is halting Meta’s new Threads app from entering EU markets, portending a broader struggle over the right ways to collect user data on social apps. This article has been indexed from Dark Reading Read the original article: Meta’s Rush…

Read more →

Malware spoofed file management applications thanks to elevated permissions, enabling exfiltration of sensitive data with no user interaction, researchers find. This article has been indexed from Dark Reading Read the original article: Spyware Gamed 1.5M Users of Google Play Store

Read more →

Users need to patch the latest SQL injection vulnerability as soon as possible. Meanwhile, Cl0p’s data extortion rampage gallops on. This article has been indexed from Dark Reading Read the original article: MOVEit Transfer Faces Another Critical Data-Theft Bug

Read more →

Not yet — but it can help make incremental progress in reducing vulnerability backlogs. This article has been indexed from Dark Reading Read the original article: Can Generative AI Be Trusted to Fix Your Code?

Read more →

The company, one of four finalists in Black Hat USA’s 2023 startup competition, looks to find the vulnerabilities an attacker could actually access. This article has been indexed from Dark Reading Read the original article: Startup Spotlight: Endor Labs Focuses…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Black Hat Announces Maria Markstedter, Jen Easterly, Viktor Zhora, and Kemba…

Read more →

Linus Torvalds led a Linux kernel team in developing a set of patches that should be available by the end of July. This article has been indexed from Dark Reading Read the original article: StackRot Linux Kernel Bug Has Exploit…

Read more →

Vulnerable Nexus 9000 Series Fabric Switches in ACI mode should be disabled, Cisco advises. This article has been indexed from Dark Reading Read the original article: Patchless Cisco Flaw Breaks Cloud Encryption for ACI Traffic

Read more →

In another MOVEit attack, oil and gas giant Shell has been made a victim with the release of the private information of its employees. This article has been indexed from Dark Reading Read the original article: Shell Becomes Latest Cl0p…

Read more →

Meta’s answer to Twitter went live and quickly racked up millions of members — but the social media app’s privacy practices are under the microscope. This article has been indexed from Dark Reading Read the original article: Privacy Woes Hold…

Read more →

Public and private sector organizations must collaborate on a shared cybersecurity agenda to protect and benefit society at large. This article has been indexed from Dark Reading Read the original article: Cybersecurity’s Future Hinges on Stronger Public-Private Partnerships

Read more →

Attackers are leveraging well-executed brand impersonation in a Google ads malvertising effort that collects both credit card and bank details from victims. This article has been indexed from Dark Reading Read the original article: Google Searches for ‘USPS Package Tracking’…

Read more →

Six months of honeypot data finds that 19% of traffic to sensors were malicious exploit attempts, and 95% of those attempts came from just three botnets. This article has been indexed from Dark Reading Read the original article: Botnets Send…

Read more →

C-suite security leaders are feeling less prepared to cope with cyberattacks and more at risk than last year. This article has been indexed from Dark Reading Read the original article: CISOs Find ‘Business as Usual’ Shows the Harsh Realities of…

Read more →

Email fraud is a confidence game that costs the economy billions. An effective defense takes technology and vigilance. This article has been indexed from Dark Reading Read the original article: 6 Steps To Outsmart Business Email Compromise Scammers

Read more →

The startup, one of four finalists in Black Hat USA’s 2023 startup competition, uses deterministic AI to optimize cloud security. This article has been indexed from Dark Reading Read the original article: Startup Spotlight: Gomboc.ai Balances Cloud Infrastructure Security

Read more →

The “TeamsPhisher” cyberattack tool gives pentesters — and adversaries — a way to deliver malicious files directly to a Teams user from an external account, or tenant. This article has been indexed from Dark Reading Read the original article: Microsoft…

Read more →

70% think criminals will move from WhatsApp etc to non-regulated apps, post OSB. This article has been indexed from Dark Reading Read the original article: 83% of Brits Demand Messaging Apps Remain Private, Ahead of Threat From Online Safety Bill

Read more →

Exposed and unpatched solar power monitoring systems have been exploited by both amateurs and professionals, including Mirai botnet hackers. This article has been indexed from Dark Reading Read the original article: 3 Critical RCE Bugs Threaten Industrial Solar Panels, Endangering…

Read more →

The group’s mastermind was nabbed in Côte d’Ivoire for stealing up to $30 million using malware, phishing campaigns, and BEC scams, as part of international law enforcement’s Operation Nervone. This article has been indexed from Dark Reading Read the original…

Read more →

The group’s mastermind was nabbed in Côte d’Ivoire for stealing up to $30 million using malware, phishing campaigns, and BEC scams, as part of international law enforcement’s Operation Nervone. This article has been indexed from Dark Reading Read the original…

Read more →

LockBit 3.0 claims responsibility for the cyberattack that shuttered the largest port in Japan, according to authorities. This article has been indexed from Dark Reading Read the original article: Ransomware Halts Operations at Japan’s Port of Nagoya

Read more →

The ransomware group shows an evolution of its tactics with MOVEit zero day — potentially ushering in a new normal when it comes to extortion supply chain cyberattacks, experts say. This article has been indexed from Dark Reading Read the…

Read more →

Now is the time to build safeguards into nascent AI technology. This article has been indexed from Dark Reading Read the original article: A Golden Age of AI … or Security Threats?

Read more →

Attackers use HTML smuggling to spread the PlugX RAT in the campaign, which has been ongoing since at least December. This article has been indexed from Dark Reading Read the original article: China’s Mustang Panda Linked to SmugX Attacks on…

Read more →

You can’t encrypt a file you can’t open — Microsoft could dramatically impact ransomware by slowing it down This article has been indexed from Dark Reading Read the original article: Microsoft Can Fix Ransomware Tomorrow

Read more →

The company’s Confidential Data Search technique relies on confidential computing to keep data secure even while it is in use. This article has been indexed from Dark Reading Read the original article: Fortanix Builds Hardware Security Wall Around Plaintext Search

Read more →

Some 340,000 FortiGate SSL VPN appliances remain exposed to the threat more than three weeks after Fortinet released firmware updates to address the issue. This article has been indexed from Dark Reading Read the original article: Researchers Develop Exploit Code…

Read more →

Attribution for the cyberattack on Dozor-Teleport remains murky, but the effects are real — downed communications and compromised data. This article has been indexed from Dark Reading Read the original article: Russian Satellite Internet Downed via Attackers Claiming Ties to…

Read more →

Israel’s cyber head points finger at Iran-backed MuddyWater APT group as the perpetrator of a recent attack against a university. This article has been indexed from Dark Reading Read the original article: Israel Aided UAE in Defending Against DDoS Attack

Read more →

Cybercriminals employ obfuscated script to stealthily hijack victim server bandwidth for use in legitimate proxy networks. This article has been indexed from Dark Reading Read the original article: SSH Servers Hit in ‘Proxyjacking’ Cyberattacks

Read more →

Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card. This article has been indexed from Dark Reading Read the original article: Name That Edge Toon: Three-Ring Circus

Read more →

When you just keep filing it away to handle “someday,” security debt typically rears its head when you are most vulnerable and can least afford to pay it. This article has been indexed from Dark Reading Read the original article:…

Read more →

XDR can lower platform costs and improve detection, but it requires committing to a few principles that go against the established way of thinking about SOC. This article has been indexed from Dark Reading Read the original article: Architecting XDR…

Read more →

The group has given one of Apple’s biggest semiconductor suppliers until Aug. 6 to pay $70 million or risk having its data and “points of entry” to its network publicly leaked. This article has been indexed from Dark Reading Read…

Read more →

The number of malware samples is up as attackers aim to compromise users where they work and play: Their smartphones. This article has been indexed from Dark Reading Read the original article: Mobile Cyberattacks Soar, Especially Against Android Users

Read more →

Nokod Security is building a platform that enables organizations to secure in-house low-code/no-code custom applications by scanning for security and compliance issues and applying remediation policies This article has been indexed from Dark Reading Read the original article: Nokod Raises…

Read more →

Cybersecurity leaders should strive to reward high-performing teams that are powered by high levels of inclusion. This article has been indexed from Dark Reading Read the original article: Making Diversity the ‘How’ and Not the ‘What’ of Cybersecurity Success

Read more →

As cybercrime amidst the Russia-Ukraine war continues to escalate, the DDoSia project, launched by a known hacktivist group, has exploded in its number of members and quality of tools used for attacks. This article has been indexed from Dark Reading…

Read more →

Cyberattacks against organizations in some African nations increased significantly in 2022, despite a major expansion in cybersecurity hiring to support cloud and digital migration. This article has been indexed from Dark Reading Read the original article: African Nations Face Escalating…

Read more →

The APT35 group (aka Charming Kitten), have added backdoor capabilities to their spear-phishing payloads — and targeted an Israeli reporter with it. This article has been indexed from Dark Reading Read the original article: Iran-Linked APT35 Targets Israeli Media With…

Read more →

The detection model identifies LLM patterns to counter the rising abuse of generative AI in social engineering attacks. This article has been indexed from Dark Reading Read the original article: Perception Point Unveils AI Model to Thwart Generative AI-Based BEC…

Read more →

One Peak investment will advance the ubiquity of network assurance, helping organizations to reduce network complexity, assure network automation, and improve network security. This article has been indexed from Dark Reading Read the original article: IP Fabric Announces $25M Series…

Read more →

With the right collaboration among employers, educators, and policymakers, we can come together to create a more secure environment for all. This article has been indexed from Dark Reading Read the original article: 3 Ways to Build a More Skilled…

Read more →

Though government agencies have hundreds of devices exposed to the open Internet, experts wonder if CISA is moving at the right pace. This article has been indexed from Dark Reading Read the original article: CISA Wants Exposed Government Devices Remediated…

Read more →

Now, if you’ve got an IoT network powered by Pepper, you can insure it through Embedded Insurance — even if your business is too small to support a SOC. This article has been indexed from Dark Reading Read the original…

Read more →

Now, if you’ve got an IoT network powered by Pepper, you can insure it through Embedded Insurance — even if your business is too small to support a SOC. This article has been indexed from Dark Reading Read the original…

Read more →

Patches are available for three bugs, but with technical details and PoCs now available, threat actors can craft targeted attacks. This article has been indexed from Dark Reading Read the original article: Researchers Detail 4 SAP Bugs, Including Flaw in…

Read more →

New online safety bill could force encrypted messaging apps like iMessage and WhatsApp to scan for child abuse material, but platforms warn about privacy implications. This article has been indexed from Dark Reading Read the original article: Apple Objects to…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: IEC Standardization Leaders Convene in Amsterdam to Review Utility Interworking of…

Read more →

Though government agencies have hundreds of devices exposed to the open Internet, experts wonder if CISA’s moving at the right pace. This article has been indexed from Dark Reading Read the original article: CISA Wants Exposed Government Devices Remediated In…

Read more →

Stellar leverages cyber physical system detection and response (CPSDR) to prevent unexpected system changes from impacting operational reliability and availability. This article has been indexed from Dark Reading Read the original article: TXOne Networks’ Stellar Solution Safeguards Operational Stability for…

Read more →

New program provides organizations a way to show customers and partners their cybersecurity posture meets rigorous standards of CREST accreditation. This article has been indexed from Dark Reading Read the original article: Center for Internet Security, CREST Join Forces to…

Read more →

Innovative risk-based model enables better security measures. This article has been indexed from Dark Reading Read the original article: OTORIO Rolls Out Advanced Attack Graph Analysis for OT Security

Read more →

The new brand is launched alongside new product security platform capabilities such as a vulnerability management (VM) co-pilot and incident response investigation management, providing automation and workflows for the many teams involved in product security. This article has been indexed…

Read more →

More than 950,000 job postings for tech positions in Q4 2022. This article has been indexed from Dark Reading Read the original article: Employer Demand for Technology Workers Across Europe Remains on Firm Footing

Read more →

Key findings from the research also show three of the four new malware threats on this quarter’s top-ten list originated in China and Russia, living-off-the-land attacks on the rise, and more. This article has been indexed from Dark Reading Read…

Read more →

New report offers valuable resource to help organizations evaluate the safety and reliability of open-source packages. This article has been indexed from Dark Reading Read the original article: Mend.io Launches Inaugural Open Source Reliability Leaderboard

Read more →

The company introduces a solution to restore trust in customers’ existing cyber defense techstack. This article has been indexed from Dark Reading Read the original article: Invary Raises $1.85M in Pre-Seed Funding to Close Critical Gap in Zero Trust Security

Read more →

Virtual kidnapping is just one of many new artificial intelligence attack types that threat actors have begun deploying, as voice cloning emerges as a potent new imposter tool. This article has been indexed from Dark Reading Read the original article:…

Read more →

Misconfiguration exposed the physical addresses of 60,000 patent filers over three years. This article has been indexed from Dark Reading Read the original article: US Patent Office Hacked, Trademark Apps Accessed

Read more →

Organizations should consider their security practices the same way people think about their well-being. Focus on staying healthy instead of finding a new pill for every security symptom you see. This article has been indexed from Dark Reading Read the…

Read more →

As cloud adoption grows, organizations need to rethink their approaches to securing hybrid cloud and multicloud environments. This article has been indexed from Dark Reading Read the original article: 3 Tips to Increase Hybrid and Multicloud Security

Read more →

Two Mideast nations that were at odds until recently have announced the “Crystal Ball” project, aimed at better protecting against cyberattacks via collaboration and knowledge sharing. This article has been indexed from Dark Reading Read the original article: UAE, Israel…

Read more →

A new version of the double-extortion group’s malware reflects a growing trend among ransomware actors to expand cybercrime opportunities beyond Windows. This article has been indexed from Dark Reading Read the original article: Newbie Akira Ransomware Builds Momentum With Linux…

Read more →

We’re still unprepared to fight the security bugs we already encounter, let alone new AI-borne issues. This article has been indexed from Dark Reading Read the original article: When It Comes to Secure Coding, ChatGPT Is Quintessentially Human

Read more →

The popular package manager for software developers has been vulnerable to this attack vector for a while, and negligent in fixing the problem, according to a former employee. This article has been indexed from Dark Reading Read the original article:…

Read more →

Generative AI chatbots like ChatGPT are the buzziest of the buzzy right now, but the cyber community is starting to mature when it comes to assessing where it should fit into our lives. This article has been indexed from Dark…

Read more →

Swiss intelligence warns that Russia ramping up cyberattacks on infrastructure and cyber espionage as on-the-ground options evaporate. This article has been indexed from Dark Reading Read the original article: Russian Spies, War Ministers Reliant on Cybercrime in Pariah State

Read more →

Generative AI chatbots like ChatGPT are the buzziest of the buzzy right now, but the cyber community is starting to mature when it comes to assessing where it should fit into our lives. This article has been indexed from Dark…

Read more →

With at least 13,000 compromised devices in the data leak, it is still unknown who the threat actor is or whether or not victims will be personally notified. This article has been indexed from Dark Reading Read the original article:…

Read more →

Because social engineering usually succeeds, companies need to test whether their defenses can block adversaries that gain employees’ trust. This article has been indexed from Dark Reading Read the original article: Social Engineering Adds Depth to Red Team Exercises

Read more →

The combination of data science expertise, cloud resources, and Cato’s vast data lake enables real-time, ML-powered protection against evasive cyberattacks, reducing risk and improving security. This article has been indexed from Dark Reading Read the original article: Cato Networks Revolutionizes…

Read more →

The investment will allow enterprises to further secure non-human identities and safely leverage the soaring adoption of third-party apps and Generative AI services. This article has been indexed from Dark Reading Read the original article: Astrix Security Raises $25M in…

Read more →

Half-day virtual Authenticate Summit to educate on how passkeys can fit into a variety of enterprise environments. This article has been indexed from Dark Reading Read the original article: FIDO Alliance Publishes Guidance for Deploying Passkeys in the Enterprise

Read more →

Survey also uncovers 63% of respondents distrust ChatGPT while 51% question AI’s ability to improve Internet safety. This article has been indexed from Dark Reading Read the original article: Malwarebytes ChatGPT Survey Reveals 81% are Concerned by Generative AI Security…

Read more →

Developers’ enthusiasm for ChatGPT and other LLM tools leaves most organizations largely unprepared to defend against the vulnerabilities that the nascent technology creates. This article has been indexed from Dark Reading Read the original article: Generative AI Projects Pose Major…

Read more →

Saudi Arabia is one of the world’s leaders in cybersecurity development and preparedness, according to the latest rankings. This article has been indexed from Dark Reading Read the original article: Saudi Arabia’s Cyber Capabilities Ranked Second Globally

Read more →

With the National Cybersecurity Strategy planning to add real teeth into enforcement actions, software vendors have extra incentive to reduce applications’ security debt. This article has been indexed from Dark Reading Read the original article: 3 Strategies for Bringing Rigor…

Read more →

New LLM-based projects typically become successful in a short period of time, but the security posture of these generative AI projects are very low, making them extremely unsafe to use. This article has been indexed from Dark Reading Read the…

Read more →

In a move to embarrass the city, hacking group known as SiegedSec accessed thousands of files with administrator logins, but it’s making no ransom demands. This article has been indexed from Dark Reading Read the original article: Trans-Rights Hacktivists Steal…

Read more →

By leveraging misconfigured DLLs instead of EDR-monitored APIs, this new technique injects malicious code into running processes, completely evading endpoint security. This article has been indexed from Dark Reading Read the original article: Mockingjay Slips By EDR Tools With Process…

Read more →

Cl0p ransomware group uses its Dark Web leak site to identify five new victims of MOVEit cyberattacks. This article has been indexed from Dark Reading Read the original article: UCLA, Siemens Among Latest Victims of Relentless MOVEit Attacks

Read more →

Organizations are largely deluded about their own security postures, according to an analysis, with the average SIEM failing to detect a whopping 76% of attacker TTPs. This article has been indexed from Dark Reading Read the original article: Most Enterprise…

Read more →

The attack exposed personal information from pilot applicants, prompting both airlines to ditch their third-party provider and move services internally. This article has been indexed from Dark Reading Read the original article: Pilot Applicant Information for American, Southwest Hacked

Read more →

The $7.5 million in new funds from the Cybersecurity for Rural Water Systems Act of 2023 is not just a drop in the bucket for crucially important rural water systems. This article has been indexed from Dark Reading Read the…

Read more →

The new FDA software bill of materials (SBOM) guidelines for medical devices could have broad impact on the healthcare industry and the broader open source ecosystem. This article has been indexed from Dark Reading Read the original article: Why the…

Read more →

By investing in a strong future cybersecurity workforce, we can prevent future attacks on US critical infrastructure before they occur. This article has been indexed from Dark Reading Read the original article: Preventing Cyberattacks on Schools Starts With K–12 Cybersecurity…

Read more →

CEO says SEC penalties related to the 2020 SolarWinds supply chain attacks are unwarranted and is ready to mount a defense to any legal actions against the company or its employees. This article has been indexed from Dark Reading Read…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Genworth Financial Reports Data Breach Leaking SSNs Belonging to 2.7M Policyholders…

Read more →