API Security Is the New Black

API security is so hot right now.

Adobe, Apple, Cisco, Microsoft Flaws Make Up Half of KEV Catalog

CISA’s Known Exploited Vulnerabilities Catalog has become a valuable repository of vulnerabilities to be patched. A pair of reports analyze the vulnerabilities under attack to understand the kind of threats organizations should be prioritizing.

War and Geopolitical Conflict: The New Battleground for DDoS Attacks

The effectiveness of attacks largely depends on organizations' distributed denial-of-service defenses.

Beyond the Obvious: The Boldest Cybersecurity Predictions for 2023

Dark Reading's panel of security experts deliver a magnum of bubbly hot takes on what 2023 will look like, featuring evil AIs, WWIII, wild workplace soon-to-be-norms, and more.

6 Ways to Protect Your Organization Against LAPSUS$

Businesses need to educate employees the type of social engineering attacks used by hacking group DEV-0537 (LAPSUS$) and strengthen their security posture.

Extracting Encrypted Credentials From Common Tools

Attackers are harvesting credentials from compromised systems. Here's how some commonly used tools can enable this.

After the Uber Breach: 3 Questions All CISOs Should Ask Themselves

How CISOs handle the ethical issues around data breaches can make or break their careers. Don't wait until a breach happens to plot the course forward.

New Year's Surprise: Cybersecurity M&A, Funding Activity Snowballs in Q4

Concerns about recessionary trends impacting the cybersecurity sector in 2022 remained largely unfounded in Q4, as investment activity surged after a Q3 slowdown.

Securing and Improving User Experience for the Future of Hybrid Work

Digital transformation initiatives are challenging because IT still has to make sure performance doesn't suffer by making applications available from anywhere.

Healthcare Providers and Hospitals Under Ransomware's Siege

According to the FBI and Internet Crime Complaint Center, 25% of ransomware complaints involve healthcare providers.

When CISOs Are Ready to Hunt

This is what happens when a CISO gets tired of reacting to attacks and goes on the offensive.

Why Cyber Pros and Forensic Accountants Should Work Together to Mitigate Security Risk

It's time companies build a multilayered approach to cybersecurity.

Will the Crypto Crash Impact Cybersecurity in 2023? Maybe.

Will the bottom falling out of the cryptocurrency market have a profound impact on cybercriminal tactics and business models? Experts weigh in on what to expect.

Why Attackers Target GitHub, and How You Can Secure It

The unfettered collaboration of the GitHub model creates a security headache. Follow these seven principles to help relieve the pain.

The Threat of Predictive Policing to Data Privacy and Personal Liberty

Inaccurate information from data brokers can damage careers and reputations. It's time for US privacy laws to change how law enforcement and legal agencies obtain and act on data.

Internet AppSec Remains Abysmal & Requires Sustained Action in 2023

A variety of initiatives — such as memory-safe languages and software bills of materials — promise more secure applications, but sustained improvements will require that vendors do much better, researchers agree.

Container Verification Bug Allows Malicious Images to Cloud Up Kubernetes

A complete bypass of the Kyverno security mechanism for container image imports allows cyberattackers to completely take over a Kubernetes pod to steal data and inject malware.

Videoconferencing Worries Grow, With SMBs in Cyberattack Crosshairs

Securing videoconferencing solutions is just one of many IT security challenges small businesses are facing, often with limited financial and human resources.

Google: With Cloud Comes APIs & Security Headaches

APIs are key to cloud transformation, but two Google surveys find that cyberattacks targeting them are reaching a tipping point, even as general cloud security issues abound.

Fool Me Thrice? How to Avoid Double and Triple Ransomware Extortion

To stay safer, restrict access to data, monitor for breaches in the supply chain, track relevant data that is sold on the Dark Web, and implement best safety practices.

What Kind of Data Gets Stolen When a Developer is Compromised?

What is the worst that can happen when a developer's machine is compromised? Depending on the developer's position, attackers gain access to nearly everything: SSH keys, credentials, access to CI/CD pipelines and production infrastructure, the works.

Security Is a Second-Class Citizen in High-Performance Computing

Vendors and operators attempt to balance power and security, but right now, power is the highest goal.

Biden Signs Post-Quantum Cybersecurity Guidelines Into Law

The new law holds the US Office of Budget and Management to a road map for transitioning federal systems to NIST-approved PQC.

'Sextortion,' Business Disruption, and a Massive Attack: What Could Be in Store for 2023

Our growing interconnectedness poses almost as many challenges as it does benefits.

Zerobot Adds Brute Force, DDoS to Its IoT Attack Arsenal

Threat actors continue to evolve the malicious botnet, which has also added a list of new vulnerabilities it can use to target devices.

Supply Chain Risks Got You Down? Keep Calm and Get Strategic!

Security leaders must maintain an effective cybersecurity strategy to help filter some of the noise on new vulnerabilities.

Ransomware Attackers Bypass Microsoft's ProxyNotShell Mitigations With Fresh Exploit

The Play ransomware group was spotted exploiting another little-known SSRF bug to trigger RCE on affected Exchange servers.

Heartland Alliance Provides Notice of Data Security Incident

Best Practices for Securing and Governing Your Multicloud Deployment

Organizations can start by integrating functions like detection, prioritization, and remediation on to a single platform.

Paying Ransom: Why Manufacturers Shell Out to Cybercriminals

Lower cybersecurity awareness coupled with vulnerable OT gear makes manufacturers tempting targets, but zero trust can blunt attackers’ advantages.

Kaspersky Research Finds Reverse Engineering Is the Most On-Demand Skill Among InfoSec Specialists

Godfather Banking Trojan Masquerades as Legitimate Google Play App

The malware has resurfaced, using an icon and name similar to the legitimate Google Play app MYT Music, a popular app with more than 10 million downloads.

Why Security Teams Shouldn't Snooze on MFA Fatigue

Employee education, biometric and adaptive authentication, and zero trust can go a long way in strengthening security.

Microsoft Warns on 'Achilles' macOS Gatekeeper Bypass

The latest bypass for Apple's application-safety feature could allow malicious takeover of Macs.

Raspberry Robin Worm Targets Telcos & Governments

With 10 layers of obfuscation and fake payloads, the Raspberry Robin worm is nesting its way deep into organizations.

How AI/ML Can Thwart DDoS Attacks

When properly designed and trained, artificial intelligence and machine learning can help improve the accuracy of DDoS detection and mitigation.

Cybersecurity VMRay Extends Series B Investment to a Total of $34 million USD to Drive Growth Into New Markets

VMRay announces the closing of a Series B led by global alternative asset manager Tikehau Capital, which will fuel further expansion of the product portfolio to target a broader set of market segments.

AWS Elastic IP Transfer Feature Gives Cyberattackers Free Range

Threat actors can take over victims' cloud accounts to steal data, or use them for command-and-control for phishing attacks, denial of service, or other cyberattacks.

Protecting Hospital Networks From 'Code Dark' Scenarios

Asset inventory, behavioral baselining, and automated response are all key to keeping patients healthy and safe.  

Are 100% Security Guarantees Possible?

Large vendors are commoditizing capabilities that claim to provide absolute security guarantees backed up by formal verification. How significant are these promises?

Threat Intelligence Through Web Scraping

Bright Data CEO Or Lenchner discusses how security teams are utilizing public Web data networks to safeguard their organizations from digital risks.

Malicious Python Trojan Impersonates SentinelOne Security Client

A fully functional SentinelOne client is actually a Trojan horse that hides malicious code within; it was found lurking in the Python Package Index repository ecosystem.

Bugcrowd Launches Bug Bounty Program for Australian-Based Navitas

Leading global education provider engages with Bugcrowd Security Researchers to identify threats.

Rethinking Risk After the FTX Debacle

Risk is no longer a single entity, but rather an interconnected web of resources, assets, and users.

Security Skills Command Premiums in Tight Market

Recession fears notwithstanding, cybersecurity skills — both credentialed and noncredentialed — continue to attract higher pay and more job security.

Holiday Spam, Phishing Campaigns Challenge Retailers

Revived levels of holiday spending have caught the eye of threat actors who exploit consumer behaviors and prey on the surge of online payments and digital activities during the holidays.

GitHub Expands Secret Scanning, 2FA Across Platform

Microsoft-owned GitHub is taking steps to secure the open source software ecosystem by rolling out security features to protect code repositories.

Cyber Threats Loom as 5B People Prepare to Watch World Cup Final

The 2022 FIFA Men's World Cup final in Qatar will be the most-watched sporting event in history — but will cybercriminals score a hat trick off its state-of-the-art digital footprint?

Researcher Bypasses Akamai WAF

Patched several months ago, researcher reports how they used Spring Boot to sneak past Akamai's firewall and remotely execute code.

FBI: Criminals Using BEC Attacks to Scavenge Food Shipments

Cybercriminal rats are at play: Several food suppliers and distributors have experienced hundreds of thousands of dollars in losses after fulfilling fraudulently placed orders for food and ingredient shipments.

With SASE Definition Still Cloudy, Forum Proposes Standard

Even without an overarching dictionary of common definitions, the concept of a secure access service edge (SASE) has spread, but a standard could help cloud services work better together.

Iran-Backed Charming Kitten APT Eyes Kinetic Ops, Kidnapping

The not-so-charming APT's intelligence-gathering initiatives are likely being used by the Iranian state to target kidnapping victims.

Zero Trust in the Era of Edge

Accelerating security challenges and the increasing footprint of edge and IoT devices call for zero-trust principles to drive cyber resiliency.

Zero Trust Shouldn’t Be The New Normal

Zero trust is useful in some situations, but organizations should not be trying to fit zero trust everywhere. In some cases, identity-based networking is an appropriate alternative.

Stolen Data on 80K+ Members of FBI-Run InfraGard Reportedly for Sale on Dark Web Forum

InfraGard's members include key security decision-makers and stakeholders from all 16 US civilian critical-infrastructure sectors.

WatchGuard Threat Lab Report Finds Top Threat Arriving Exclusively Over Encrypted Connections

New research also analyzes the commoditization of adversary-in-the-middle attacks, JavaScript obfuscation in exploit kits, and a malware family with Gothic Panda ties.

DDoS Attack Platforms Shut Down in Global Law Enforcement Operation

Sweeping operation took down around 50 popular DDoS platforms, just one of which was used in 30M attacks, Europol says.

Data Destruction Policies in the Age of Cloud Computing

It's time for on-the-record answers to questions about data destruction in cloud environments. Without access, how do you verify data has been destroyed? Do processes meet DoD standards, or do we need to adjust standards to meet reality?

API Flaws in Lego Marketplace Put User Accounts, Data at Risk

Attackers also could breach internal production data to compromise a corporate network using vulnerabilities found in the BrickLink online platform.

Microsoft-Signed Malicious Drivers Usher In EDR-Killers, Ransomware

Malicious Windows drivers signed as legit by Microsoft have been spotted as part of a toolkit used to kill off security processes in post-exploitation cyber activity.

CSAF Is the Future of Vulnerability Management

Version 2.0 of the Common Security Advisory Framework will enable organizations to automate vulnerability remediation.

Apple Zero-Day Actively Exploited on iPhone 15

Without many details, Apple patches a vulnerability that has been exploited in the wild to execute code.

Proofpoint Nabs Illusive, Signaling a Sunset for Deception Tech

Former pure-play deception startup Illusive attracts Proofpoint with its repositioned platform focusing on identity threat detection and response (ITDR).

Royal Ransomware Puts Novel Spin on Encryption Tactics

An emerging cybercriminal group linked with Conti has expanded its partial encryption strategy and demonstrates other evasive maneuvers, as it takes aim at healthcare and other sectors.

Analysis Shows Attackers Favor PowerShell, File Obfuscation

Aiming to give threat hunters a list of popular attack tactics, a cybersecurity team analyzed collections of real-world threat data to find attackers' most popular techniques.

Cybersecurity Drives Improvements in Business Goals

Deloitte's Future of Cyber study highlights the fact that cybersecurity is an essential part of business success and should not be limited to just mitigating IT risks.

Google Launches Scanner to Uncover Open Source Vulnerabilities

OSV-Scanner generates a list of dependencies in a project and checks the OSV database for known vulnerabilities, Google says.

Microsoft Squashes Zero-Day, Actively Exploited Bugs in Dec. Update

Here's what you need to patch now, including six critical updates for Microsoft's final Patch Tuesday of the year.

Accelerating Vulnerability Identification and Remediation

Software teams can now fix bugs faster with faster release cycles, but breach pressure is increasing. Using SBOM and automation will help better detect, prevent, and remediate security issues throughout the software development life cycle.

Security Flaw in Atlassian Products Affecting Multiple Companies

Jira, Confluence,Trello, and BitBucket affected.

Uber Breached, Again, After Attackers Compromise Third-Party Cloud

Threat actors leak employee email addresses, corporate reports, and IT asset information on a hacker forum after an attack on an Uber technology partner.

Amid Outrage, Rackspace Sends Users Email Touting Its Incident Response

More than 10 days after a ransomware attack, affected Rackspace customers are being told the incident had a "limited impact," and have been invited to a webinar for additional details.

Shopify Plus Stores Can Easily Add Passwordless Login With Passkeys Support

Shopify Plus stores can now easily implement passwordless login with Passkeys support to help reduce drop rate and increase conversion using the free OwnID plug-in.

Nearly 4,500 Pulse Connect Secure VPNs Left Unpatched and Vulnerable

Pulse Connect VPN server software received several updates over the years, and thousands of hosts haven't patched.

Popular WAFs Subverted by JSON Bypass

Web application firewalls from AWS, Cloudflare, F5, Imperva, and Palo Alto Networks are vulnerable to a database attack using the popular JavaScript Object Notation (JSON) format.

Palo Alto Networks Xpanse Active Attack Surface Management Automatically Remediates Cyber Risks Before They Lead to Cyberattacks

New Cortex Xpanse features give organizations visibility and control of their attack surfaces to discover, evaluate, and address cyber risks.

Trilio Raises $17M, Appoints Massood Zarrabian as CEO

Funding and new leadership to drive innovation and growth in cloud-native application resiliency; round led by SKK Ventures with T-Mobile and Telefonica.

TikTok Banned on Govt. Devices; Will Private Sector Follow Suit?

Texas and Maryland this week joined three other states in prohibiting accessing the popular social media app from state-owned devices.

Iran-Backed MuddyWater's Latest Campaign Abuses Syncro Admin Tool

MuddyWater joins threat groups BatLoader and Luna Moth, which have also been using Syncro to take over devices.

7 Ways Gaming Companies Can Battle Cybercrime on Their Platforms

Balancing gameplay and security can drive down risks and improve gamers' trust and loyalty.

3 Ways Attackers Bypass Cloud Security

At Black Hat Europe, a security researcher details the main evasion techniques attackers are currently using in the cloud.

CNAPP Shines a Light Into Evolving Cloud Environments

Cloud-native application protection platform (CNAPP) addresses security challenges in multicloud environments, including integrating applications across multicloud or hybrid cloud environments.

Agrius Iranian APT Group Cuts Into Diamond Industry

The supply chain attack is piggybacking off an earlier breach to deploy new wiper malware.

Single Sign-on: It's Only as Good as Your Ability to Use It

Increased federal cybersecurity regulations provide a pivot point for manufacturers to reconsider their access management strategy.

How Do I Use the Domain Score to Determine if a Domain Is a Threat?

To be most effective, protective DNS services need to constantly reassess and rescore domains as additional data comes in.

APT37 Uses Internet Explorer Zero-Day to Spread Malware

IE is still a vector: South Koreans lured in with references to the deadly Halloween celebration crowd crush in Seoul last October.

Report: Air-Gapped Networks Vulnerable to DNS Attacks

Common mistakes in network configuration can jeopardize the security of highly protected assets and allow attackers to steal critical data from the enterprise.

Hacker Fails for the Win

Security researchers share their biggest initial screwups in some of their key vulnerability discoveries.

Android Serves Up a Slew of Security Updates, 4 Critical

Out of more than 80 flaws fixed this month, the most critical was a system component bug that could allow RCE over Bluetooth.

Key Security Announcements From AWS re:Invent 2022

At AWS re:Invent last week, the cloud giant previewed security services including Amazon Security Lake for security telemetry, Verified Permissions for developers, and a VPN bypass service.

4 Arrested for Filing Fake Tax Returns With Stolen Data

Cybercrooks allegedly stole personal data, used it to file IRS tax documents, and routed refunds to bank accounts under their control.

Will New CISA Guidelines Help Bolster Cyber Defenses?

Learn how BOD 23-01 asset inventory mandates can help all organizations tighten cybersecurity.

Shift to Memory-Safe Languages Gains Momentum

Software firms and the National Security Agency urge developers to move to memory-safe programming languages to eliminate a major source of high-severity flaws.

ASM Can Fill Gaps While Working to Implement SBOM

If compiling a software bill of materials seems daunting, attack surface management tools can provide many of the benefits.

Cambridge Centre for Risk Studies and Kivu Release Benchmark of Cost-Effective Responses to Cybercrime

Russia Readies Winter Cyberattacks As Troops Retreat From Ukraine

Microsoft warns that the Kremlin is ramping up cyberattacks against infrastructure and supply chains and starting disinformation campaigns as Russian troops lose on the battlefield.

What Will It Take to Secure Critical Infrastructure?

There's no quick fix after decades of underinvestment, but the process has started. Cybersecurity grants, mandatory reporting protocols, and beefed-up authentication requirements are being put in place.

Name That Edge Toon: Not Your Average Bear

Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.

Cybersecurity Should Focus on Managing Risk

Preventing all data breaches is an unrealistic goal. Instead, focus on finding and minimizing the greatest risks.

Cyberattack Shuts Down French Hospital

Patients transferred and operations canceled following a recent network breach at a hospital in the outskirts of Paris.

The New External Attack Surface: 3 Elements Every Organization Should Monitor

In short, the global Internet is now part of your external attack surface. Here’s how to better protect your users and data.

Palo Alto Networks Announces Medical IoT Security to Protect Connected Devices Critical to Patient Care

The comprehensive zero trust security solution for medical devices lets healthcare organizations automate zero trust policy recommendations and manage new connected technologies quickly and securely.

OpenSSF Membership Exceeds 100, With Many New Members Dedicated to Securing Open Source Software

Introduces a "Developing Secure Software" training course in Japanese at OpenSSF Day Japan.

Malware Authors Inadvertently Take Down Own Botnet

A single improperly formatted command has effectively killed KmsdBot botnet, security vendor says.

Concern Over DDoS Attacks Falls Despite Rise in Incidents

Almost a third of respondents in Fastly's Fight Fire with Fire survey view data breaches and data loss as the biggest cybersecurity threat.

SiriusXM, MyHyundai Car Apps Showcase Next-Gen Car Hacking

A trio of security bugs allow remote attackers to unlock or start the car, operate climate controls, pop the trunk, and more — all via poorly coded mobile apps.

Where Advanced Cyberttackers Are Heading Next: Disruptive Hits, New Tech

Following a year of increasingly disruptive attacks, advanced persistent threat groups will likely only become emboldened in 2023, security experts say.

Newsroom Sues NSO Group for Pegasus Spyware Compromise

Journalists in El Salvador haul NSO Group to US court for illegal surveillance that ultimately compromised their safety.

SOC Turns to Homegrown Machine Learning to Catch Cyber-Intruders

A do-it-yourself machine-learning system helped a French bank detect three types of exfiltration attacks missed by current rules-based systems, attendees will learn at Black Hat Europe.

A Risky Business: Choosing the Right Methodology

Rather than regarding risk assessment as a negative exercise, consider it one that benefits your organization's aims, and then translate the risk level to its impact on operations, reputation, or finances.

AWS Unveils Amazon Security Lake at re:Invent 2022

Amazon Security Lake will allow organizations to create a purpose-built, standards-based data lake to aggregate and store security data.

LastPass Discloses Second Breach in Three Months

The threat actor behind an August intrusion used data from that incident to access customer data stored with a third-party cloud service provider, and affiliate GoTo reports breach of development environment.

One Year After Log4Shell, Most Firms Are Still Exposed to Attack

Though there have been fewer than expected publicly reported attacks involving the vulnerability, nearly three-quarters of organizations remain exposed to it.

Of Exploits and Experts: The Professionalization of Cybercrime

No longer the realm of lone wolves, the world of cybercrime is increasingly strategic, commoditized, and collaborative.

IBM Cloud Supply Chain Vulnerability Showcases New Threat Class

The Hell's Keychain attack vector highlights common cloud misconfigurations and secrets exposure that can pose grave risk to enterprise customers.

Phylum Expands Its Software Supply Chain Security Capabilities, Introduces Automated Vulnerability Reachability

Know what you need to fix today and what you don’t.