Microsoft Patches Zero-Day Actively Exploited in the Wild

The computing giant issued a massive Patch Tuesday update, including a pair of remote execution flaws in the Microsoft Support Diagnostic Tool (MSDT) after attackers used one of the vulnerabilities in a zero-day exploit.

Halo Security Emerges From Stealth With Full Attack Surface Management Platform

The latest startup to enter the space also has a free scanning service to audit the contents of any website.

Cybrary Unveils Next-Generation Interactive, Hands-On Training Experience to Upskill Cybersecurity Professionals

New SOC Analyst Assessment delivers threat-informed training in a live lab environment to help cybersecurity professionals defend their organizations against the latest adversarial tactics and techniques.

Researchers Debut Fresh RCE Vector for Common Google API Tool

The finding exposes the danger of older, unpatched bugs, which plague at least 4.5 million devices.

Abusing Kerberos for Local Privilege Escalation

Upcoming Black Hat USA presentation will examine the implications of Kerberos weaknesses for security on the local machine.

Domino's Takes a Methodical Approach to IoT

The success of Domino's Flex IoT project can be attributed in large part to the security best practices it followed.

Russia-Ukraine Conflict Holds Cyberwar Lessons

Initial attacks used damaging wiper malware and targeted infrastructure, but the most enduring impacts will likely be from disinformation, researchers say. At Black Hat USA, SentinelOne's Juan Andres Guerrero-Saade and Tom Hegel will discuss.

US Oil and Gas Sector at Risk of a Cyberbreach, According to BreachBits Study

Study offers a cyber "state of the industry" analysis from a hacker's perspective to help companies anticipate attacks.

Netscout Arbor Insight Leverages Patented ASI Technology to Enhance Security and Operational Awareness for Network Operators of Any Scale

Extends all aspects of the Arbor Sightline solution with unique, real-time multidimensional DDoS and traffic analytics capabilities.

Lacework Updates Threat Detection To Uncover More Malicious Activity and Speed Investigation at Scale

New time series model and enhanced alerting experience make it easy for organizations to address more threats in the cloud while enabling faster investigations.

Don't Take the Cyber Safety Review Board's Log4j Report at Face Value

Given the lack of reporting requirements, the findings are more like assumptions. Here's what organizations can do to minimize exposure.

Human Threat Hunters Are Essential to Thwarting Zero-Day Attacks

Machine-learning algorithms alone may miss signs of a successful attack on your organization.

10 Malicious Code Packages Slither into PyPI Registry

The discovery adds to the growing list of recent incidents where threat actors have used public code repositories to distribute malware in software supply chain attacks.

Dark Reading News Desk: Live at Black Hat USA 2022

TODAY at 10 PT: Dark Reading News Desk returns to Black Hat USA 2022

Deepfakes Grow in Sophistication, Cyberattacks Rise Following Ukraine War

A rising tide of threats — from API exploits to deepfakes to extortionary ransomware attacks — is threatening to overwhelm IT security teams.

HYAS Infosec Announces General Availability of Cybersecurity Solution for Production Environments

HYAS Confront provides total visibility into your production environment, giving you insight into potential issues like cyber threats before they become problems.

We Have the Tech to Scale Up Open Source Vulnerability Fixes — Now It's Time to Leverage It

Q&A with Jonathan Leitschuh, inaugural HUMAN Dan Kaminsky Fellow, in advance of his upcoming Black Hat USA presentation.

What Adjustable Dumbbells Can Teach Us About Risk Management

A new workout leads to five smart lessons about the importance of converging security and fraud into a unified risk function.

Pipeline Operators Are Headed in the Right Direction, With or Without TSA's Updated Security Directives

A worsening threat landscape, increased digitization, and the long-term positive effects of modern security strategies are pushing critical infrastructure operators to do better.

What Worries Security Teams About the Cloud?

What issues are cybersecurity professionals concerned about in 2022? You tell us!

Genesis IAB Market Brings Polish to the Dark Web

As the market for initial access brokers matures, services like Genesis — which offers elite access to compromised systems and slick, professional services — are raising the bar in the underground economy.

A Ransomware Explosion Fosters Thriving Dark Web Ecosystem

For the right price, threat actors can get just about anything they want to launch a ransomware attack — even without technical skills or any previous experience.

Stolen Data Gives Attackers Advantage Against Text-Based 2FA

With names, email addresses, and mobile numbers from underground databases, one person in five is at risk of account compromise even with SMS two-factor authentication in place.

Fresh RapperBot Malware Variant Brute-Forces Its Way Into SSH Servers

Over the past few weeks, a Mirai variant appears to have made a pivot from infecting new servers to maintaining remote access.

A Digital Home Has Many Open Doors

Development of digital gateways to protect the places where we live, work, and converse need to be secure and many doors need to offer restricted access.

How to Resolve Permission Issues in CI/CD Pipelines

This Tech Tip outlines how DevOps teams can address security integration issues in their CI/CD pipelines.

Cyberattackers Increasingly Target Cloud IAM as a Weak Link

At Black Hat USA, Igal Gofman plans to address how machine identities in the cloud and the explosion of SaaS apps are creating risks for IAM, amid escalating attention from attackers.

Amazon, IBM Move Swiftly on Post-Quantum Cryptographic Algorithms Selected by NIST

A month after the algorithms were revealed, some companies have already begun incorporating the future standards into their products and services.

Time to Patch VMware Products Against a Critical New Vulnerability

A dangerous VMware authentication-bypass bug could give threat actors administrative access over virtual machines.

Bug in Kaspersky VPN Client Allows Privilege Escalation

The CVE-2022-27535 local privilege-escalation security vulnerability in the security software threatens remote and work-from-home users.

How Email Security Is Evolving

Securing email communication has never been more critical for organizations, and it has never been more challenging to do so. Attack volumes have increased and become more sophisticated.

Massive China-Linked Disinformation Campaign Taps PR Firm for Help

A global network of inauthentic news sites present themselves as independent news outlets, offering content favoring China's government and articles critical of the US.

Phylum Releases a Free Community Edition to Make Software Supply Chain Security More Accessible

Users can identify risks across five domains, work on multiple projects, and take advantage of exclusive community benefits.

The Myth of Protection Online — and What Comes Next

It's a myth that consuming and processing alerts qualifies as security. Today's technology allows better detection and prevention, rather than accepting the low bar for protection set by ingrained incident response reactions.

Deep Instinct Pioneers Deep-Learning Malware Prevention to Protect Mission-Critical Business Applications at Scale

Agentless approach meets the attacker earlier to protect financial services and other large enterprises from an underserved attack vector.

35K Malicious Code Insertions in GitHub: Attack or Bug-Bounty Effort?

In the last month, "Pl0xP" cloned several GitHub repositories, adding malicious code to the forks that would attempt to infect developer systems and steal sensitive files that included software keys.

Ping Identity to Go Private After $2.8B Acquisition

The identity-services company is being acquired by Thoma Bravo software investment for cash, before being delisted.

Startup Footprint Tackles Identity Verification

Early-stage startup Footprint's goal is to provide tools that change how enterprises verify, authentication, authorize, and secure identity.

How IT Teams Can Use 'Harm Reduction' for Better Cybersecurity Outcomes

Copado's Kyle Tobener will discuss a three-pronged plan at Black Hat USA for addressing human weaknesses in cybersecurity with this medical concept — from phishing to shadow IT.

Critical RCE Bug in DrayTek Routers Opens SMBs to Zero-Click Attacks

SMBs should patch CVE-2022-32548 now to avoid a host of horrors, including complete network compromise, ransomware, state-sponsored attacks, and more.

School Kid Uploads Ransomware Scripts to PyPI Repository as 'Fun' Project

The malware packages had names that were common typosquats of a legitimate widely used Python library. One was downloaded hundreds of times.

Cyberattackers Drain Nearly $6M From Solana Crypto Wallets

So far, the ongoing attack has impacted nearly 8,000 Solana hot wallets.

Zero-Day Defense: Tips for Defusing the Threat

Because they leave so little time to patch and defuse, zero-day threats require a proactive, multilayered approach based on zero trust.

ShiftLeft Appoints Prevention-First, Cybersecurity Visionary and AI/ML Pioneer Stuart McClure as CEO

Serial entrepreneur, cybersecurity leader, and industry veteran joins ShiftLeft to drive growth and AI/ML innovation globally.

Druva Introduces the Data Resiliency Guarantee of up to $10 Million

The new program offers robust protection across all five data risk categories: cyber, human, application, operation, and environmental.

CompTIA CEO Outlines Initiative to Create the Pre-eminent Destination to Start, Build and ‘Supercharge’ a Tech Career

Todd Thibodeaux uses ChannelCon 2022 state of the industry remarks to unveil CompTIA’s Project Agora; invites broad industry participation in the effort to fight for tech talent.

Netskope Acquires Infiot, Will Deliver Fully Integrated, Single-Vendor SASE Platform

Converged SASE platform provides AI-driven Zero trust security and simplified, optimized connectivity to any network location or device, including IoT.

5 Ways Chess Can Inspire Strategic Cybersecurity Thinking

Rising interest in chess may feed the next generation of cybersecurity experts.

American Express, Snapchat Open-Redirect Vulnerabilities Exploited in Phishing Scheme

Phishing operators are taking advantage of security bugs in the Amex and Snapchat websites (the latter is unpatched) to steer victims to phishing pages looking to harvest Google and Microsoft logins.

Thousands of Mobile Apps Leaking Twitter API Keys

New finding comes amid report of overall surge in threats targeting mobile and IoT devices over the past year.

Large Language AI Models Have Real Security Benefits

Complex neural networks, including GPT-3, can deliver useful cybersecurity capabilities, such as explaining malware and quickly classifying websites, researchers find.

Massive New Phishing Campaign Targets Microsoft Email Service Users

The campaign uses adversary-in-the-middle techniques to bypass multifactor authentication, evade detection.

From Babuk Source Code to Darkside Custom Listings — Exposing a Thriving Ransomware Marketplace on the Dark Web

Venafi investigation of 35 million Dark Web URLs shows macro-enabled ransomware widely available at bargain prices.

Manufacturing Sector in 2022 Is More Vulnerable to Account Compromise and Supply Chain Attacks in the Cloud than Other Verticals

Netwrix study reveals that manufacturing organizations experienced these types of attacks more often than any other industry surveyed.

Axis Raises the Bar With Modern-Day ZTNA Service that Boasts Hyper-Intelligence, Simplicity, and 350 Global Edges

Launches industry’s first ZTNA migration tool and ZTNA buyback program, setting the stage for migration away from ZTNA 1.0.

T-Mobile Store Owner Made $25M Using Stolen Employee Credentials

Now-convicted phone dealer reset locked and blocked phones on various mobile networks.

Microsoft Intros New Attack Surface Management, Threat Intel Tools

Microsoft says the new tools will give security teams an attacker's-eye view of their systems and supercharge their investigation and remediation efforts.

Capital One Breach Conviction Exposes Scale of Cloud Entitlement Risk

To protect against similar attacks, organizations should focus on bringing cloud entitlements and configurations under control.

VirusTotal: Threat Actors Mimic Legitimate Apps, Use Stolen Certs to Spread Malware

Attackers are turning to stolen credentials and posing as trusted applications to socially engineer victims, according to Google study of malware submitted to VirusTotal.

Incognia Mobile App Study Reveals Low Detection of Location Spoofing in Dating Apps

With over 323 million users of dating apps worldwide, study finds location spoofing is a threat to user trust and safety.