By Robert Lemos, Contributing Writer, Dark Reading β September 6th 2022 at 20:44
The threat actor β whose techniques and procedures do not match known groups β has created custom attack tools, including a program that hides scripts in .PNG images.
By Ericka Chickowski, Contributing Writer, Dark Reading β September 6th 2022 at 20:16
What under-the-hood details of newly discovered attack control panel tell us about how the Evil Corp threat group manages its ServHelper backdoor malware campaigns.
By Dark Reading Staff, Dark Reading β September 6th 2022 at 19:51
Hours after Los Angeles Unified School District was hit with ransomware attack, CISA issued an alert that threat actors are actively targeting the education sector.
By Dark Reading Staff, Dark Reading β September 6th 2022 at 17:51
This is the fourth DeadBolt campaign this year against QNAP customers, but it differs from previous attacks in exploiting an unpatched bug instead of a known vulnerability.
By Jai Vijayan, Contributing Writer, Dark Reading β September 6th 2022 at 13:00
Ransomware in particular poses a major threat, but security vendors say there has been an increase in Linux-targeted cryptojacking, malware, and vulnerability exploits as well, and defenders need to be ready.
By Dark Reading Staff, Dark Reading β September 2nd 2022 at 19:02
The US government and the Open Source Security Foundation have released guidance to shore up software supply chain security, and now it's up to developers to act.
By Nathan Eddy, Contributing Writer, Dark Reading β September 2nd 2022 at 18:56
The operators of the emerging cross-platform ransomware BianLian increased their command and control infrastructure this month, indicating an acceleration in their operational pace.
Our digital future depends on the choices we make today. We need to invest in cybersecurity technologies and skills so that humanity can control its future.
By Robert Lemos, Contributing Writer, Dark Reading β September 2nd 2022 at 16:52
Infections attributed to the USB-based worm have taken off, and now evidence links the malware to Dridex and the sanctioned Russian cybercriminal group Evil Corp.
By Tara Seals, Managing Editor, News, Dark Reading β September 2nd 2022 at 15:16
Thousands of corporate mobile apps developed by businesses for use by their customers contain hardcoded AWS tokens that can be easily extracted and used to access the full run of corporate data stored in cloud buckets.
By Edge Editors, Dark Reading β September 2nd 2022 at 00:00
IT has to get its hands around cloud data sprawl. Another area of focus should be on ghost data, as it expands the organization's cloud attack surface.
By Jai Vijayan, Contributing Writer, Dark Reading β September 1st 2022 at 20:35
"JuiceLedger" has escalated a campaign to distribute its information stealer by now going after developers who published code on the widely used Python code repository.
By Robert Lemos, Contributing Writer, Dark Reading β September 1st 2022 at 19:49
The expanding Internet of Things ecosystem is seeing a startling rate of vulnerability disclosures, leaving companies with a greater need for visibility into and patching of IoT devices.
By Elizabeth Montalbano, Contributor, Dark Reading β September 1st 2022 at 14:45
Apple continues a staged update process to address a WebKit vulnerability that allows attackers to craft malicious Web content to load malware on affected devices.
After a rigorous pilot program, the association's newest certification is officially operational. More than 1,500 pilot participants who passed the exam are on the path to full certification.
By Tara Seals, Managing Editor, News, Dark Reading β August 31st 2022 at 20:09
The ongoing campaign is spreading worldwide, using the lure of a fully functional Google Translate application for desktops that has helped the threat stay undetected for months.
Managed firewalls are increasingly popular. This post examines the strengths and weaknesses of managed firewalls to help your team decide on the right approach.
(ISC)Β² pledges to expand and diversify the cybersecurity workforce by providing free "(ISC)Β² Certified in Cybersecurity" education and exams to 1 million people worldwide.
By Ofer Maor, CTO and Co-Founder, Mitiga β August 31st 2022 at 14:00
While cloud breaches are going to happen, that doesn't mean we can't do anything about them. By better understanding cloud attacks, organizations can better prepare for them. (First of two parts.)
By Dark Reading Staff, Dark Reading β August 30th 2022 at 20:00
Analysts find five cookie-stuffing extensions, including one that's Netflix-themed, that track victim browsing and insert rogue IDs into e-commerce sites to rack up fake affiliate payments.
By Nathan Eddy, Contributing Writer, Dark Reading β August 30th 2022 at 17:34
The phishing campaign deploying a ScanBox reconnaissance framework has targeted the Australian government and companies maintaining wind turbines in the South China Sea.
By Edward Liebig, Global Director of Cyber-Ecosystem, Hexagon β August 30th 2022 at 17:00
The relationship between information technology and operational technology will need top-down support if a holistic security culture is to truly thrive.
Nearly half of respondents say their company relies on outdated backup and recovery infrastructure β in some cases dating back to the 1990s, before today's sophisticated cyberattacks.
By Robert Lemos, Contributing Writer, Dark Reading β August 30th 2022 at 13:33
The search engine giant's Vulnerability Rewards Program now covers any Google open source software projects β with a focus on critical software such as Go and Angular.
By Dark Reading Staff, Dark Reading β August 29th 2022 at 19:00
Documents appear to show that Israeli spyware company Intellexa sold a full suite of services around a zero-day affecting both Android and iOS ecosystems.
By Michael Bargury, CTO & Co-Founder, Zenity β August 29th 2022 at 16:55
Low/no-code tools allow citizen developers to design creative solutions to address immediate problems, but without sufficient training and oversight, the technology can make it easy to make security mistakes.
By Robert Lemos, Contributing Writer, Dark Reading β August 29th 2022 at 14:34
Businesses need to re-evaluate their cyber-insurance policies as firms like Lloyd's of London continue to add restrictions, including excluding losses related to state-backed cyberattackers.
By Stephen Lawton, Contributing Writer β September 21st 2022 at 16:18
After one company suffered a breach that could have been headed off by the MFA it claimed to have, insurers are looking to confirm claimed cybersecurity measures.
By Jai Vijayan, Contributing Writer, Dark Reading β August 26th 2022 at 15:45
Microsoft and others say they have observed nation-state actors, ransomware purveyors, and assorted cybercriminals pivoting to an open source attack-emulation tool in recent campaigns.
By Robert Lemos, Contributing Writer, Dark Reading β August 26th 2022 at 14:05
Consumers gain control of their data while companies build better relationships with their customers β but third-party ad-tech firms will likely continue to stand in the way.
Login
FreshRSS