Category: Dark Reading

Extradited from Spain, PlugWalkJoe has been sentenced in US court and is now headed to federal prison on a raft of charges related to account hijacking and cyber stalking. This article has been indexed from Dark Reading Read the original…

Read more →

A recent campaign shows that the politically motivated threat actor has more tricks up its sleeve than previously known, targeting a critical exploit and wiping logs to cover their tracks. This article has been indexed from Dark Reading Read the…

Read more →

Law firms have an ethical responsibility to protect their clients’ sensitive information, but a recent swell of cyberattacks does not seem to be enough to convince law firms to shore up cybersecurity. This article has been indexed from Dark Reading…

Read more →

Companies targeted by hacking groups with Cl0p ransomware typically have several chances to catch the attack prior to the payload being deployed, experts say. This article has been indexed from Dark Reading Read the original article: Cl0p in Your Network?…

Read more →

AI-generated code promises quicker fixes for vulnerabilities, but ultimately developers and security teams must balance competing interests. This article has been indexed from Dark Reading Read the original article: Remediation Ballet Is a Pas de Deux of Patch and Performance

Read more →

Infrastructure as code lets organizations manage cloud infrastructure with the same versioning, testing, and automation processes they use for application code. This article has been indexed from Dark Reading Read the original article: How Infrastructure as Code Can Help Minimize…

Read more →

A legitimate installer for the popular Nintendo game infects Windows machines with various malware, including a cryptominer and an infostealer, again showcasing the importance of remote worker security hygiene. This article has been indexed from Dark Reading Read the original…

Read more →

In this day of “not if, but when” for breaches, transparency and full disclosure are important to salvage a company’s reputation and keep public trust. This article has been indexed from Dark Reading Read the original article: 3 Steps to…

Read more →

AD bridging extends the reach of your AD domain to non-Windows systems, providing centralized security, single sign-on, and compliance. This article has been indexed from Dark Reading Read the original article: How Active Directory Bridging Extends Security Automation to Hybrid…

Read more →

Integration provides threat intel teams with an early warning system for geopolitical events that could trigger cyberattacks. This article has been indexed from Dark Reading Read the original article: Silobreaker Unveils Geopolitical Threat Intelligence Capabilities With RANE at Infosecurity Europe…

Read more →

Identity threat detection and response adds user entity behavioral analytics to fraud detection, creating a powerful tool for real-time protection. This article has been indexed from Dark Reading Read the original article: ITDR Combines and Refines Familiar Cybersecurity Approaches

Read more →

It’s unclear why the NSA issued in-depth mitigation guidance for the software boot threat now, but orgs should take steps to harden their environments. This article has been indexed from Dark Reading Read the original article: NSA: BlackLotus BootKit Patching…

Read more →

Unknown senders have been shipping smartwatches to service members, leading to questions regarding what kind of ulterior motive is at play, malware or otherwise. This article has been indexed from Dark Reading Read the original article: Suspicious Smartwatches Mailed to…

Read more →

For line-of-business execs, the fear of grinding mission-critical systems to a halt overrides the fear of ransomware. How can CISOs overcome this? This article has been indexed from Dark Reading Read the original article: Why Legacy System Users Prioritize Uptime…

Read more →

Exploiting a flaw in how the app handles communication with external tenants gives threat actors an easy way to send malicious files from a trusted source to an organization’s employees, but no patch is imminent. This article has been indexed…

Read more →

Black Hat Asia 2023 showed that cybersecurity is nascent among organizations in Asia with opportunities for improvement. This article has been indexed from Dark Reading Read the original article: Black Hat Asia 2023: Cybersecurity Maturity and Concern in Asia

Read more →

The impending regulations highlight the increasing importance of enhanced network security and regulatory compliance across the government sector. This article has been indexed from Dark Reading Read the original article: How Government Contractors & Agencies Should Navigate New Cyber Rules

Read more →

Many organizations are unwittingly exposing users of their code repositories to repojacking when renaming projects, a new study shows. This article has been indexed from Dark Reading Read the original article: Millions of Repos on GitHub Are Potentially Vulnerable to…

Read more →

While there’s plenty of upside to rolling out deception technologies, it’s not clear if cybersecurity leaders — or their organizations — are ready for them. This article has been indexed from Dark Reading Read the original article: Deception Technologies Have…

Read more →

Scammers are setting out lures for people looking for work. If a position sounds too good to be true, it probably is. This article has been indexed from Dark Reading Read the original article: Job Seekers, Look Out for Job…

Read more →

Software-as-a-service expands an organization’s attack surface, and security teams need to understand how to address those risks. This article has been indexed from Dark Reading Read the original article: Growing SaaS Usage Means Larger Attack Surface

Read more →

Under construction: The world’s leading ransomware gang is workshopping ransomware for less obvious systems beyond Windows environments. Experts weigh in on how worried we should be. This article has been indexed from Dark Reading Read the original article: LockBit Developing…

Read more →

Cybersecurity expert and proven entrepreneur to help protective DNS leader drive vision and scale through hypergrowth. This article has been indexed from Dark Reading Read the original article: Former Duo Security Co-Founder Jon Oberheide Joins DNSFilter Board of Directors

Read more →

Acquisition of NetSpyGlass extends Airgap Zero Trust Firewall™ innovation leadership with advanced network and asset intelligence for business-critical networks. This article has been indexed from Dark Reading Read the original article: Airgap Networks Acquires NetSpyGlass

Read more →

Award-winning XEM platform introduces advanced SBOM capabilities, expanded ARM support, and additional Risk & Compliance improvements. This article has been indexed from Dark Reading Read the original article: Tanium Platform Advances Threat Identification Capabilities and Enhances Endpoint Reach

Read more →

Full-cycle verification platform enhances its facial biometrics verification with innovative deepfake detection technology; shares new 2023 identity fraud trends. This article has been indexed from Dark Reading Read the original article: Sumsub Launches Advanced Deepfakes Detector

Read more →

Small and midsized companies work to jettison some security tools to simplify operations and reduce cost, even as any economic downturn continues to remain at bay. This article has been indexed from Dark Reading Read the original article: Even With…

Read more →

The “nOAuth” attack allows cross-platform spoofing and full account takeovers, and enterprises need to remediate the issue immediately, researchers warn. This article has been indexed from Dark Reading Read the original article: Azure AD ‘Log in With Microsoft’ Authentication Bypass…

Read more →

Dark data may be your most elusive asset, but it can also be your most costly if you don’t protect it. This article has been indexed from Dark Reading Read the original article: 5 Steps for Minimizing Dark Data Risk

Read more →

A ready-made, low-complexity path to pwning the popular enterprise VPN clients for remote workers is now circulating in the wild. This article has been indexed from Dark Reading Read the original article: Patch Now: Cisco AnyConnect Bug Exploit Released in…

Read more →

More connectivity means more potential ways into your enterprise, so securing every main attack surface is imperative. This article has been indexed from Dark Reading Read the original article: 6 Attack Surfaces You Must Protect

Read more →

Compliance, seen as a burden for businesses, is being passed to overloaded IT departments — leaving organizations unsure if they’re compliant at all. This article has been indexed from Dark Reading Read the original article: IT Staff Increasingly Saddled With…

Read more →

Camaro Dragon (Mustang Panda) is spreading a malware variant of WispRider quickly across the globe even through air gaps, often unbeknown to users. This article has been indexed from Dark Reading Read the original article: USB Drives Spread Spyware as…

Read more →

From hardening Windows systems to adding access control and segmenting the network, there are steps organizations can take to better secure corporate data. This article has been indexed from Dark Reading Read the original article: Lessons From a Pen Tester:…

Read more →

The zero-day security bugs are being used to deploy the sophisticated but “odd” TriangleDB spying implant on targeted iOS devices. This article has been indexed from Dark Reading Read the original article: 2 More Apple Zero-Days Exploited in Ongoing iOS…

Read more →

The company says its Themis Co-pilot for Outlook helps recipients discern business email compromise attacks, reducing false positives for security staff. This article has been indexed from Dark Reading Read the original article: Ironscales Adds AI Assistant to Suss Out…

Read more →

The notorious APT15 used common malware tools and a third-generation custom “Graphican” backdoor to continue its information gathering exploits, this time against foreign ministries. This article has been indexed from Dark Reading Read the original article: 20-Year-Old Chinese APT15 Finds…

Read more →

The US Department of Justice adds litigators under its National Security Division to take on sophisticated cyber threats from adversarial nation-states. This article has been indexed from Dark Reading Read the original article: New DoJ Cyber Prosecution Team Will Go…

Read more →

The notorious APT15 used common malware tools and a third-generation custom ‘Graphican’ backdoor to continue its information gathering exploits, this time against foreign ministries. This article has been indexed from Dark Reading Read the original article: 20 Year-Old Chinese APT15…

Read more →

It’s time to update what we think we understand about ransomware, including new defensive measures and how fast the attack response should be. This article has been indexed from Dark Reading Read the original article: Ransomware Misconceptions Abound, to the…

Read more →

Gen Digital, the parent company of the security companies, is the latest victim in a rash of Cl0p attacks on the bug in the MOVEit transfer software, leading to employee data being revealed. This article has been indexed from Dark…

Read more →

The US Department of Justice adds litigators under its National Security Division to take on sophisticated cyber threats from adversarial nation-states. This article has been indexed from Dark Reading Read the original article: New DOJ Cyber Prosecution Team Will Go…

Read more →

INFOSEC23 — London — It’s time to update what we think we understand about ransomware, including new defensive measures and how fast the attack response should be. This article has been indexed from Dark Reading Read the original article: Ransomware…

Read more →

From fake job listings that ding your reputation to fake job applicants who hack your network, job scams are a major threat. This article has been indexed from Dark Reading Read the original article: Keep Job Scams From Hurting Your…

Read more →

A threat you’ve never heard of is using double extortion attacks on mom-and-pop shops around the globe. This article has been indexed from Dark Reading Read the original article: Emerging Ransomware Group 8Base Doxxes SMBs Globally

Read more →

A slew of critical advisories this week showcase an exploding edge device attack surface for SMBs, which have limited cybersecurity protection, visibility, and maintenance available. This article has been indexed from Dark Reading Read the original article: SMB Edge Devices…

Read more →

The emerging cyber-threat group is unusually persistent and nimble, bypassing MFA, stealing data, and using compromised environments for downstream customer attacks. This article has been indexed from Dark Reading Read the original article: ‘Muddled Libra’ Uses Oktapus-Related Smishing to Target…

Read more →

Organizations need to start taking critical infrastructure threats seriously, as they could be a precursor to future, hybrid cyber-kinetic warfare attacks, experts warn. This article has been indexed from Dark Reading Read the original article: Cyberattacks on OT, ICS Lay…

Read more →

While it’s impossible for an organization to be completely secure, there’s no reason to be defenseless. This article has been indexed from Dark Reading Read the original article: Placing People & Realism at the Center of Your Cybersecurity Strategy

Read more →

As a former Gartner analyst, it was interesting to be on the other side, listening as others explored the impact of CEO and CIO priorities on security. This article has been indexed from Dark Reading Read the original article: An…

Read more →

ChatGPT usage growing 25% monthly in enterprises, prompting key decisions to block or enable based on security, productivity concerns. This article has been indexed from Dark Reading Read the original article: Netskope Enables Secure Enterprise Use of ChatGPT and Generative…

Read more →

New product provides customers with an attacker’s view of their cyber resilience aligned to business context. This article has been indexed from Dark Reading Read the original article: Cymulate Announces Security Analytics for Continuous Threat Exposure Management

Read more →

The tool trained on the company’s investigative cybersecurity services data set, and provides natural language responses to client queries, to improve response and remediation efforts. This article has been indexed from Dark Reading Read the original article: eSentire’s AI Investigator…

Read more →

The nation of Jordan begins work on a national cybersecurity framework to align with international practices and better mitigate threats. This article has been indexed from Dark Reading Read the original article: Jordanian Cyber Leaders Kick Off Cybersecurity Framework Development

Read more →

Infostealers are as alive as ever, wantonly sweeping up whatever business data might be of use to cybercriminals, including OpenAI credentials. This article has been indexed from Dark Reading Read the original article: 100K+ Infected Devices Leak ChatGPT Accounts to…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: NineID Raises $2.6M to Build a Secure Bridge Between the Digital…

Read more →

The ransomware landscape is energized with the emergence of smaller groups and new tactics, while established gangs like LockBit see fewer victims. This article has been indexed from Dark Reading Read the original article: Fresh Ransomware Gangs Emerge As Market…

Read more →

A severe security vulnerability allows credentials for the power meters to continuously transmit in cleartext, allowing device takeover. This article has been indexed from Dark Reading Read the original article: Schneider Power Meter Vulnerability Opens Door to Power Outages

Read more →

A criminal crowd-sourcing campaign has led to swift adoption of the stealer, which can pilfer key computer data, credentials from browsers and chat apps, and cryptocurrency from multiple wallets. This article has been indexed from Dark Reading Read the original…

Read more →

It’s still important to use other security measures, such as strong passwords and two-factor authentication, to protect your data. This article has been indexed from Dark Reading Read the original article: Hackers Will Be Quick to Bypass Gmail’s Blue Check…

Read more →

Learn how the latest ransomware variant has heightened attack execution speed and what that means for cybersecurity operations. This article has been indexed from Dark Reading Read the original article: Rorschach Ransomware: What You Need to Know

Read more →

To adequately address privacy, manufacturers need to think differently about data. This article has been indexed from Dark Reading Read the original article: Consumer Data: The Risk and Reward for Manufacturing Companies

Read more →

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. This article has been indexed from Dark Reading Read the original article: Name That Toon: Time to Spare?

Read more →

Workforce IAM and consumer IAM are not interchangeable — they serve different purposes and constituencies. This article has been indexed from Dark Reading Read the original article: Decoding Identity and Access Management For Organizations and Consumers

Read more →

Pressure mounts on the NSO Group’s business viability as Khashoggi widow joins group of plaintiffs suing the Israeli firm for Pegasus spyware abuse. This article has been indexed from Dark Reading Read the original article: US Investors Sniffing Around Blacklisted…

Read more →

The threat organizations face with GenAI is not new, but it could speed how quickly private data reaches a wider audience. This article has been indexed from Dark Reading Read the original article: Generative AI Has Its Risks, But the…

Read more →

To properly secure DNS infrastructure, organizations need strong security hygiene around DNS infrastructure and records management as well as closely monitoring and filtering DNS traffic. This article has been indexed from Dark Reading Read the original article: Getting Over the…

Read more →

The DDoS collective claims to be teaming up with ReVIL and Anonymous Sudan for destructive financial attacks in retaliation for US aid in Ukraine, but the partnerships (and danger) are far from verified. This article has been indexed from Dark…

Read more →

This new role safeguarding cloud deployments requires an exceedingly rare set of technical and soft skills. This article has been indexed from Dark Reading Read the original article: The Infrastructure Security Engineer Is a Unicorn Among Thoroughbreds

Read more →

This first-ever event, hosted by the Security Industry Association and ASIS International and designed to advance, connect, and empower women in security, gathered hundreds of industry leaders in Nashville June 12-13, 2023. This article has been indexed from Dark Reading…

Read more →

MOVEit has created a patch to fix the issue and urges customers to take action to protect their environments, as Cl0p attacks on the service continue to mount. This article has been indexed from Dark Reading Read the original article:…

Read more →

Mobile users in the Middle East and Africa often download moneylending apps that ask for excessive permissions — an all too common issue in an area where mobile-only is the norm and cyber awareness is low. This article has been…

Read more →

Threat groups created a fake security company, “High Sierra,” with faux exploits and fake profiles for security researchers on GitHub and elsewhere, aiming to get targets to install their malware. This article has been indexed from Dark Reading Read the…

Read more →

Organizations need to prepare for security threats as summer holidays approach. This article has been indexed from Dark Reading Read the original article: Cybercrime Doesn’t Take a Vacation

Read more →

A few lines of code can help you prevent accidental exposure, manage sensitive information, and maintain different configurations for various environments. This article has been indexed from Dark Reading Read the original article: How Do I Protect My API Keys…

Read more →

The new privileged access management and secrets management capabilities tackles access issues and secret sprawl across the cloud environment. This article has been indexed from Dark Reading Read the original article: HashiCorp Expands PAM, Secrets Management Capabilities

Read more →

A few lines of code can help you prevent accidental exposure, manage sensitive information, and maintain different configurations for various environments. This article has been indexed from Dark Reading Read the original article: How Do I Protect My API Keys…

Read more →

A third perp has been fingered, but CISA warns that LockBit variants continue to be a major threat on a global scale. This article has been indexed from Dark Reading Read the original article: LockBit Affiliate Arrested, as Extortion Totals…

Read more →

The company aims to empower enterprises to securely manage their endpoints and remediate vulnerabilities from the cloud, enabling a work-from-anywhere environment with confidence. This article has been indexed from Dark Reading Read the original article: Action1 Announces $20M Investment in…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Keytos Uncovers 15,000 Vulnerable Subdomains per Month in Azure Using Cryptographic…

Read more →

Coalition ESS uses AI to generate dynamic risk scores to help organizations mitigate their most critical risks faster. This article has been indexed from Dark Reading Read the original article: Coalition Releases Security Vulnerability Exploit Scoring System

Read more →

A PRC-aligned actor used a trio of custom malware to take advantage of inherent weaknesses in edge appliances. This article has been indexed from Dark Reading Read the original article: Critical Barracuda ESG Zero-Day Linked to Novel Chinese APT

Read more →

Vulcan Connector for Wiz enables mutual customers to reduce cloud risk at scale. This article has been indexed from Dark Reading Read the original article: Vulcan Cyber Is a Launch Partner for Wiz Integrations (WIN) Platform

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Dark Reading Read the original article: Thales Proposes to Acquire Tesserent, Expanding its Global Cybersecurity Leadership

Read more →

It’s easy to find free training in cybersecurity, but is free the best option for entering the field? This article has been indexed from Dark Reading Read the original article: Free Training’s Role in Cybersecurity

Read more →

The academy is meant to ensure a safe and strong telecommunication service and information technologies for Angola’s citizens, the president said. This article has been indexed from Dark Reading Read the original article: Angola Marks Technology Advancements With Cybersecurity Academy…

Read more →

A new version of the infamous browser extension is spreading through files on websites offering pirated wares, and leverages unique persistence mechanisms. This article has been indexed from Dark Reading Read the original article: ‘Shampoo’ ChromeLoader Variant Difficult to Wash…

Read more →

Organizations that remain compliant with data-sovereignty regulations while enabling cross-border data sharing gain significant competitive advantage because they can make quick, agile, and informed decisions. This article has been indexed from Dark Reading Read the original article: Borderless Data vs.…

Read more →

NetSecOpen recently released a new draft of its testing and benchmarking guide, which could be adopted later this year. This article has been indexed from Dark Reading Read the original article: Network-Security Testing Standard Nears Prime Time

Read more →

Attackers continue to attempt to steal Bitcoin and other virtual coins, with a 40% increase in phishing attacks and fourfold increase in incidents. This article has been indexed from Dark Reading Read the original article: Cryptocurrency Attacks Quadrupled as Cybercriminals…

Read more →

Microsoft says Cadet Blizzard wielded a custom wiper malware in the weeks leading up to Russia’s invasion of Ukraine, and it remains capable of wanton destruction. This article has been indexed from Dark Reading Read the original article: Russian APT…

Read more →

St. Margaret’s Health is shutting down due to a 2021 ransomware attack and other factors. It’s an object lesson for how small and rural healthcare facilities face grave cyber-risk when extortionists come calling. This article has been indexed from Dark…

Read more →

Microsoft quickly issued patches for the two security issues, which could allow unauthorized access to cloud sessions. This article has been indexed from Dark Reading Read the original article: XSS Vulnerabilities Found in Microsoft Azure Cloud Services

Read more →

CISOs need to be better equipped with strategic metrics and proof points to better align their organization for defense against the ever-changing threat landscape. This article has been indexed from Dark Reading Read the original article: Moving the Cyber Industry…

Read more →

As business email compromise attacks continue to grow and become increasingly sophisticated, is your secure email gateway providing sufficient protection? This article has been indexed from Dark Reading Read the original article: Why Your SEG Could Be Your Email Security…

Read more →

Users urged to apply updates to FortiOS SSL-VPN after attackers may have leveraged a recently discovered vulnerability in attacks against government, manufacturing, and critical infrastructure organizations. This article has been indexed from Dark Reading Read the original article: Fortinet: Patched…

Read more →

The June 2023 Patch Tuesday security update included fixes for a bypass for two previously addressed issues in Microsoft Exchange and a critical elevation of privilege flaw in SharePoint Server. This article has been indexed from Dark Reading Read the…

Read more →

It’s time to include messaging tool security in your cloud security program. Good first steps include tightening filter parameters on Slack and Teams. This article has been indexed from Dark Reading Read the original article: How Popular Messaging Tools Instill…

Read more →

Mandiant’s ongoing investigation of UNC3886 has uncovered new details of threat actors’ TTPs. This article has been indexed from Dark Reading Read the original article: Chinese Threat Actor Abused ESXi Zero-Day to Pilfer Files From Guest VMs

Read more →

Threat actors have grown increasingly sophisticated in applying social engineering tactics against their victims, which is key to this oft-underrated cybercriminal scam’s success. This article has been indexed from Dark Reading Read the original article: Analysis: Social Engineering Drives BEC…

Read more →