White House Scales Back Response to SolarWinds & Exchange Server Attacks

Lessons learned from the Unified Coordination Groups will be used to inform future response efforts, a government official says.

Attackers Test Weak Passwords in Purple Fox Malware Attacks

Researchers share a list of passwords that Purple Fox attackers commonly brute force when targeting the SMB protocol.

Lazarus Group Uses New Tactic to Evade Detection

Attackers conceal malicious code within a BMP file to slip past security tools designed to detect embedded objects within images.

SolarWinds: A Catalyst for Change & a Cry for Collaboration

Cybersecurity is more than technology or safeguards like zero trust; mostly, it's about collaboration.

Pandemic Drives Greater Need for Endpoint Security

Endpoint security has changed. Can your security plan keep up?

High-Level Admin of FIN7 Cybercrime Group Sentenced to 10 Years in Prison

Fedir Hladyr pleaded guilty in 2019 to conspiracy to commit wire fraud and conspiracy to commit computer hacking.

Security Gaps in IoT Access Control Threaten Devices and Users

Researchers spot problems in how IoT vendors delegate device access across multiple clouds and users.

How the Biden Administration Can Make Digital Identity a Reality

A digital identity framework is the answer to the US government's cybersecurity dilemma.

Software Developer Arrested in Computer Sabotage Case

Officials say Davis Lu placed malicious code on servers in a denial-of-service attack on his employer.

Google Brings 37 Security Fixes to Chrome 90

The latest version of Google Chrome also introduces HTTPS as the browser's default protocol.

US Formally Attributes SolarWinds Attack to Russian Intelligence Agency

Treasury Department slaps sanctions on IT security firms that it says supported Russia's Foreign Intelligence Service carry out the attacks.

Pandemic Pushes Bot Operators to Redirect Efforts

As demand for travel, lodging, and concerts plummeted in 2020, bot traffic moved to more popular activities, such as e-commerce, healthcare, and government sites.

6 Tips for Managing Operational Risk in a Downturn

Many organizations adjust their risk appetite in an economic downturn, as risk is expanded to include supplier and customer insolvency, not to mention cash-flow changes.

How to Create an Incident Response Plan From the Ground Up

Security 101: In the wake of an incident, it's important to cover all your bases -- and treat your IR plan as a constantly evolving work in progress.

Nation-State Attacks Force a New Paradigm: Patching as Incident Response

IT no longer has the luxury of thoroughly testing critical vulnerability patches before rolling them out.

Malicious PowerShell Use, Attacks on Office 365 Accounts Surged in Q4

There was also a sharp increase in overall malware volumes in the fourth quarter of 2020, COVID-19 related attack activity, and mobile malware, new data shows.

Test-DEU-169665

President Biden has nominated Jen Easterly as the new director of CISA and is expected to nominate Chris Inglis as the first national cyber director.

Thycotic & Centrify Merge to Form Cloud Identity Security Firm

The combined entity will expand on both companies' privileged access management tools and expects to debut a new brand this year.

CISA Urges Caution for Security Researchers Targeted in Attack Campaign

The agency urges researchers to take precautions amid an ongoing targeted threat campaign.

FBI Operation Remotely Removes Web Shells From Exchange Servers

A court order authorized the FBI to remove malicious Web shells from hundreds of vulnerable machines running on-premises Exchange Server.

The CISO Life Is Half as Good

Lora Vaughn was at a crossroads -- and that was before mandated pandemic lockdowns came into play. Here's her story of how life got sweeter after she stepped away from the CISO job.

Bolstering Our Nation's Defenses Against Cybersecurity Attacks

Shawn Henry, former Executive Assistant Director of the FBI and current CrowdStrike president of services and CSO, shares the top three cybersecurity priorities that the Biden administration needs to address.

Dependency Problems Increase for Open Source Components

The number of components in the average application rose 77% over two years. No wonder, then, that 84% of codebases have at least one vulnerability.

DNS Vulnerabilities Expose Millions of Internet-Connected Devices to Attack

Researchers uncover a fresh set of nine vulnerabilities in four TCP/IP stacks that are widely used in everything from powerful servers and firewalls to consumer IoT products.

NSA Alerted Microsoft to New Exchange Server Vulnerabilities

Microsoft today patched 114 CVEs to address the Exchange Server flaws, more than 50 remote code execution vulnerabilities, and one zero-day.

Compromised Microsoft Exchange Server Used to Host Cryptominer

Researchers say an unknown attacker is targeting vulnerable Exchange Servers with a payload hosted on a compromised Exchange Server.

Global Dwell Time Drops as Ransomware Attacks Accelerate

The length of time attackers remain undiscovered in a target network has fallen to 24 days, researchers report, but ransomware plays a role.

Dark Reading to Upgrade Site Design, Performance

Improvements will make site content easier to navigate, faster, and more functional.

5 Objectives for Establishing an API-First Security Strategy

With APIs predicted to be the most common attack vector by 2022, an API-first security strategy is critical now more than ever.

Clear & Present Danger: Data Hoarding Undermines Better Security

Facebook and Google can identify patterns of attack within their own data, but smaller businesses rarely see enough traffic to successfully identify an attack or warn users.

Biden Nominates Former NSA Officials for Top Cybersecurity Roles

President Biden has nominated Jen Easterly as the new director of CISA and is expected to nominate Chris Inglis as the first national cyber director.

Microsoft Warns of Malware Delivery via Google URLs

A new campaign abuses legitimate website contact forms to send URLs that ultimately deliver the IcedID banking Trojan.

Federal Reserve Chairman Says Cyber-Risk a Top Threat to National Economy

Jerome Powell tells 60 Minutes that cyberattacks have the potential to do major damage to US financial system.

Microsoft Uses Machine Learning to Predict Attackers' Next Steps

Researchers build a model to attribute attacks to specific groups based on tactics, techniques, and procedures, and then figure out their next move.

New Malware Downloader Spotted in Targeted Campaigns

Saint Bot is being used to drop stealers on compromised systems but could be used to deliver any malware.

Wake Up and Smell the JavaScript

The SolarWinds attack showed the true meaning of a supply chain breach. And it's the canary in the coal mine for sensitive data on the Web.

Omdia Research Spotlight: XDR

Few emerging cybersecurity market segments are garnering more attention than XDR. Here, Omdia highlights its recent research on XDR.

CISA Launches New Threat Detection Dashboard

Aviary is a new dashboard that works with CISA's Sparrow threat detection tool.

Battle for the Endpoint

How to build a new cyber strategy for 2021 and beyond.

Unofficial Android App Store APKPure Infected With Malware

The APKPure app store was infected with malware that can download Trojans to other Android devices, researchers report.

8 Security & Privacy Apps to Share With Family and Friends

Mobile apps to recommend to the people in your life who want to improve their online security and privacy.

Women Are Facing an Economic Crisis & the Cybersecurity Industry Can Help

Investing in women's cybersecurity careers can bring enormous benefits and help undo some of the significant economic damage wrought by the pandemic.

Zoom Joins Microsoft Teams on List of Enterprise Tools Hacked at Pwn2Own

White-hat hacking event shows yet again why there's no such thing as foolproof security against modern attacks.

Fraudsters Use HTML Legos to Evade Detection in Phishing Attack

Criminals stitch pieces of HTML together and hide them in JavaScript files, researchers report.

600K Payment Card Records Leaked After Swarmshop Breach

A leaked database also contains the nicknames, hashed passwords, contact details, and activity history of Swarmshop admins, sellers, and buyers.

Handcuffs Over AI: Solving Security Challenges With Law Enforcement

We've tried everything else ... now it's time to make the prospect of getting caught -- and punished -- a real deterrent to cybercrime.

SecOps and DevOps: From Cooperation to Automation

Omdia Principal Analyst Eric Parizo discusses the major obstacles SecOps organizations face as they seek to build ties with DevOps teams, and offers a programmatic approach to help create a path toward DevSecOps.

Did 4 Major Ransomware Groups Truly Form a Cartel?

An analysis of well-known extortion groups and their cryptocurrency transactions reveals the answer.

Voice-Changing Software Found on APT Attackers' Server

Security researchers believe the presence of Morph Vox Pro could indicate APT-C-23 has new plans for their phishing campaigns.

Cring Ransomware Used in Attacks on European Industrial Firms

Attackers exploited a vulnerability in Fortigate VPN servers to gain access to target networks, researchers report.

Fortune 500 Security Shows Progress and Pitfalls

Fortune 500 companies have improved on email security and vulnerability disclosure programs but struggle in asset management and high-risk services.

Rethinking Cyberattack Response: Prevention & Preparedness

The SolarWinds incident is the starkest reminder yet that complacency can exact a terrible price.

5 Ways to Transform Your Phishing Defenses Right Now

By transforming how you approach phishing, you can break the phishing kill chain and meaningfully reduce your business risk.

Attackers Actively Seeking, Exploiting Vulnerable SAP Applications

Analysis of threat activity in mission-critical environments prompts CISA advisory urging SAP customers to apply necessary security patches and updates.

Cartoon Caption Winner: Something Seems Afoul

And the winner of Dark Readings's March cartoon caption contest is ...

Microsoft Teams, Exchange Server, Windows 10 Hacked in Pwn2Own 2021

The 2021 Pwn2Own is among the largest in its history, with 23 separate entries targeting 10 products.

Security Falls Short in Rapid COVID Cloud Migration

The quick pivot to the cloud for remote support also ushered in risks.

Crime Service Gives Firms Another Reason to Purge Macros

Recent Trickbot campaigns and at least three common banking Trojans all attempt to infect systems using malicious macros in Microsoft Office documents created using EtterSilent.

The Edge Pro Tip: Update Your DDoS Defense Plan

The idea of monetizing distributed denial-of-service (DDoS) attacks dates back to the 1990s. But the rise of DDoS-for-hire services and cryptocurrencies has radically changed the landscape.

Ryuk's Rampage Has Lessons for the Enterprise

The Ryuk ransomware epidemic is no accident. The cybercriminals responsible for its spread have systematically exploited weaknesses in enterprise defenses that must be addressed.