10 Malicious Code Packages Slither into PyPI Registry

The discovery adds to the growing list of recent incidents where threat actors have used public code repositories to distribute malware in software supply chain attacks.

Dark Reading News Desk: Live at Black Hat USA 2022

TODAY at 10 PT: Dark Reading News Desk returns to Black Hat USA 2022

Deepfakes Grow in Sophistication, Cyberattacks Rise Following Ukraine War

A rising tide of threats — from API exploits to deepfakes to extortionary ransomware attacks — is threatening to overwhelm IT security teams.

HYAS Infosec Announces General Availability of Cybersecurity Solution for Production Environments

HYAS Confront provides total visibility into your production environment, giving you insight into potential issues like cyber threats before they become problems.

We Have the Tech to Scale Up Open Source Vulnerability Fixes — Now It's Time to Leverage It

Q&A with Jonathan Leitschuh, inaugural HUMAN Dan Kaminsky Fellow, in advance of his upcoming Black Hat USA presentation.

What Adjustable Dumbbells Can Teach Us About Risk Management

A new workout leads to five smart lessons about the importance of converging security and fraud into a unified risk function.

Pipeline Operators Are Headed in the Right Direction, With or Without TSA's Updated Security Directives

A worsening threat landscape, increased digitization, and the long-term positive effects of modern security strategies are pushing critical infrastructure operators to do better.

What Worries Security Teams About the Cloud?

What issues are cybersecurity professionals concerned about in 2022? You tell us!

Genesis IAB Market Brings Polish to the Dark Web

As the market for initial access brokers matures, services like Genesis — which offers elite access to compromised systems and slick, professional services — are raising the bar in the underground economy.

A Ransomware Explosion Fosters Thriving Dark Web Ecosystem

For the right price, threat actors can get just about anything they want to launch a ransomware attack — even without technical skills or any previous experience.

Stolen Data Gives Attackers Advantage Against Text-Based 2FA

With names, email addresses, and mobile numbers from underground databases, one person in five is at risk of account compromise even with SMS two-factor authentication in place.

Fresh RapperBot Malware Variant Brute-Forces Its Way Into SSH Servers

Over the past few weeks, a Mirai variant appears to have made a pivot from infecting new servers to maintaining remote access.

A Digital Home Has Many Open Doors

Development of digital gateways to protect the places where we live, work, and converse need to be secure and many doors need to offer restricted access.

How to Resolve Permission Issues in CI/CD Pipelines

This Tech Tip outlines how DevOps teams can address security integration issues in their CI/CD pipelines.

Cyberattackers Increasingly Target Cloud IAM as a Weak Link

At Black Hat USA, Igal Gofman plans to address how machine identities in the cloud and the explosion of SaaS apps are creating risks for IAM, amid escalating attention from attackers.

Amazon, IBM Move Swiftly on Post-Quantum Cryptographic Algorithms Selected by NIST

A month after the algorithms were revealed, some companies have already begun incorporating the future standards into their products and services.

Time to Patch VMware Products Against a Critical New Vulnerability

A dangerous VMware authentication-bypass bug could give threat actors administrative access over virtual machines.

Bug in Kaspersky VPN Client Allows Privilege Escalation

The CVE-2022-27535 local privilege-escalation security vulnerability in the security software threatens remote and work-from-home users.

How Email Security Is Evolving

Securing email communication has never been more critical for organizations, and it has never been more challenging to do so. Attack volumes have increased and become more sophisticated.

Massive China-Linked Disinformation Campaign Taps PR Firm for Help

A global network of inauthentic news sites present themselves as independent news outlets, offering content favoring China's government and articles critical of the US.

Phylum Releases a Free Community Edition to Make Software Supply Chain Security More Accessible

Users can identify risks across five domains, work on multiple projects, and take advantage of exclusive community benefits.

The Myth of Protection Online — and What Comes Next

It's a myth that consuming and processing alerts qualifies as security. Today's technology allows better detection and prevention, rather than accepting the low bar for protection set by ingrained incident response reactions.

Deep Instinct Pioneers Deep-Learning Malware Prevention to Protect Mission-Critical Business Applications at Scale

Agentless approach meets the attacker earlier to protect financial services and other large enterprises from an underserved attack vector.

35K Malicious Code Insertions in GitHub: Attack or Bug-Bounty Effort?

In the last month, "Pl0xP" cloned several GitHub repositories, adding malicious code to the forks that would attempt to infect developer systems and steal sensitive files that included software keys.

Ping Identity to Go Private After $2.8B Acquisition

The identity-services company is being acquired by Thoma Bravo software investment for cash, before being delisted.

Startup Footprint Tackles Identity Verification

Early-stage startup Footprint's goal is to provide tools that change how enterprises verify, authentication, authorize, and secure identity.

How IT Teams Can Use 'Harm Reduction' for Better Cybersecurity Outcomes

Copado's Kyle Tobener will discuss a three-pronged plan at Black Hat USA for addressing human weaknesses in cybersecurity with this medical concept — from phishing to shadow IT.

Critical RCE Bug in DrayTek Routers Opens SMBs to Zero-Click Attacks

SMBs should patch CVE-2022-32548 now to avoid a host of horrors, including complete network compromise, ransomware, state-sponsored attacks, and more.

School Kid Uploads Ransomware Scripts to PyPI Repository as 'Fun' Project

The malware packages had names that were common typosquats of a legitimate widely used Python library. One was downloaded hundreds of times.

Cyberattackers Drain Nearly $6M From Solana Crypto Wallets

So far, the ongoing attack has impacted nearly 8,000 Solana hot wallets.

Zero-Day Defense: Tips for Defusing the Threat

Because they leave so little time to patch and defuse, zero-day threats require a proactive, multilayered approach based on zero trust.

ShiftLeft Appoints Prevention-First, Cybersecurity Visionary and AI/ML Pioneer Stuart McClure as CEO

Serial entrepreneur, cybersecurity leader, and industry veteran joins ShiftLeft to drive growth and AI/ML innovation globally.

Druva Introduces the Data Resiliency Guarantee of up to $10 Million

The new program offers robust protection across all five data risk categories: cyber, human, application, operation, and environmental.

CompTIA CEO Outlines Initiative to Create the Pre-eminent Destination to Start, Build and ‘Supercharge’ a Tech Career

Todd Thibodeaux uses ChannelCon 2022 state of the industry remarks to unveil CompTIA’s Project Agora; invites broad industry participation in the effort to fight for tech talent.

Netskope Acquires Infiot, Will Deliver Fully Integrated, Single-Vendor SASE Platform

Converged SASE platform provides AI-driven Zero trust security and simplified, optimized connectivity to any network location or device, including IoT.

5 Ways Chess Can Inspire Strategic Cybersecurity Thinking

Rising interest in chess may feed the next generation of cybersecurity experts.

American Express, Snapchat Open-Redirect Vulnerabilities Exploited in Phishing Scheme

Phishing operators are taking advantage of security bugs in the Amex and Snapchat websites (the latter is unpatched) to steer victims to phishing pages looking to harvest Google and Microsoft logins.

Thousands of Mobile Apps Leaking Twitter API Keys

New finding comes amid report of overall surge in threats targeting mobile and IoT devices over the past year.

Large Language AI Models Have Real Security Benefits

Complex neural networks, including GPT-3, can deliver useful cybersecurity capabilities, such as explaining malware and quickly classifying websites, researchers find.

Massive New Phishing Campaign Targets Microsoft Email Service Users

The campaign uses adversary-in-the-middle techniques to bypass multifactor authentication, evade detection.

From Babuk Source Code to Darkside Custom Listings — Exposing a Thriving Ransomware Marketplace on the Dark Web

Venafi investigation of 35 million Dark Web URLs shows macro-enabled ransomware widely available at bargain prices.

Manufacturing Sector in 2022 Is More Vulnerable to Account Compromise and Supply Chain Attacks in the Cloud than Other Verticals

Netwrix study reveals that manufacturing organizations experienced these types of attacks more often than any other industry surveyed.

Axis Raises the Bar With Modern-Day ZTNA Service that Boasts Hyper-Intelligence, Simplicity, and 350 Global Edges

Launches industry’s first ZTNA migration tool and ZTNA buyback program, setting the stage for migration away from ZTNA 1.0.

T-Mobile Store Owner Made $25M Using Stolen Employee Credentials

Now-convicted phone dealer reset locked and blocked phones on various mobile networks.

Microsoft Intros New Attack Surface Management, Threat Intel Tools

Microsoft says the new tools will give security teams an attacker's-eye view of their systems and supercharge their investigation and remediation efforts.

Capital One Breach Conviction Exposes Scale of Cloud Entitlement Risk

To protect against similar attacks, organizations should focus on bringing cloud entitlements and configurations under control.

VirusTotal: Threat Actors Mimic Legitimate Apps, Use Stolen Certs to Spread Malware

Attackers are turning to stolen credentials and posing as trusted applications to socially engineer victims, according to Google study of malware submitted to VirusTotal.

Incognia Mobile App Study Reveals Low Detection of Location Spoofing in Dating Apps

With over 323 million users of dating apps worldwide, study finds location spoofing is a threat to user trust and safety.

Cybrary Lands $25 Million in New Funding Round

Series C investment from BuildGroup and Gula Tech Adventures, along with appointment of Kevin Mandia to the board of directors, will propel a new chapter of company growth.

BlackCloak Bolsters Malware Protection With QR Code Scanner and Malicious Calendar Detection Features

In conjunction with Black Hat 2022, pioneer of digital executive protection also announces new security innovations and SOC 2 Type II certification.

5 Steps to Becoming Secure by Design in the Face of Evolving Cyber Threats

From adopting zero-trust security models to dynamic environments to operating under an "assumed breach" mentality, here are ways IT departments can reduce vulnerabilities as they move deliberately to become more secure.

CREST Defensible Penetration Test Released

CREST provides commercially defensible scoping, delivery, and sign-off recommendations for penetration tests.

DoJ: Foreign Adversaries Breach US Federal Court Records

A Justice Department official testifies to a House committee that the cyberattack is a "significant concern."

Ransomware Hit on European Pipeline & Energy Supplier Encevo Linked to BlackCat

Customers across several European countries are urged to update credentials in the wake of the attack that affected a gas-pipeline operator and power company.

Credential Canaries Create Minefield for Attackers

Canary tokens — also known as honey tokens — force attackers to second-guess their potential good fortune when they come across user and application secrets.

Chromium Browsers Allow Data Exfiltration via Bookmark Syncing

"Bruggling" emerges as a novel technique for pilfering data out from a compromised environment — or for sneaking in malicious code and attack tools.

Name That Edge Toon: Up a Tree

Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.

For Big Tech, Neutrality Is Not an Option — and Never Really Was

Tech companies play a vital role in global communication, which has profound effects on how politics, policies, and human rights issues play out.

AWS Focuses on Identity Access Management at re:Inforce

Identity and access management was front and center at AWS re:inforce this week.

Attackers Have 'Favorite' Vulnerabilities to Exploit

While attackers continue to rely on older, unpatched vulnerabilities, many are jumping on new vulnerabilities as soon as they are disclosed.