Siemplify veterans introduce Cloud Security Orchestration and Remediation platform, backed by high-profile investors including YL Ventures, Tiger Global, and CEOs of CrowdStrike and CyberArk
By Elizabeth Montalbano, Contributor, Dark Reading β September 13th 2022 at 14:13
The ransomware gang has been seen exploiting a Mitel RCE flaw discovered in VoIP devices in April (and patched in July) to perform double-extortion attacks.
By Robert Lemos, Contributing Writer, Dark Reading β September 13th 2022 at 13:00
An analysis of cloud services finds that known vulnerabilities typically open the door for attackers, while insecure cloud architectures allow them to gain access to the crown jewels.
By Nathan Eddy, Contributing Writer, Dark Reading β September 12th 2022 at 21:28
Opswat says its new tool uses neural networks to protect critical environments through AI-assisted asset discovery, network visibility, and risk management.
By Stephen Lawton, Contributing Writer β September 12th 2022 at 19:46
The American Data Privacy and Protection Act would provide federal-level protections that don't exist in most states, but override existing, stronger state protections.
By Carlo Massimo, Freelance Writer β September 9th 2022 at 20:18
Security Pro File: The DevOps evangelist and angel investor shares his expertise with the next generation of startups. If you're lucky, maybe he'll even share his Lagavulin.
By Jai Vijayan, Contributing Writer, Dark Reading β September 9th 2022 at 17:56
The critical flaw in BackupBuddy is one of thousands of security issues reported in recent years in products that WordPress sites use to extend functionality.
By Tara Seals, Managing Editor, News, Dark Reading β September 9th 2022 at 16:48
The Treasury Department links the MuddyWater APT and APT39 to Iran's intelligence apparatus, which is now blocked from doing business with US entities.
By Robert Lemos, Contributing Writer, Dark Reading β September 9th 2022 at 14:29
Microsoft moves ahead with a plan to sunset basic authentication, and other providers are moving β or have moved β to requiring more secure authentication as well. Is your company ready?
By Nathan Eddy, Contributing Writer, Dark Reading β September 9th 2022 at 14:22
A sweeping effort to prevent a raft of targeted cybercrime groups from posting ransomware victims' data publicly is hampering their operations, causing outages.
By Johannes Lintzen, Managing Director, Cryptomathic β September 8th 2022 at 17:00
From analyzing your company's risk profile to knowing where keys are stored and who can access them, prioritize key clean-up and management. Make compliance an outcome and develop a risk management strategy.
By Jai Vijayan, Contributing Writer, Dark Reading β September 8th 2022 at 15:20
A slew of Microsoft Exchange vulnerabilities (including ProxyLogon) fueled a surge in attacks targeting software flaws in 2021, but the trend has continued this year.
By Elizabeth Montalbano, Contributor, Dark Reading β September 8th 2022 at 14:39
The initial access broker (IAB) for ransomware gangs known as UAC-0098 has targeted Ukrainian organizations in five separate phishing campaigns spanning April to August.
Multiclient research report shows organizations are significantly increasing efforts to secure their supply chains in response to software supply chain attacks.
By Nathan Eddy, Contributing Writer, Dark Reading β September 7th 2022 at 21:50
Penetration testing not only serves to triage and validate other defect discovery activities, it informs risk management activities, such as threat modeling and secure design.
By Becky Bracken, Editor, Dark Reading β September 7th 2022 at 19:30
After a high-profile 2017 breach and a Holiday Inn ransomware hit earlier this year, IHG confirms that its booking channels and applications have been disrupted in yet another cyberattack.
By Marc Rogers, Senior Director of Cybersecurity, Okta β September 7th 2022 at 17:00
Continued collaboration will help win the fight as cybersecurity remains a national priority. International and public-private cooperation is helping stem the damage from ransomware threats and cyberattacks.
By Tara Seals, Managing Editor, News, Dark Reading β September 7th 2022 at 15:53
The Shikitega malware takes over IoT and endpoint devices, exploits vulnerabilities, uses advanced encoding, abuses cloud services for C2, installs a cryptominer, and allows full remote control.
By Elizabeth Montalbano, Contributor, Dark Reading β September 7th 2022 at 14:37
APT42 is posing as a friend to people considered threats to the government, using a raft of different tools to steal relevant info and perform surveillance.
By Aaron Sandeen, CEO & Co-Founder, Cyber Security Works β September 8th 2022 at 14:00
A relative newcomer to the ransomware scene, the BlackCat group quickly gained notoriety and may be associated with other APT groups like Conti and DarkSide.
By Robert Lemos, Contributing Writer, Dark Reading β September 6th 2022 at 20:44
The threat actor β whose techniques and procedures do not match known groups β has created custom attack tools, including a program that hides scripts in .PNG images.
By Ericka Chickowski, Contributing Writer, Dark Reading β September 6th 2022 at 20:16
What under-the-hood details of newly discovered attack control panel tell us about how the Evil Corp threat group manages its ServHelper backdoor malware campaigns.
By Dark Reading Staff, Dark Reading β September 6th 2022 at 19:51
Hours after Los Angeles Unified School District was hit with ransomware attack, CISA issued an alert that threat actors are actively targeting the education sector.
By Dark Reading Staff, Dark Reading β September 6th 2022 at 17:51
This is the fourth DeadBolt campaign this year against QNAP customers, but it differs from previous attacks in exploiting an unpatched bug instead of a known vulnerability.
By Jai Vijayan, Contributing Writer, Dark Reading β September 6th 2022 at 13:00
Ransomware in particular poses a major threat, but security vendors say there has been an increase in Linux-targeted cryptojacking, malware, and vulnerability exploits as well, and defenders need to be ready.
By Dark Reading Staff, Dark Reading β September 2nd 2022 at 19:02
The US government and the Open Source Security Foundation have released guidance to shore up software supply chain security, and now it's up to developers to act.
By Nathan Eddy, Contributing Writer, Dark Reading β September 2nd 2022 at 18:56
The operators of the emerging cross-platform ransomware BianLian increased their command and control infrastructure this month, indicating an acceleration in their operational pace.
Our digital future depends on the choices we make today. We need to invest in cybersecurity technologies and skills so that humanity can control its future.
By Robert Lemos, Contributing Writer, Dark Reading β September 2nd 2022 at 16:52
Infections attributed to the USB-based worm have taken off, and now evidence links the malware to Dridex and the sanctioned Russian cybercriminal group Evil Corp.
By Tara Seals, Managing Editor, News, Dark Reading β September 2nd 2022 at 15:16
Thousands of corporate mobile apps developed by businesses for use by their customers contain hardcoded AWS tokens that can be easily extracted and used to access the full run of corporate data stored in cloud buckets.
Login
.jpg)
.png)
FreshRSS