Dark Reading:

How Cybercriminals Are Operationalizing Money Laundering and What to Do About It

It's time to share threat intelligence and prioritize digital literacy and cyber hygiene to stem the rising money laundering tide.

Dark Reading:

Name That Edge Toon: For the Birds

Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.

Dark Reading:

Predictions For Securing Today's Hybrid Workforce

Since requirements differ for users who work both from home and in the office, policies — and underlying technology — must adapt.

Dark Reading:

Unleash the Full Potential of Zero-Trust Security

The demand is unmistakeable and the business case is readily justified — it's time to implement zero trust.

Dark Reading:

What CISOs Can Do About Brand Impersonation Scam Sites

Apply these nine tips to proactively fight fraudulent websites that use your brand to rip people off.

Dark Reading:

Iran-Backed Actor Behind 'Holy Souls' Cyberattack on Charlie Hebdo, Microsoft Says

The January attack was in retaliation for the satirical French magazine's decision to launch a cartoon contest to lampoon Iran's Supreme Leader.

Dark Reading:

Scores of Redis Servers Infested by Sophisticated Custom-Built Malware

At least 1,200 Redis servers worldwide have been infected with "HeadCrab" cryptominers since 2021.

Dark Reading:

How the Cloud Is Shifting CISO Priorities

The greatly expanding attack surface created by the cloud needs to be protected.

Dark Reading:

MITRE Releases Tool to Design Cyber-Resilient Systems

Engineers can use the Cyber Resiliency Engineering Framework Navigator to visuzalize their cyber-resiliency capabilities.

Dark Reading:

Hornetsecurity Combats QR Code Phishing With Launch of New Technology

Dark Reading:

Korelock Launches IOT Smart Lock Technology Company

Denver-based business secures Series A Funding through partnerships with Iron Gate Capital and Kozo Keikaku Engineering.

Dark Reading:

Cyberattack on Fintech Firm Disrupts Derivatives Trading Globally

The Russia-linked LockBit ransomware group claims to be behind the attack that fouled automated transactions for dozens of clients of financial technology firm ION Group.

Dark Reading:

6 Examples of the Evolution of a Scam Site

Examining some key examples of recently found fraud sites that target the lucrative retail shoe industry helps us understand how brand impersonation sites evolve.

Dark Reading:

Rising 'Firebrick Ostrich' BEC Group Launches Industrial-Scale Cyberattacks

The group's wanton attacks demonstrate that business email compromise is everything a hacker can want in one package: low risk, high reward, quick, easy, and low effort.

Dark Reading:

Patch Critical Bug Now: QNAP NAS Devices Ripe for the Slaughter

QNAP NAS devices are vulnerable to CVE-2022-27596, which allows unauthenticated, remote SQL code injection.

Dark Reading:

Managing the Governance Model for Software Development in a No-Code Ecosystem

Forward-leading business and technology leaders are seeing the value of the "do-It-yourself" approach.

Dark Reading:

AppSec Playbook 2023: Study of 829M Attacks on 1,400 Websites

The total number of 61,000 open vulnerabilities, including 1,700 critical ones that have been open for 180+ days, exposes businesses to potential attacks.

Dark Reading:

Cybersecurity Leaders Launch First Attack Matrix for Software Supply Chain Security

Current and former cybersecurity leaders from Microsoft, Google, GitLab, Check Point, OWASP, Fortinet and others have already joined the open framework initiative, which is being led by OX Security.

Dark Reading:

ChatGPT May Already Be Used In Nation State Cyberattacks, Say IT Decision Makers in BlackBerry Global Research

Dark Reading:

Discrepancies Discovered in Vulnerability Severity Ratings

Differences in how the National Vulnerability Database (NVD) and vendors score bugs can make patch prioritization harder, study says.

Dark Reading:

Lazarus Group Rises Again, to Gather Intelligence on Energy, Healthcare Firms

An OpSec slip from the North Korean threat group helps researchers attribute what was first suspected as a ransomware attack to nation-state espionage.

Dark Reading:

Why CISOs Should Care About Brand Impersonation Scam Sites

Enterprises often don't know whose responsibility it is to monitor for spoofed brand sites and scams that steal customers' trust, money, and personally identifiable information.

Dark Reading:

Nearly All Firms Have Ties With Breached Third Parties

The average organization does business with 11 third parties, and 98% of organizations do business with a third party who has suffered a breach, an analysis finds.

Dark Reading:

CISA to Open Supply Chain Risk Management Office

A new supply chain risk management office aims to help public and private sectors implement recent CISA policies and guidance.

Dark Reading:

Greater Incident Complexity, Shift in How Threat Actors Use Stolen Data, Will Drive the Cyber Threat Landscape in 2023, Says Beazley Report

Noting 13% year-over-year growth in fraudulent instruction as a cause of loss, report predicts organizations must get smarter about educating employees to spot fraudulent tactics.

Dark Reading:

Radiant Logic Signs Definitive Agreement to Acquire Brainwave GRC

Move will strengthen position as a leader in the identity governance and analytics market.

Dark Reading:

Vista Equity Partners Completes Acquisition of KnowBe4

.

Dark Reading:

Inside Killnet: Pro-Russia Hacktivist Group's Support and Influence Grows

Killnet is building its profile, inspiring jewelry sales and rap anthems. But the impact of its DDoS attacks, like the ones that targeted 14 major US hospitals this week, remain largely questionable.

Dark Reading:

Beating the Odds: 3 Challenges Women Face in the Cybersecurity Industry

Companies need to be aware of the work culture they foster. Diversity and inclusion aren't just buzzwords. Increasing female visibility and improving female mentoring to help women enter and advance within the cybersecurity industry are key steps forward.

Dark Reading:

Gem Security Emerges From Stealth With $11M, Unveils Cloud TDIR Platform for Faster Response to Cloud Threats

Gem Security provides the world's first holistic approach for Cloud TDIR, bridging the gap between cloud complexity and security operations.

Dark Reading:

Command-Injection Bug in Cisco Industrial Gear Opens Devices to Complete Takeover

Two security holes — one particularly gnarly — could allow hackers the freedom to do as they wish with the popular edge equipment.

Dark Reading:

Contrast Security Launches Alliance Program to Change the Way Customers Scale Their Security Solutions

The Security Innovation Alliance (SIA) empowers customers to create holistic security programs by leveraging robust end-to-end integration partnerships.

Dark Reading:

Fortra's Terranova Security 2022 Gone Phishing Tournament Results Reveal Large Organizations at Highest Risk of Compromising Data

Findings underscore security awareness training that leverages practical, hands-on exercises is essential to creating a security-aware culture.

Dark Reading:

Application Security Must Be Nonnegotiable

Companies need to keep security priorities top of mind during economic downturns so all-important revenue generation doesn't come with a heaping side order of security problems.

Dark Reading:

KnowBe4 to Offer $10,000 to Black Americans in Cybersecurity Scholarship

KnowBe4 partners with the Center for Cyber Safety and Education to support Black Americans in recognition of Black History Month to help further education.

Dark Reading:

ManageEngine Study Finds United States Enterprises Hit by Short-Staffed Security Operations Centers

Study also reveals enterprises rely on multiple tools to ensure cloud security.

Dark Reading:

Google Fi Users Caught Up in T-Mobile Breach

Google Fi mobile customers have been alerted that their SIM card serial numbers, phone numbers, and other data were exposed in T-Mobile hack.

Dark Reading:

Checkmarx Launches Threat Intelligence for Open Source Packages

The new API incorporates threat intelligence research and employs machine learning to identify threats in the supply chain.

Dark Reading:

How Can Disrupting DNS Communications Thwart a Malware Attack?

Malware eventually has to exfiltrate the data it accessed. By watching DNS traffic for suspicious activity, organizations can halt the damage.

Dark Reading:

Firmware Flaws Could Spell 'Lights Out' for Servers

Five vulnerabilities in the baseboard management controller (BMC) software used by 15 major vendors could allow remote code execution if attackers gain network access.

Dark Reading:

Critical VMware RCE Vulnerabilities Targeted by Public Exploit Code

Security vulnerabilities in VMware's vRealize Log Insight platform can be chained together to offer a cybercriminals a gaping hole to access corporate crown jewels.

Dark Reading:

Phishers Trick Microsoft Into Granting Them 'Verified' Cloud Partner Status

Everyone on Twitter wants a blue check mark. But Microsoft Azure's blue badges are even more valuable to a threat actor stealing your data via malicious OAuth apps.

Dark Reading:

Poser Hackers Impersonate LockBit in SMB Cyberattacks

Recent cyberattacks against SMBs across Europe have been traced back to copycat groups using leaked LockBit locker malware.

Dark Reading:

Will Cybersecurity Remain Recession-Proof in 2023?

Demand for skilled professionals will remain high, but cyber budgets will be eaten away.

Dark Reading:

NanoLock Addresses Global Industrial & OT Cyber Demand with Expansions into Europe and North America

To meet a pressing demand for industrial and OT security, zero-trust, device-level cybersecurity provider expands with strategic hires in new and established markets.

Dark Reading:

New Survey Reveals 40% of Companies Experienced a Data Leak in the Past Year

SysKit report highlighting effects of digital transformation on IT admins and governance landscape released.

Dark Reading:

Aura and Nonprofit Cyversity Partner to Support a More Inclusive Cyber Workforce

Mentoring, scholarships, and professional development opportunities will be offered to those underrepresented in the industry through the collaboration.

Dark Reading:

Sentra Raises $30 Million Series A Financing to Meet Growing Demand for Data Security in the Cloud

Standard Investments leads round with participation from Munich Re Ventures, Moore Strategic Ventures, Bessemer Venture Partners, and Zeev Ventures.

Dark Reading:

Are Your Employees Thinking Critically About Their Online Behaviors?

Three mindset shifts will help employees build a habit of vigilance and make better security decisions. Move past security theater to reframe thinking so employees understand data's value, act with intention, and follow data best practices.

Dark Reading:

Russia's Sandworm APT Launches Swarm of Wiper Attacks in Ukraine

The incidents are the latest indication of the growing popularity of dangerous disk wipers, created to disrupt and degrade critical infrastructure and other organizations.

Dark Reading:

SentinelOne and KPMG Announce Alliance To Accelerate Cyber Investigations and Response

Dark Reading:

Cybercrime Ecosystem Spawns Lucrative Underground Gig Economy

The complex nature of cyberattacks has increased demand for software developers, reverse engineers, and offensive specialists — attracting workers facing financial insecurity.

Dark Reading:

10M JD Sports Customers' Info Exposed in Data Breach

UK sportswear retailer asks exposed customers to stay "vigilant" against phishing attempts following cyberattack.

Dark Reading:

IT and Security Professionals Spend an Average of 4,300 Hours Annually Achieving or Maintaining Compliance

New research from Drata shows compliance remains a business challenge for many organizations.

Dark Reading:

The Threat from Within: 71% of Business Leaders Surveyed Think Next Cybersecurity Breach Will Come from the Inside

Dark Reading:

Make Developers the Driver of Software Security Excellence

Those who are wrangling code every day could fuel a genuinely transformational approach to security — if they are adequately upskilled.

Dark Reading:

How $6 Can Buy Hacked Social Media & Streaming Accounts From the Dark Web, Whizcase Study Reveals

Dark Reading:

Facebook Bug Allows 2FA Bypass Via Instagram

The Instagram rate-limiting bug, found by a rookie hunter, could be exploited to bypass Facebook 2FA in vulnerable apps, researcher reports.

Dark Reading:

Fake Texts From the Boss, Bogus Job Postings and Frankenstein Shoppers — Oh My!

Experian’s annual Future of Fraud Forecast highlights five fraud threats facing businesses and consumers in 2023.

Dark Reading:

Convincing, Malicious Google Ads Look to Lift Password Manager Logins

Users searching for Bitwarden and 1Password's Web vaults on Google have recently reported seeing paid ads with links to cleverly spoofed sites for stealing credentials to their password vaults.