Category: Dark Reading

The YoroTrooper group claims to be from Azerbaijan and even routes its phishing traffic through the former Soviet republic. This article has been indexed from Dark Reading Read the original article: Kazakh Attackers, Disguised as Azerbaijanis, Hit Former Soviet States

Read more →

We have too much cybersecurity awareness. It’s time to implement repeatable, real-world practice that ingrains positive habits and security behaviors. This article has been indexed from Dark Reading Read the original article: Cybersecurity Awareness Doesn’t Cut It; It’s Time to…

Read more →

A campaign targeting European governmental organizations and a think tank shows consistency from the low-profile threat group, which has ties to Belarus and Russia. This article has been indexed from Dark Reading Read the original article: Winter Vivern APT Blasts…

Read more →

Cyber threats on satellite technology will persist and evolve. We need a comprehensive cybersecurity framework to protect them from attackers. This article has been indexed from Dark Reading Read the original article: A Cybersecurity Framework for Mitigating Risks to Satellite…

Read more →

This article has been indexed from Dark Reading Read the original article: Tines Report Finds More than Half of Security Professionals Likely To Switch Jobs Next Year

Read more →

Organizations should focus on four key areas to advance employee education and “cyber smartness.” This article has been indexed from Dark Reading Read the original article: This Cybersecurity Awareness Month, Don’t Lose Sight of Human Risk

Read more →

This article has been indexed from Dark Reading Read the original article: Accenture Expands Cybersecurity Services Capabilities in Latin America With Acquisition of MNEMO Mexico

Read more →

This article has been indexed from Dark Reading Read the original article: 2023 Ransomware Attacks Up More Than 95% Over 2022, According to Corvus Insurance Q3 Report

Read more →

Emerging RaaS operation uses Rhysida ransomware paired with a wicked infostealer called Lumar, researchers warn. This article has been indexed from Dark Reading Read the original article: Meet Rhysida, a New Ransomware Strain That Deletes Itself

Read more →

Okta’s IAM platform finds itself in cyberattackers’ sights once again, as threat actors mount a supply chain attack targeting Okta customer support engagements. This article has been indexed from Dark Reading Read the original article: 1Password Becomes Latest Victim of…

Read more →

The ex-employee claimed that he believed the shared information would benefit Russia and harm the US. This article has been indexed from Dark Reading Read the original article: Former NSA Employee Faces Life in Prison After Espionage Attempt

Read more →

Zatik takes a fractional approach to AppSec leadership to help small firms access the expertise they need to build secure-by-design software. This article has been indexed from Dark Reading Read the original article: Do Small Companies Need Fractional AppSec Teams…

Read more →

National response team attributes reduction to a cyber workforce with better training. This article has been indexed from Dark Reading Read the original article: Cyberattacks on Kenya Drop in Third Quarter

Read more →

Creating a new regulatory framework to better secure Oman’s banking system against future attacks. This article has been indexed from Dark Reading Read the original article: Strengthening Oman’s Economic Backbone

Read more →

As the conflict in the Middle East rages, malicious actors look to exploit the situation with bogus charity sites encouraging donations. This article has been indexed from Dark Reading Read the original article: Israeli-Hamas Conflict Spells Opportunity for Online Scammers

Read more →

Cybercriminals already operate across borders. Nations must do the same to protect their critical infrastructure, people, and technology from threats foreign and domestic. This article has been indexed from Dark Reading Read the original article: It’s Time to Establish the…

Read more →

Hundreds of millions of users of Grammarly, Vidio, and the Indonesian e-commerce giant Bukalapak are at risk for financial fraud and credential theft due to OAuth misfires — and other online services likely have the same problems. This article has…

Read more →

A seemingly sharp drop in the number of compromised Cisco IOS XE devices visible on the Internet led to a flurry of speculation over the weekend — but it turns out the malicious implants were just hiding. This article has…

Read more →

Brasileiro cybercrime has been on the rise. Now, one campaign targeting bank customers has reached beyond the Americas, into Europe. This article has been indexed from Dark Reading Read the original article: Hola Espana: ‘Grandoreiro’ Trojan Targets Global Banking Customers

Read more →

Despite warnings that sending one-time passwords via text messages is a flawed security measure, companies continue to roll out the approach, especially in consumer-facing applications. This article has been indexed from Dark Reading Read the original article: Valve’s 2FA Mandate…

Read more →

The investigation is ongoing, and the city will contact those who may have potentially been affected by the breach, it said. This article has been indexed from Dark Reading Read the original article: City of Philadelphia Releases Cyber-Breach Notice

Read more →

Cops track down ransomware developer and seize Ragnar Locker infrastructure and data-leak site, Europol says. This article has been indexed from Dark Reading Read the original article: Ragnar Locker Ransomware Boss Arrested in Paris

Read more →

Looking at the top 10 priorities of state CIOs underscores the importance of securing applications and APIs in complex environments. This article has been indexed from Dark Reading Read the original article: How State and Local Governments Can Serve Citizens…

Read more →

A spoofed version of an Israeli rocket-attack alerting app is targeting Android devices, in a campaign that shows how cyber-espionage attacks are shifting to individual, everyday citizens. This article has been indexed from Dark Reading Read the original article: Malicious…

Read more →

US DoJ: Beware of hiring freelance and temporary workers that could be operatives working to funnel money to North Korea’s WMD program. This article has been indexed from Dark Reading Read the original article: Freelance Market Flooded With North Korean…

Read more →

To protect themselves from threats, companies also need proactive cybersecurity. This article has been indexed from Dark Reading Read the original article: Telling Small Businesses to Buy Cyber Insurance Isn’t Enough

Read more →

What cloud service providers need to know to prepare for FedRAMP Baselines Rev. 5, as documented in the new Transition Guide. This article has been indexed from Dark Reading Read the original article: FedRAMP Rev. 5: How Cloud Service Providers…

Read more →

If we really want to move the dial on security habits, it’s time to think beyond phishing tests. Our panel of CISOs and other security heavy-hitters offer expert tips that go beyond the obvious. This article has been indexed from…

Read more →

Attackers compromised customer support files containing cookies and session tokens, which could result in malicious impersonation of valid Okta users. This article has been indexed from Dark Reading Read the original article: More Okta Customers Hacked

Read more →

Most companies offer some kind of awareness training these days. But how much of those lessons are employees actually retaining? This article has been indexed from Dark Reading Read the original article: From Snooze to Enthuse: Security Awareness Training That…

Read more →

A patch for the max severity zero-day bug tracked as CVE-2023-20198 is coming soon, but the bug has already led to the compromise of tens of thousands of Cisco devices. And now, there’s a new unpatched threat. This article has…

Read more →

SolarWinds’ access controls contain five high and three critical-severity security vulnerabilities that need to be patched yesterday. This article has been indexed from Dark Reading Read the original article: Critical SolarWinds RCE Bugs Enable Unauthorized Network Takeover

Read more →

Though there is speculation regarding potential candidates, the Department of Defense will likely not nominate someone in the near term. This article has been indexed from Dark Reading Read the original article: DoD Gets Closer to Nominating Cyber Policy Chief

Read more →

Users could hold up to five SIM cards previously, but now they can only have two; it’s a move that the government says is intended to cut down mobile spam levels. This article has been indexed from Dark Reading Read…

Read more →

Vietnamese cybercrime groups are using multiple different MaaS infostealers and RATs to target the digital marketing sector. This article has been indexed from Dark Reading Read the original article: Ducktail Infostealer, DarkGate RAT Linked to Same Threat Actors

Read more →

To make cybersecurity an organizationwide priority, CISOs must avoid these common input, empathy, and alignment obstacles. This article has been indexed from Dark Reading Read the original article: Change From Within: 3 Cybersecurity Transformation Traps for CISOs to Avoid

Read more →

This article has been indexed from Dark Reading Read the original article: SailPoint Unveils Annual ‘Horizons of Identity Security’ Report

Read more →

This article has been indexed from Dark Reading Read the original article: Fingerprint Raises $33M in Series C Funding to Accelerate Enterprise Device Intelligence and Fraud Prevention Adoption

Read more →

This article has been indexed from Dark Reading Read the original article: Spec Secures $15M Series A Funding, Accelerating Innovation in Fraud Defense

Read more →

This article has been indexed from Dark Reading Read the original article: Norton Boosts Security and Privacy With Enhanced Password Manager and AntiTrack

Read more →

This article has been indexed from Dark Reading Read the original article: AI ‘Will Have a Significant Impact on Energy Industry,’ EPRI Tells Congress

Read more →

Two weeks after the first data leak from the DNA ancestry service, the threat actor produces an additional 4 million user records they purportedly stole. This article has been indexed from Dark Reading Read the original article: 23AndMe Hacker Leaks…

Read more →

Known threat groups Diamond Sleet and Onyx Sleet focus on cyber espionage, data theft, network sabotage, and other malicious actions, Microsoft says. This article has been indexed from Dark Reading Read the original article: North Korean State Actors Attack Critical…

Read more →

Several countries in Europe as well as the United States and Japan were involved in the operation, which is aimed at defanging one of the bigger names in ransomware. This article has been indexed from Dark Reading Read the original…

Read more →

Dark Reading’s special report on SecOps data analytics looks at the elements needed to set up a proper data foundation. Getting the data right when collecting, aggregating, and analyzing it is essential. This article has been indexed from Dark Reading…

Read more →

The Israelis are building a cyber defense system that will use ChatGPT-like generative AI platforms to parse threat intelligence. This article has been indexed from Dark Reading Read the original article: AI-Powered Israeli ‘Cyber Dome’ Defense Operation Comes to Life

Read more →

Dark Reading’s special report on SecOps data analytics looks at the elements needed to set up a proper data foundation. Getting the data right when collecting, aggregating, and analyzing it is essential. This article has been indexed from Dark Reading…

Read more →

Amid the burgeoning war, Israel’s tech sector is focused on resilience. Ofer Schreiber, senior director at YL Ventures, weighs in on the conflict, funding for cybersecurity startups, overblown valuations, and what the future holds. This article has been indexed from…

Read more →

State-sponsored cyber espionage actors from Russia and China continue to target WinRAR users with various info-stealing and backdoor malware, as a patching lag plagues the software’s footprint. This article has been indexed from Dark Reading Read the original article: Patch…

Read more →

The state-sponsored threat actors (aka APT34, Crambus, Helix Kitten, or OilRig) spent months seemingly taking whatever government data they wished, using never-before-seen tools. This article has been indexed from Dark Reading Read the original article: Iran-Linked ‘MuddyWater’ Spies on Mideast…

Read more →

It’s time to build a culture of privacy, one that businesses uphold. This article has been indexed from Dark Reading Read the original article: The Trifecta of Consumer Data Privacy: Education, Advocacy & Accountability

Read more →

Should CISOs include only known information in the SEC filings for a material security incident, or is there room to include details that may change during the investigation? This article has been indexed from Dark Reading Read the original article:…

Read more →

The router specialist says the attacker’s claims to have heisted millions and millions of records are significantly overblown. But an incident did happen, stemming from a successful phish. This article has been indexed from Dark Reading Read the original article:…

Read more →

The sensitive nature of medical records, combined with providers’ focus on patient care, make small doctor’s offices ideal targets for cyber extortion. This article has been indexed from Dark Reading Read the original article: FBI: Hackers Are Extorting Plastic Surgery…

Read more →

The latest threat to Citrix NetScaler, CVE-2023-4966, was exploited as a zero-day bug for months before a patch was issued. Researchers expect exploitation efforts to surge. This article has been indexed from Dark Reading Read the original article: Critical Citrix…

Read more →

Analysis of more than 1.8 million admin portals reveals IT leaders, with the highest privileges, are just as lazy about passwords as everyone else. This article has been indexed from Dark Reading Read the original article: The Most Popular IT…

Read more →

Facing a potential cascade of legal challenges from industry groups and state attorneys general, the EPA has rescinded its cyber-rules. But where does that leave local water safety? This article has been indexed from Dark Reading Read the original article:…

Read more →

The sophisticated APT employs various tactics to abuse Windows and other built-in protocols with both custom and public malware to take over victim systems. This article has been indexed from Dark Reading Read the original article: North Korea’s Kimsuky Doubles…

Read more →

The hacktivists known as SiegedSec identify ICS targets, but there’s no evidence of attacks yet. This article has been indexed from Dark Reading Read the original article: Pro-Iranian Hacktivists Set Sights on Israeli Industrial Control Systems

Read more →

Building a culture of cybersecurity is achievable by acknowledging its importance and consistently reinforcing that message. This article has been indexed from Dark Reading Read the original article: The Need for a Cybersecurity-Centric Business Culture

Read more →

For Israeli startups and those closely linked to the country, the deepening crisis in the Middle East following the deadly Hamas attacks of Oct. 7 pose a fraught mix of complications. This article has been indexed from Dark Reading Read…

Read more →

The CISO Survival Guide explores the complex and shifting challenges, perceptions, and innovations that will shape how organizations securely expand in the future. This article has been indexed from Dark Reading Read the original article: Data Security and Collaboration in…

Read more →

If not correctly locked down, Jupyter Notebook offers a novel initial access vector that hackers can use to compromise enterprise cloud environments, as seen in a recent hacking incident. This article has been indexed from Dark Reading Read the original…

Read more →

Once ethics guardrails are breached, generative AI and LLMs could become nearly unlimited in its capacity to enable evil acts, researchers warn. This article has been indexed from Dark Reading Read the original article: Chatbot Offers Roadmap for How to…

Read more →

The move by the e-commerce kahuna to offer advanced authentication to its 300+ million users has the potential to move the needle on the technology’s adoption, security experts say. This article has been indexed from Dark Reading Read the original…

Read more →

The ClearFake campaign uses fake browser updates to lure victims and spread RedLine, Amadey, and Lumma stealers. This article has been indexed from Dark Reading Read the original article: ‘Etherhiding’ Blockchain Technique Masks Malicious Code in WordPress Sites

Read more →

Just a day after Cisco disclosed CVE-2023-20198, it remains unpatched, and one vendor says a Shodan scan shows at least 10,000 Cisco devices with an implant for arbitrary code execution on them. The vendor meanwhile has updated the advisory with…

Read more →

The two countries agree to share financial services information and provide cross-border training and best practices. This article has been indexed from Dark Reading Read the original article: UAE, US Partner to Bolster Financial Services Cybersecurity

Read more →

Updating your browser when prompted is a good practice, just make sure the notification comes from the vendor themselves. This article has been indexed from Dark Reading Read the original article: Watch Out: Attackers Are Hiding Malware in ‘Browser Updates’

Read more →

Avoid these errors to get the greatest value from your incident response training sessions. This article has been indexed from Dark Reading Read the original article: Top 6 Mistakes in Incident Response Tabletop Exercises

Read more →

HIPAA compliance does not equal security, as continuing attacks on healthcare organizations show. Medical devices need to be secured. This article has been indexed from Dark Reading Read the original article: 5 Ways Hospitals Can Help Improve Their IoT Security

Read more →

Enterprises need to create a secure structure for tracking, assessing, and monitoring their growing stable of AI business apps. This article has been indexed from Dark Reading Read the original article: Security Must Empower AI Developers Now

Read more →

A spoofed version of the popular RedAlert app collects sensitive user data on Israeli citizens, including contacts, call logs, SMS account details, and more. This article has been indexed from Dark Reading Read the original article: Malicious ‘Airstrike Alert’ App…

Read more →

No patch or workaround is currently available for the maximum severity flaw, which allows attackers to gain complete administrator privilege on affected devices remotely and without authentication. This article has been indexed from Dark Reading Read the original article: Critical,…

Read more →

A threat group known as “Void Rabisu” used a spoofed Women Political Leaders Summit website to target attendees to the actual conference with espionage malware. This article has been indexed from Dark Reading Read the original article: ‘RomCom’ Cyber Campaign…

Read more →

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. This article has been indexed from Dark Reading Read the original article: Name That Toon: Modern Monarchy

Read more →

It’s been a year since its last communication and attack on Iran — but the conflict with Hamas appears to have reactivated the group. This article has been indexed from Dark Reading Read the original article: Pro-Israeli Hacktivist Group Predatory…

Read more →

By using data to drive policy underwriting, cyber-insurance companies can offer coverage without a price tag that drives customers away. This article has been indexed from Dark Reading Read the original article: How Data Changes the Cyber-Insurance Market Outlook

Read more →

SaaS security is broad, possibly confusing, but undeniably crucial. Make sure you have the basics in place: discovery, risk assessment, and user access management. This article has been indexed from Dark Reading Read the original article: 3 Essential Steps to…

Read more →

The security principle of zero trust is the cornerstone of robust cloud security. This article has been indexed from Dark Reading Read the original article: Why Zero Trust Is the Cloud Security Imperative

Read more →

The Cyber Resilience Act’s requirement to disclose vulnerabilities within 24 hours could expose organizations to attacks — or government surveillance. This article has been indexed from Dark Reading Read the original article: Security Pros Warn That EU’s Vulnerability Disclosure Rule…

Read more →

CISA and FBI warn the RaaS provider’s affiliates are striking critical industries, with more attacks expected to come from additional ransomware groups in the months ahead. This article has been indexed from Dark Reading Read the original article: Feds: Beware…

Read more →

Progress Software plans to collect millions in cyber insurance policy payouts after the MOVEit breaches, which will make getting coverage more expensive and harder to get for everyone else, experts say. This article has been indexed from Dark Reading Read…

Read more →

The European Union’s Cyber Resilience Act’s requirement to disclose vulnerabilities within 24 hours of exploitation could potentially expose organizations to attacks from adversaries or government surveillance. This article has been indexed from Dark Reading Read the original article: Security Pros…

Read more →

The goal of the program is to uncover critical or important vulnerabilities within the AI-powered Bing program. This article has been indexed from Dark Reading Read the original article: Microsoft Debuts AI Bug-Bounty Program, Offers $15K

Read more →

The botnet — built for DDoS, backdooring, and dropping malware — is evading standard URL signature detections with a novel approach. This article has been indexed from Dark Reading Read the original article: ShellBot Cracks Linux SSH Servers, Debuts New…

Read more →

Mandiant’s John Hultquist says to expect anti-Israel influence and espionage campaigns to ramp up as the war grinds on. This article has been indexed from Dark Reading Read the original article: Gaza Conflict Paves Way for Pro-Hamas Information Operations

Read more →

The writers’ strike shows that balancing artificial intelligence and human ingenuity is the best possible outcome for creative as well as cybersecurity professionals. This article has been indexed from Dark Reading Read the original article: What the Hollywood Writers Strike…

Read more →

Finding the right post-quantum cryptographic (PQC) algorithms is necessary, but not sufficient, to future-proof cybersecurity. This article has been indexed from Dark Reading Read the original article: Making the Case for Cryptographic Agility and Orchestration

Read more →

Joe Sullivan’s lawyers have claimed his conviction on two felony charges is based on tenuous theories and criminalizes the use of bug bounty programs. This article has been indexed from Dark Reading Read the original article: Uber’s Ex-CISO Appeals Conviction…

Read more →

Government security processes are often viewed as tedious and burdensome — but applying the lessons learned from them is imperative for private industry to counter a nation-state threat. This article has been indexed from Dark Reading Read the original article:…

Read more →

This Tech Tip outlines how enterprise defenders can mitigate the risks of the curl and libcurl vulnerabilities in their environments. This article has been indexed from Dark Reading Read the original article: How to Scan Your Environment for Vulnerable Versions…

Read more →

Cryptocurrency apps were the most high risk for exposing sensitive information, a reverse-engineering study shows. This article has been indexed from Dark Reading Read the original article: Pan-African Financial Apps Leak Encryption, Authentication Keys

Read more →

A sophisticated APT known as “ToddyCat,” sponsored by Beijing, is cleverly using unsophisticated malware to keep defenders off their trail. This article has been indexed from Dark Reading Read the original article: Chinese ‘Stayin’ Alive’ Attacks Dance Onto Targets With…

Read more →

Touted for days as potentially catastrophic, the curl flaws only impact a narrow set of deployments. This article has been indexed from Dark Reading Read the original article: Curl Bug Hype Fizzles After Patching Reveal

Read more →

Organizations should brace for mass exploitation of CVE-2023-22515, an uber-critical security bug that opens the door to crippling supply chain attacks on downstream victims. This article has been indexed from Dark Reading Read the original article: Microsoft: Chinese APT Behind…

Read more →

CISA flags use-after-free bug now being exploited in the wild. This article has been indexed from Dark Reading Read the original article: Adobe Acrobat Reader Vuln Now Under Attack

Read more →

Cisco’s $28 billion purchase of Splunk was the biggest story, but there were other big security acquisitions and investments during a richer-than-expected quarter. This article has been indexed from Dark Reading Read the original article: Cloud Security Demand Drives Better…

Read more →

The Israeli-Hamas war will most assuredly impact businesses when it comes to ramped-up cyberattacks. Experts say that Israel’s considerable collection of cybersecurity vendors be a major asset on the cyber-front. This article has been indexed from Dark Reading Read the…

Read more →

The novel technique helps hide the cybercriminal campaign’s efforts to steal credit card information from visitors to major websites, and it represents an evolution for Magecart. This article has been indexed from Dark Reading Read the original article: Magecart Campaign…

Read more →