Easing the Cyber-Skills Crisis With Staff Augmentation

Filling cybersecurity roles can be costly, slow, and chancy. More firms are working with third-party service providers to quickly procure needed expertise.

China's APT41 Embraces Baffling Approach for Dropping Cobalt Strike Payload

The state-sponsored threat actor has switched up its tactics, also adding an automated SQL-injection tool to its bag of tricks for initial access.

Mac Attack: North Korea's Lazarus APT Targets Apple's M1 Chip

Lazarus continues to expand an aggressive, ongoing spy campaign, using fake Coinbase job openings to lure in victims.

5 Russia-Linked Groups Target Ukraine in Cyberwar

Information on the attributed cyberattacks conducted since the beginning of the Russia-Ukraine war shows that a handful of groups conducted more than two dozen attacks.

Which Security Bugs Will Be Exploited? Researchers Create an ML Model to Find Out

How critical is that vulnerability? University researchers are improving predictions of which software flaws will end up with an exploit, a boon for prioritizing patches and estimating risk.

Summertime Blues: TA558 Ramps Up Attacks on Hospitality, Travel Sectors

The cybercriminal crew has used 15 malware families to target travel and hospitality companies globally, constantly changing tactics over the course of its four-year history.

How to Upskill Tech Staff to Meet Cybersecurity Needs

Cybersecurity is the largest current tech skills gap; closing it requires a concerted effort to upskill existing staff.

OpenSSF Announces 13 New Members Committed to Strengthening the Security of the Open Source Software Supply Chain

Hosts next OpenSSF Day in Dublin.

Google Cloud Adds Curated Detection to Chronicle

The curated detection feature for Chronicle SecOps Suite provides security teams with actionable insights on cloud threats and Windows-based attacks from Google Cloud Threat Intelligence Team.

Google Chrome Zero-Day Found Exploited in the Wild

The high-severity security vulnerability (CVE-2022-2856) is due to improper user-input validation.

'DarkTortilla' Malware Wraps in Sophistication for High-Volume RAT Infections

The stealthy crypter, active since 2015, has been used to deliver a wide range of information stealers and RATs at a rapid, widespread clip.

When Countries Are Attacked: Making the Case for More Private-Public Cooperation

The increased sophistication of cyberattacks makes them more widely damaging and difficult to prevent.

'Operation Sugarush' Mounts Concerning Spy Effort on Shipping, Healthcare Industries

A suspected Iranian threat actor known as UNC3890 is gathering intel that could be used for kinetic strikes against global shipping targets.

China-Backed RedAlpha APT Builds Sprawling Cyber-Espionage Infrastructure

The state-sponsored group particularly targets organizations working on behalf of the Uyghurs, Tibet, and Taiwan, looking to gather intel that could lead to human-rights abuses, researchers say.

Thoma Bravo Closes $6.9B Acquisition of Identity-Security Vendor SailPoint

All-cash transaction deal that was first announced in April means SailPoint is no longer a publicly traded company.

ThreatX Raises $30 Million in Series B Funding to Accelerate Growth in Global API Protection Market

Funds will support product development and market expansion for ThreatX, which delivers real-time protection for APIs and Web apps against complex botnets, DDoS, and multimode attacks.

AuditBoard Launches Third-Party Risk Management Solution, Empowering Enterprises to Tackle IT Vendor Risk at Scale

Solution streamlines the assessment, monitoring, and remediation of third-party risk for information security, compliance, and risk teams.

7 Smart Ways to Secure Your E-Commerce Site

Especially if your e-commerce and CMS platforms are integrated, you risk multiple potential sources of intrusion, and the integration points themselves may be vulnerable to attack.

Microsoft Rolls Out Tamper Protection for Macs

The new feature detects attempts to modify files and processes for Microsoft Defender for Endpoints on macOS.

Microsoft Disrupts Russian Group's Multiyear Cyber-Espionage Campaign

"Seaborgium" is a highly persistent threat actor that has been targeting organizations and individuals of likely interest to the Russian government since at least 2017, company says.

DEF CON: A Woman's First Experience

Omdia Senior Analyst Hollie Hennessy goes over her first experience of DEF CON as a woman in cybersecurity.

Clop Ransomware Gang Breaches Water Utility, Just Not the Right One

South Staffordshire in the UK has acknowledged it was targeted in a cyberattack, but Clop ransomware appears to be shaking down the wrong water company.

Whack-a-Mole: More Malicious PyPI Packages Spring Up Targeting Discord, Roblox

Just as one crop of malware-laced software packages is taken down from the popular Python code repository, a new host arrives, looking to steal a raft of data.

Name That Toon: Vicious Circle

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

With Plunge in Value, Cryptocurrency Crimes Decline in 2022

Cybercrime has been funded with cryptocurrency, but the valuation of various digital currencies has dropped by more than two-thirds and cybercriminals are feeling the pinch.

Windows Vulnerability Could Crack DC Server Credentials Open

The security flaw tracked as CVE-2022-30216 could allow attackers to perform server spoofing or trigger authentication coercion on the victim.

Lessons From the Cybersecurity Trenches

Threat hunting not only serves the greater good by helping keep users safe, it rewards practitioners with the thrill of the hunt and solving of complex problems. Tap into your background and learn to follow your instincts.

SEPT. 7-9: Ukraine, Election, AI, Cybercrime, 5G Among Topics Explored by 125+ Speakers at 13th Billington Cybersecurity Summit

Heads of CIA and CISA headline event at DC Convention Center.

DEF CON 30: Hackers Come Home to Vibrant Community

After 30 years and a brief pandemic hiatus, DEF CON returns with "Hacker Homecoming," an event that put the humans behind cybersecurity first.

Most Q2 Attacks Targeted Old Microsoft Vulnerabilities

The most heavily targeted flaw last quarter was a remote code execution vulnerability in Microsoft Office that was disclosed and patched four years ago.

Transitioning From VPNs to Zero-Trust Access Requires Shoring Up Third-Party Risk Management

ZTNA brings only marginal benefits unless you ensure that the third parties you authorize are not already compromised.

How and Why to Apply OSINT to Protect the Enterprise

Here's how to flip the tide and tap open source intelligence to protect your users.

Cybercriminals Weaponizing Ransomware Data for BEC Attacks

Attacked once, victimized multiple times: Data marketplaces are making it easier for threat actors to find and use data exfiltrated during ransomware attacks in follow-up attacks.

Patch Madness: Vendor Bug Advisories Are Broken, So Broken

Dustin Childs and Brian Gorenc of ZDI take the opportunity at Black Hat USA to break down the many vulnerability disclosure issues making patch prioritization a nightmare scenario for many orgs.

Software Supply Chain Chalks Up a Security Win With New Crypto Effort

GitHub, the owner of the Node Package Manager (npm), proposes cryptographically linking source code and JavaScript packages in an effort to shore up supply chain security.

Novel Ransomware Comes to the Sophisticated SOVA Android Banking Trojan

Unusually, SOVA, which targets US users, now allows lateral movement for deeper data access. Version 5 adds an encryption capability.

How to Clear Security Obstacles and Achieve Cloud Nirvana

Back-end complexity of cloud computing means there's plenty of potential for security problems. Here's how to get a better handle on SaaS application security.

Microsoft: We Don't Want to Zero-Day Our Customers

The head of Microsoft's Security Response Center defends keeping its initial vulnerability disclosures sparse — it is, she says, to protect customers.

Krebs: Taiwan, Geopolitical Headwinds Loom Large

During a keynote at Black Hat 2022, former CISA director Chris Krebs outlined the biggest risk areas for the public and private sectors for the next few years.

After Colonial Pipeline, Critical Infrastructure Operators Remain Blind to Cyber-Risks

In her keynote address at Black Hat USA 2022, Kim Zetter gives a scathing rebuke of Colonial Pipeline for not foreseeing the attack.

Supply Chain Security Startup Phylum Wins the First Black Hat Innovation Spotlight

Up-and-coming companies shoot their shot in a new feature introduced at the 25th annual cybersecurity conference.

Cyber-Insurance Fail: Most Businesses Lack Ransomware Coverage

Even among businesses with cyber insurance, they lack coverage for basic costs of many cyberattacks, according to a BlackBerry survey.

4 Flaws, Other Weaknesses Undermine Cisco ASA Firewalls

More than 1 million instances of firewalls running Cisco Adaptive Security Appliance (ASA) software have four vulnerabilities that undermine its security, a researcher finds.

New Cross-Industry Group Launches Open Cybersecurity Framework

Eighteen companies, led by Amazon and Splunk, announced the OCSF framework to provide a standard way for sharing threat detection telemetry among different monitoring tools and applications.

Cisco Confirms Data Breach, Hacked Files Leaked

Ransomware gang gained access to the company's VPN in May by convincing an employee to accept a multifactor authentication (MFA) push notification.

The Time Is Now for IoT Security Standards

Industry standards would provide predictable and understandable IoT security frameworks.

New Open Source Tools Launched for Adversary Simulation

The new open source tools are designed to help defense, identity and access management, and security operations center teams discover vulnerable network shares.

New HTTP Request Smuggling Attacks Target Web Browsers

Threat actors can abuse weaknesses in HTTP request handling to launch damaging browser-based attacks on website users, researcher says.

Multiple Vulnerabilities Discovered in Device42 Asset Management Appliance

Four serious security issues on the popular appliance could be exploited by hackers with any level of access within the host network, Bitdefender researchers say.

Many ZTNA, MFA Tools Offer Little Protection Against Cookie Session Hijacking Attacks

Many of the technologies and services that organizations are using to isolate Internet traffic from the internal network lack session validation mechanisms, security startup says.

Rethinking Software in the Organizational Hierarchy

Least privilege is a good defense normally applied only to users. What if we limited apps' access to other apps and network resources based on their roles and responsibilities?

Mimecast Announces Mimecast X1™ Platform Providing Customers With Email and Collaboration Security

Platform engineered to let organizations mitigate risk and manage complexities.

OPSWAT Presents New Malware Analysis Capabilities for Operational Technology at Black Hat USA 2022

Product enhancements to offer full IT and OT threat intelligence services for OPSWAT customers.

Bugcrowd Taps Top Hackers for Live Hacking Event with Indeed at 2022 Black Hat Conference

.

Deepfence ThreatMapper 1.4 Unveils Open Source Threat Graph to Visualize Cloud-Native Threat Landscape

New release also includes enterprise-grade cloud security posture management (CSPM) and YARA-based malware scanning capabilities.

Zero Trust & XDR: The New Architecture of Defense

Zero trust and XDR are complementary and both are necessary in today's modern IT environment. In this article, we discuss the intersection of zero trust and XDR.

Compliance Certifications: Worth the Effort?

Because demonstrating compliance with industry regulations can be cumbersome and expensive, it's important to ensure they're also absolutely essential.

Flow Security Launches Next-Gen Data Security Platform Following $10 Million Seed Round

First-of-its-kind solution discovers and protects both data at rest and in motion.

Looking Back at 25 Years of Black Hat

The Black Hat USA conference's silver jubilee is an opportunity to remember its defining moments, the impact it has made on the security community, and its legacy.

Software Development Pipelines Offer Cybercriminals 'Free-Range' Access to Cloud, On-Prem

A Q&A with NCC Group's Viktor Gazdag ahead of a Black Hat USA session on CI/CD pipeline risks reveals a scary, and expanding, campaign vector for software supply chain attacks and RCE.