Dark Reading:

How to Attract More Computer Science Grads to the Cybersecurity Field

With 465,000 cybersecurity job openings in the United States, why is recruiting so difficult? A recent college graduate offers his take.

Dark Reading:

Attackers Exploited 4 Zero-Day Flaws in Chrome, Safari & IE

At least two government-backed actors -- including one Russian group -- used the now-patched flaws in separate campaigns, Google says.

Dark Reading:

State Dept. to Pay Up to $10M for Information on Foreign Cyberattacks

The Rewards for Justice program, a counterterrorism tool, is now aimed at collecting information on nation-states that use hackers to disrupt critical infrastructure.

Dark Reading:

CISA Launches New Website to Aid Ransomware Defenders

StopRansomware.gov provides information to help organizations protect against, and respond to, ransomware attacks.

Dark Reading:

Microsoft: Israeli Firm's Tools Used to Target Activists, Dissidents

Candiru sold spyware that exploited Windows vulnerabilities and had been used in attacks against dissidents, activists, and journalists.

Dark Reading:

IoT-Specific Malware Infections Jumped 700% Amid Pandemic

Gafgyt and Mirai malware represented majority of IoT malware, new data from Zscaler shows.

Dark Reading:

How to Bridge On-Premises and Cloud Identity

Identity fabric, a cloud-native framework, removes the need for multiple, siloed, proprietary identity systems.

Dark Reading:

What to Look for in an Effective Threat Hunter

The most important personality traits, skills, and certifications to look for when hiring a threat hunting team.

Dark Reading:

SonicWall: 'Imminent' Ransomware Attack Targets Older Products

The attack exploits a known vulnerability that was fixed in new versions of firmware released this year.

Dark Reading:

Google to Bring HTTPS-First Mode to Chrome Browser

Beginning in M94, Chrome will offer HTTPS-First Mode, which will attempt to upgrade all page loads to HTTPS.

Dark Reading:

Targeted Attack Activity Heightens Need for Orgs. to Patch New SolarWinds Flaw

A China-based threat actor -- previously observed targeting US defense industrial base organizations and software companies -- is exploiting the bug in SolarWinds' Serv-U software, Microsoft says.

Dark Reading:

Did the Cybersecurity Workforce Gap Distract Us From the Leak?

Cyber games can play a critical role in re-engaging our workforce and addressing the employee retention crisis.

Dark Reading:

10 Mistakes Companies Make In Their Ransomware Responses

Hit by ransomware? These missteps can take a bad scenario and make it even worse.

Dark Reading:

4 Integrated Circuit Security Threats and How to Protect Against Them

Little-understood threats involving the IC supply chain are putting organizations around the world at risk.

Dark Reading:

New Phishing Campaign Targets Individuals of Interest to Iran

TA453 group spoofed two scholars at University of London to try and gain access to email inboxes belonging to journalists, think tank personnel, academics, and others, security vendor says.

Dark Reading:

Microsoft Patches 3 Windows Zero-Days Amid 117 CVEs

The July Patch Tuesday release also includes the out-of-band fix for the Windows Print Spooler remote code execution flaw under attack.

Dark Reading:

DoD-Validated Data Security Startup Emerges From Stealth

The Code-X platform has been tested by the US Department of Defense and members of the intelligence community.

Dark Reading:

Why We Need to Raise the Red Flag Against FragAttacks

Proliferation of wireless devices increases the risk that corporate networks will be attacked with this newly discovered breed of Wi-Fi-based cyber assault.

Dark Reading:

Enterprises Altering Their Supply Chain Defenses on Heels of Latest Breaches

More than half of enterprises surveyed for Dark Reading's State of Malware Threats report indicate they are making at least a few changes to their supply chain security defenses following recent attacks on software vendors such as SolarWinds.

Dark Reading:

Can Government Effectively Help Businesses Fight Cybercrime?

From the Biden administration's pledge to take action to INTERPOL's focus on ransomware as a global threat, governments are looking to help businesses cope with cyberattacks. But can it really work?

Dark Reading:

The Trouble With Automated Cybersecurity Defenses

While there's enormous promise in AI-powered tools and machine learning, they are very much a double-edged sword.

Dark Reading:

Tool Sprawl & False Positives Hold Security Teams Back

Security teams spend as much time addressing false positive alerts as they do addressing actual cyberattacks, survey data shows.

Dark Reading:

SolarWinds Discloses Zero-Day Under Active Attack

The company confirms this is a new vulnerability that is not related to the supply chain attack discovered in December 2020.

Dark Reading:

Microsoft Confirms Acquisition of RiskIQ

RiskIQ's technology helps businesses assess their security across the Microsoft cloud, Amazon Web Services, other clouds, and on-premises.

Dark Reading:

Kaseya Releases Security Patch as Companies Continue to Recover

Estimates indicate the number of affected companies could grow, while Kaseya faces renewed scrutiny as former employees reportedly criticize its lack of focus on security.

Dark Reading:

AI and Cybersecurity: Making Sense of the Confusion

Artificial intelligence is a maturing area in cybersecurity, but there are different concerns depending on whether you're a defender or an attacker.

Dark Reading:

Navigating Active Directory Security: Dangers and Defenses

Microsoft Active Directory, ubiquitous across enterprises, has long been a primary target for attackers seeking network access and sensitive data.

Dark Reading:

How Dangerous Is Malware? New Report Finds It's Tough to Tell

Determining which malware is most damaging, and worthy of immediate attention, has become difficult in environments filled with alerts and noise.

Dark Reading:

CISA Analysis Reveals Successful Attack Techniques of FY 2020

The analysis shows potential attack paths and the most effective techniques for each tactic documented in CISA's Risk and Vulnerability Assessments.

Dark Reading:

New Framework Aims to Describe & Address Complex Social Engineering Attacks

As attackers use more synthetic media in social engineering campaigns, a new framework is built to describe threats and provide countermeasures.

Dark Reading:

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry

The ElectroRAT Trojan attacker's success highlights the increasingly sophisticated nature of threats to cryptocurrency exchanges, wallets, brokerages, investing, and other services.

Dark Reading:

It's in the Game (but It Shouldn't Be)

Five ways that game developers (and others) can avoid falling victim to an attack like the one that hit EA.

Dark Reading:

Cartoon Caption Winner: Sight Unseen

And the winner of Dark Reading's June contest is ...

Dark Reading:

Morgan Stanley Discloses Data Breach

Attackers were able to compromise customers' personal data by targeting the Accellion FTA server of a third-party vendor.

Dark Reading:

New WildPressure Malware Capable of Targeting Windows and MacOS

The Trojan sends information back to the attackers' servers about the programming language of a target device.

Dark Reading:

Kaseya Hacked via Authentication Bypass

The Kaseya ransomware attack is believed to have been down to an authentication bypass. Yes, ransomware needs to be on your radar -- but good authentication practices are also imperative.

Dark Reading:

The NSA's 'New' Mission: Get More Public With the Private Sector

The National Security Agency's gradual emergence from the shadows was "inevitable" in cybersecurity, says Vinnie Liu, co-founder and CEO of offensive security firm Bishop Fox and a former NSA analyst. Now the agency has to figure out how to best work with the private sector, especially organizations outside the well-resourced and seasoned Fortune 100.

Dark Reading:

What Colonial Pipeline Means for Commercial Building Cybersecurity

Banks and hospitals may be common targets, but now commercial real estate must learn to protect itself against stealthy hackers.

Dark Reading:

Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours

Automation allowed a REvil affiliate to move from exploitation of vulnerable servers to installing ransomware on downstream companies faster than most defenders could react.

Dark Reading:

Fake Android Apps Promise Cryptomining Services to Steal Funds

Researchers discover more than 170 Android apps that advertise cloud cryptocurrency mining services and fail to deliver.

Dark Reading:

Sophos Acquires Capsule8 for Linux Server & Container Security

The deal was announced the same day ZeroFox bought Dark Web intelligence firm Vigilante as a wave of security M&A continues.

Dark Reading:

Are Security Attestations a Necessity for SaaS Businesses?

Are security attestations becoming business imperatives, or are they merely token additions on the list of regulatory requirements?

Dark Reading:

Microsoft Releases Emergency Patch for 'PrintNightmare' Vuln

It urges organizations to immediately apply security update, citing exploit activity.

Dark Reading:

Security 101: The 'PrintNightmare' Flaw

A closer look at the printer software vulnerability - and what you can do about it.

Dark Reading:

Autonomous Security Is Essential if the Edge Is to Scale Properly

Service demands at the network edge mean customers need to get cost, performance, and security right.

Dark Reading:

Researchers Learn From Nation-State Attackers' OpSec Mistakes

Security researchers discuss how a series of simple and consistent mistakes helped them learn more about ITG18, better known as Charming Kitten.

Dark Reading:

Workers Careless in Sharing & Reusing Corporate Secrets

A new survey shows leaked enterprise secrets costs companies millions of dollars each year.

Dark Reading:

It's High Time for a Security Scoring System for Applications and Open Source Libraries

A benchmarking system would help buyers choose more secure software products and, more importantly, light a fire underneath software producers to make products secure.

Dark Reading:

Alleged Cybercriminal Arrested in Morocco Following Interpol Probe

The suspect operated under the name "Dr Hex" to target thousands of people through phishing, fraud, and carding activities.

Dark Reading:

Cyberattack on Kaseya Nets More Than 1,000 Victims, $70M Ransom Demand

The provider of remote monitoring and management services warns customers to not run its software until a patch is available and manually installed.

Dark Reading:

8 Ways to Preserve Legal Privilege After a Cybersecurity Incident

Knowing your legal distinctions can make defense easier should you end up in court after a breach, attack, or data loss.

Dark Reading:

Watch for Cybersecurity Games at the Tokyo Olympics

The cybersecurity professionals guarding the Summer Olympics are facing at least as much competition as the athletes, and their failure could have steeper ramifications.

Dark Reading:

Barracuda Agrees to Acquire Skout Cybersecurity

The acquisition will bring Barracuda into the extended detection and response (XDR) market with a tool for managed service providers.

Dark Reading:

Secured-Core PCs May Mitigate Firmware Attacks, but Adoption Lags

Microsoft maintains that exploitation of recent Dell vulnerabilities would be blocked on ultra-secure PCs - but most systems do not have the technology yet.

Dark Reading:

Microsoft Issues New CVE for 'PrintNightmare' Flaw

Company says remote code execution issue in all Windows versions is different from one in Windows Print Spooler that it had patched last month, though both affect same function.

Dark Reading:

SOC Investment Improves Detection and Response Times, Data Shows

A survey of IT and security pros finds many are confident in their ability to detect security incidents in near-real time or within minutes.

Dark Reading:

5 Mistakes That Impact a Security Team's Success

The way we work and treat each other go a long way in improving our organizations' security posture.

Dark Reading:

WFH: A Smart Time to Revisit Employee Use of Social Media

Employers have their hands full when it comes to monitoring online activities that could hurt the brand or violate the organization's core values.

Dark Reading:

GitHub Unveils AI Tool to Speed Development, but Beware Insecure Code

The company has created an AI system, dubbed Copilot, to offer code suggestions to developers, but warns that any code produced should be tested for defects and vulnerabilities.

Dark Reading:

CISA Urges Orgs to Disable Windows Print Spooler on Critical Systems

Patches Microsoft issued last month not effective against exploits targeting "PrintNightmare" flaw, agency and others say.