How and Why to Apply OSINT to Protect the Enterprise

Here's how to flip the tide and tap open source intelligence to protect your users.

Cybercriminals Weaponizing Ransomware Data for BEC Attacks

Attacked once, victimized multiple times: Data marketplaces are making it easier for threat actors to find and use data exfiltrated during ransomware attacks in follow-up attacks.

Patch Madness: Vendor Bug Advisories Are Broken, So Broken

Dustin Childs and Brian Gorenc of ZDI take the opportunity at Black Hat USA to break down the many vulnerability disclosure issues making patch prioritization a nightmare scenario for many orgs.

Software Supply Chain Chalks Up a Security Win With New Crypto Effort

GitHub, the owner of the Node Package Manager (npm), proposes cryptographically linking source code and JavaScript packages in an effort to shore up supply chain security.

Novel Ransomware Comes to the Sophisticated SOVA Android Banking Trojan

Unusually, SOVA, which targets US users, now allows lateral movement for deeper data access. Version 5 adds an encryption capability.

How to Clear Security Obstacles and Achieve Cloud Nirvana

Back-end complexity of cloud computing means there's plenty of potential for security problems. Here's how to get a better handle on SaaS application security.

Microsoft: We Don't Want to Zero-Day Our Customers

The head of Microsoft's Security Response Center defends keeping its initial vulnerability disclosures sparse — it is, she says, to protect customers.

Krebs: Taiwan, Geopolitical Headwinds Loom Large

During a keynote at Black Hat 2022, former CISA director Chris Krebs outlined the biggest risk areas for the public and private sectors for the next few years.

After Colonial Pipeline, Critical Infrastructure Operators Remain Blind to Cyber-Risks

In her keynote address at Black Hat USA 2022, Kim Zetter gives a scathing rebuke of Colonial Pipeline for not foreseeing the attack.

Supply Chain Security Startup Phylum Wins the First Black Hat Innovation Spotlight

Up-and-coming companies shoot their shot in a new feature introduced at the 25th annual cybersecurity conference.

Cyber-Insurance Fail: Most Businesses Lack Ransomware Coverage

Even among businesses with cyber insurance, they lack coverage for basic costs of many cyberattacks, according to a BlackBerry survey.

4 Flaws, Other Weaknesses Undermine Cisco ASA Firewalls

More than 1 million instances of firewalls running Cisco Adaptive Security Appliance (ASA) software have four vulnerabilities that undermine its security, a researcher finds.

New Cross-Industry Group Launches Open Cybersecurity Framework

Eighteen companies, led by Amazon and Splunk, announced the OCSF framework to provide a standard way for sharing threat detection telemetry among different monitoring tools and applications.

Cisco Confirms Data Breach, Hacked Files Leaked

Ransomware gang gained access to the company's VPN in May by convincing an employee to accept a multifactor authentication (MFA) push notification.

The Time Is Now for IoT Security Standards

Industry standards would provide predictable and understandable IoT security frameworks.

New Open Source Tools Launched for Adversary Simulation

The new open source tools are designed to help defense, identity and access management, and security operations center teams discover vulnerable network shares.

New HTTP Request Smuggling Attacks Target Web Browsers

Threat actors can abuse weaknesses in HTTP request handling to launch damaging browser-based attacks on website users, researcher says.

Multiple Vulnerabilities Discovered in Device42 Asset Management Appliance

Four serious security issues on the popular appliance could be exploited by hackers with any level of access within the host network, Bitdefender researchers say.

Many ZTNA, MFA Tools Offer Little Protection Against Cookie Session Hijacking Attacks

Many of the technologies and services that organizations are using to isolate Internet traffic from the internal network lack session validation mechanisms, security startup says.

Rethinking Software in the Organizational Hierarchy

Least privilege is a good defense normally applied only to users. What if we limited apps' access to other apps and network resources based on their roles and responsibilities?

Mimecast Announces Mimecast X1™ Platform Providing Customers With Email and Collaboration Security

Platform engineered to let organizations mitigate risk and manage complexities.

OPSWAT Presents New Malware Analysis Capabilities for Operational Technology at Black Hat USA 2022

Product enhancements to offer full IT and OT threat intelligence services for OPSWAT customers.

Bugcrowd Taps Top Hackers for Live Hacking Event with Indeed at 2022 Black Hat Conference

.

Deepfence ThreatMapper 1.4 Unveils Open Source Threat Graph to Visualize Cloud-Native Threat Landscape

New release also includes enterprise-grade cloud security posture management (CSPM) and YARA-based malware scanning capabilities.

Zero Trust & XDR: The New Architecture of Defense

Zero trust and XDR are complementary and both are necessary in today's modern IT environment. In this article, we discuss the intersection of zero trust and XDR.

Compliance Certifications: Worth the Effort?

Because demonstrating compliance with industry regulations can be cumbersome and expensive, it's important to ensure they're also absolutely essential.

Flow Security Launches Next-Gen Data Security Platform Following $10 Million Seed Round

First-of-its-kind solution discovers and protects both data at rest and in motion.

Looking Back at 25 Years of Black Hat

The Black Hat USA conference's silver jubilee is an opportunity to remember its defining moments, the impact it has made on the security community, and its legacy.

Software Development Pipelines Offer Cybercriminals 'Free-Range' Access to Cloud, On-Prem

A Q&A with NCC Group's Viktor Gazdag ahead of a Black Hat USA session on CI/CD pipeline risks reveals a scary, and expanding, campaign vector for software supply chain attacks and RCE.

Microsoft Patches Zero-Day Actively Exploited in the Wild

The computing giant issued a massive Patch Tuesday update, including a pair of remote execution flaws in the Microsoft Support Diagnostic Tool (MSDT) after attackers used one of the vulnerabilities in a zero-day exploit.

Halo Security Emerges From Stealth With Full Attack Surface Management Platform

The latest startup to enter the space also has a free scanning service to audit the contents of any website.

Cybrary Unveils Next-Generation Interactive, Hands-On Training Experience to Upskill Cybersecurity Professionals

New SOC Analyst Assessment delivers threat-informed training in a live lab environment to help cybersecurity professionals defend their organizations against the latest adversarial tactics and techniques.

Researchers Debut Fresh RCE Vector for Common Google API Tool

The finding exposes the danger of older, unpatched bugs, which plague at least 4.5 million devices.

Abusing Kerberos for Local Privilege Escalation

Upcoming Black Hat USA presentation will examine the implications of Kerberos weaknesses for security on the local machine.

Domino's Takes a Methodical Approach to IoT

The success of Domino's Flex IoT project can be attributed in large part to the security best practices it followed.

Russia-Ukraine Conflict Holds Cyberwar Lessons

Initial attacks used damaging wiper malware and targeted infrastructure, but the most enduring impacts will likely be from disinformation, researchers say. At Black Hat USA, SentinelOne's Juan Andres Guerrero-Saade and Tom Hegel will discuss.

US Oil and Gas Sector at Risk of a Cyberbreach, According to BreachBits Study

Study offers a cyber "state of the industry" analysis from a hacker's perspective to help companies anticipate attacks.

Netscout Arbor Insight Leverages Patented ASI Technology to Enhance Security and Operational Awareness for Network Operators of Any Scale

Extends all aspects of the Arbor Sightline solution with unique, real-time multidimensional DDoS and traffic analytics capabilities.

Lacework Updates Threat Detection To Uncover More Malicious Activity and Speed Investigation at Scale

New time series model and enhanced alerting experience make it easy for organizations to address more threats in the cloud while enabling faster investigations.

Don't Take the Cyber Safety Review Board's Log4j Report at Face Value

Given the lack of reporting requirements, the findings are more like assumptions. Here's what organizations can do to minimize exposure.

Human Threat Hunters Are Essential to Thwarting Zero-Day Attacks

Machine-learning algorithms alone may miss signs of a successful attack on your organization.

10 Malicious Code Packages Slither into PyPI Registry

The discovery adds to the growing list of recent incidents where threat actors have used public code repositories to distribute malware in software supply chain attacks.

Dark Reading News Desk: Live at Black Hat USA 2022

TODAY at 10 PT: Dark Reading News Desk returns to Black Hat USA 2022

Deepfakes Grow in Sophistication, Cyberattacks Rise Following Ukraine War

A rising tide of threats — from API exploits to deepfakes to extortionary ransomware attacks — is threatening to overwhelm IT security teams.

HYAS Infosec Announces General Availability of Cybersecurity Solution for Production Environments

HYAS Confront provides total visibility into your production environment, giving you insight into potential issues like cyber threats before they become problems.

We Have the Tech to Scale Up Open Source Vulnerability Fixes — Now It's Time to Leverage It

Q&A with Jonathan Leitschuh, inaugural HUMAN Dan Kaminsky Fellow, in advance of his upcoming Black Hat USA presentation.

What Adjustable Dumbbells Can Teach Us About Risk Management

A new workout leads to five smart lessons about the importance of converging security and fraud into a unified risk function.

Pipeline Operators Are Headed in the Right Direction, With or Without TSA's Updated Security Directives

A worsening threat landscape, increased digitization, and the long-term positive effects of modern security strategies are pushing critical infrastructure operators to do better.

What Worries Security Teams About the Cloud?

What issues are cybersecurity professionals concerned about in 2022? You tell us!

Genesis IAB Market Brings Polish to the Dark Web

As the market for initial access brokers matures, services like Genesis — which offers elite access to compromised systems and slick, professional services — are raising the bar in the underground economy.

A Ransomware Explosion Fosters Thriving Dark Web Ecosystem

For the right price, threat actors can get just about anything they want to launch a ransomware attack — even without technical skills or any previous experience.

Stolen Data Gives Attackers Advantage Against Text-Based 2FA

With names, email addresses, and mobile numbers from underground databases, one person in five is at risk of account compromise even with SMS two-factor authentication in place.

Fresh RapperBot Malware Variant Brute-Forces Its Way Into SSH Servers

Over the past few weeks, a Mirai variant appears to have made a pivot from infecting new servers to maintaining remote access.

A Digital Home Has Many Open Doors

Development of digital gateways to protect the places where we live, work, and converse need to be secure and many doors need to offer restricted access.

How to Resolve Permission Issues in CI/CD Pipelines

This Tech Tip outlines how DevOps teams can address security integration issues in their CI/CD pipelines.

Cyberattackers Increasingly Target Cloud IAM as a Weak Link

At Black Hat USA, Igal Gofman plans to address how machine identities in the cloud and the explosion of SaaS apps are creating risks for IAM, amid escalating attention from attackers.

Amazon, IBM Move Swiftly on Post-Quantum Cryptographic Algorithms Selected by NIST

A month after the algorithms were revealed, some companies have already begun incorporating the future standards into their products and services.

Time to Patch VMware Products Against a Critical New Vulnerability

A dangerous VMware authentication-bypass bug could give threat actors administrative access over virtual machines.

Bug in Kaspersky VPN Client Allows Privilege Escalation

The CVE-2022-27535 local privilege-escalation security vulnerability in the security software threatens remote and work-from-home users.

How Email Security Is Evolving

Securing email communication has never been more critical for organizations, and it has never been more challenging to do so. Attack volumes have increased and become more sophisticated.