What Apple's RSRs Reveal About Mac Patch Management

Apple's Rapid Security Response updates are designed to patch critical security vulnerabilities, but how much good can they do when patching is a weeks-long process?

Investment May Be Down, but Cybersecurity Remains a Hot Sector

There's still a great deal of capital available for innovative companies helping businesses secure their IT environments.

New eID Scheme Gives EU Citizens Easy Access to Public Services Online

The European Commission voted a new electronic identification scheme that creates new opportunities for EU citizens and businesses.

Mirai Variant Opens Tenda, Zyxel Gear to RCE, DDoS

Researchers have observed several cyberattacks leveraging a botnet called IZ1H9, which exploits vulnerabilities in exposed devices and servers running on Linux.

Focus Security Efforts on Choke Points, Not Visibility

By finding the places where attack paths converge, you can slash multiple exposures in one fix for more efficient remediation.

Salesforce 'Ghost Sites' Expose Sensitive Corporate Data

Some companies have moved on from using Salesforce. But without remembering to fully deactivate their clouds, Salesforce won't move on from them.

Spotlight on 2023 Dan Kaminsky Fellow: Dr. Gus Andrews

As the second Kaminsky Fellow, Dr. Andrews will study the use of threat intelligence to track campaigns against the human rights community.

Human-Assisted CAPTCHA-Cracking Services Supercharge Shopper Bots

On-demand human solvers are now augmenting automated website cyberattacks, offering a better way around tougher anti-bot puzzles.

421M Spyware Apps Downloaded Through Google Play

A Trojan SDK snuck past Google Play protections to infest 101 Android applications, bent on exfiltrating infected device data.

Undetected Attacks Against Middle East Targets Conducted Since 2020

Targeted attacks against Saudi Arabia and other Middle East nations have been detected with a tool that's been in the wild since 2020.

9M Dental Patients Affected by LockBit Attack on MCNA

The government-sponsored dental and oral healthcare provider warned its customers that a March attack exposed sensitive data, some of which was leaked online by the ransomware group.

Pentagon Leaks Emphasize the Need for a Trusted Workforce

Tightening access controls and security clearance alone won't prevent insider threat risks motivated by lack of trust or loyalty.

Top Cyberattacks Revealed in New Threat Intelligence Report

New report provides actionable intelligence about attacks, threat actors, and campaigns.

2 Lenses for Examining the Safety of Open Source Software

Improving the security of open source repositories and keeping malicious components out requires a combination of technology and people.

130K+ Patients' Social Security Numbers Leaked in UHS of Delaware Data Breach

Tesla Whistleblower Leaks 100GB of Data, Revealing Safety Complaints

Informants have released data that includes thousands of safety complaints the company has received about its self-driving capability, as well as sensitive information regarding current and past employees.

Travel-Themed Phishing, BEC Campaigns Get Smarter as Summer Season Arrives

Phishing campaigns targeting travelers have evolved from simple, easy-to-spot fraud attempts to highly sophisticated operations.

'Volt Typhoon' Breaks Fresh Ground for China-Backed Cyber Campaigns

This is the first incident where a threat actor from the country appears to be laying the groundwork for disruptive attacks in the future, researchers say.

Lazarus Group Striking Vulnerable Windows IIS Web Servers

The infamous North Korean APT group is using Log4Shell, the 3CX supply chain attack, and other known vectors to breach Microsoft Web servers.

Netflix's Password-Sharing Ban Offers Security Upsides

The streaming giant is looking to bolster flagging subscription growth and profits, but security researchers say the move offers a perfect opportunity to encourage better password hygiene and account safety.

Perception Point Report Finds That Advanced Phishing Attacks Grew by 356% in 2022

Perception Point's 2023 Annual Report: Cybersecurity Trends & Insights' analyzes the most prevalent cyberattack trends amidst today's complex threat landscape, identifying an overall increase of 87% in the total number of attacks over the course of last year.

Memcyco Delivers Real-Time Brandjacking Detection and Protection Solution

Bank of Ghana Opens SOC to Enable Threat Intelligence Sharing

Bank of Ghana's security operations center will boost visibility into threats and enable threat intelligence sharing, it says.

CISO Criminalization, Vague Cyber Disclosure Rules Create Angst for Security Teams

in the wake of the ex-Uber CISO verdict, CISOs ask for clearer rules and less uncertainty in managing disclosures, amid jail-time fears.

Netwrix Report: Enterprises Suffer More Ransomware and Other Malware Attacks Than Smaller Organizations

Attackers primarily target on-premises IT infrastructures.

Threat Actors Compromise Barracuda Email Security Appliances

The company's ESG appliances were breached, but their other services remain unaffected by the compromise.

Google's .zip, .mov Domains Give Social Engineers a Shiny New Tool

Security professionals warn that Google's new top-level domains, .zip and .mov, pose social engineering risks while providing little reason for their existence.

How Universities Can Bridge Cybersecurity's Gender Gap

It's time to invest in initiatives that engage young women in cybersecurity early and often.

How AI Can Help Organizations Adapt and Recover From Cyberattacks

Incident response playbooks and frameworks are leaving defenders ill-equipped to recover from the increasing number of successful cyberattacks. Developments in AI offer a new way for stretched teams to manage security incidents and heal swiftly.

Israeli Shipping, Logistics Companies Targeted in Watering Hole Attacks

Researchers say the Iranian nation-state actor known as Tortoiseshell could be behind the attacks.

5 Questions to Ask When Evaluating a New Cybersecurity Technology

Any new cybersecurity technology should be not just a neutral addition to a security stack but a benefit to the other technologies or people managing them.

Google Adds Guardrails to Keep AI in Check

Companies are starting to address AI misuse. At Google I/O, for example, executives promised its AI has safety measures.

FBI: Human Trafficking Rings Force Job Seekers Into Cryptojacking Schemes

Victims of the cybercrime schemes are coerced to participate through violence and having their belongings taken away.

What Security Professionals Need to Know About Aggregate Cyber Risk

Widespread cyber incidents will happen, but unlike for natural disasters, specific security controls can help prevent a catastrophe.

A New Look for Risk in Awareness Training

Changes in the way risk is viewed are leading to changes in the way training is conducted.

Bridgestone CISO: Lessons From Ransomware Attack Include Acting, Not Thinking

A February 2022 attack, knocked the giant tire maker's North American operations offline for several days.

Enterprises Must Prepare Now for Shorter TLS Certificate Lifespans

Shorter certificate lifespans are beneficial, but they require a rethink of how to properly manage them.

Meta Hit With $1.3B Record-Breaking Fine for GDPR Violations

The technology conglomerate has until later this year to end its transfer of European user's data across the Atlantic.

IBM's Polar Buy Creates Focus on a New 'Shadow Data' Cloud Security Area

The purchase gives IBM access to a new category of products called "data security posture management" for security data in cloud and SaaS repositories.

Cyber Warfare Lessons From the Russia-Ukraine Conflict

Techniques used in cyber warfare can be sold to anyone — irrespective of borders, authorities, or affiliations. We need to develop strategies to respond at scale.

CommonMagic APT Campaign Broadens Target Scope to Central and Western Ukraine

AppSec Teams Stuck in Catch-Up Cycle Due to Massive Cloud-Native Enablement Gap

85% of AppSec pros say ability to differentiate between real risks and noise is critical, yet only 38% can do so today; mature DevOps organizations cite widespread impact due to lack of cloud-native tools

Data Siloes: Overcoming the Greatest Challenge in SecOps

It's not lack of data that's the problem, but the inability to piece that together to truly understand and reduce risk.

3 Common Initial Attack Vectors Account for Most Ransomware Campaigns

The data shows how most cyberattacks start, so basic steps can help organizations avoid becoming the latest statistic.

Google Debuts Quality Ratings for Security Bug Disclosures

New rules aim to level up the quality of submissions to Google and Android device Vulnerability Reward Program.

Enterprises Rely on Multicloud Security to Protect Cloud Workloads

As enterprises adopt multicloud, the security picture has gotten foggy. Cloud workload protection platforms and distributed firewalls are creating clarity.

KeePass Vulnerability Imperils Master Passwords

A newly discovered bug in the open source password manager, if exploited, lets attackers retrieve a target's master password — and proof-of-concept code is available.

Trojan-Rigged Phishing Attacks Pepper China-Taiwan Conflict

Plug X and other information-stealing remote-access Trojans are among the malware targeting networking, manufacturing, and logistics companies in Taiwan.

10 Types of AI Attacks CISOs Should Track

Risk from artificial intelligence vectors presents a growing concern among security professionals in 2023.

Microsoft Azure VMs Highjacked in Cloud Cyberattack

Cybercrime group that often uses smishing for initial access bypassed traditional OS targeting and evasion techniques to directly gain access to the cloud.

Lemon Group Uses Millions of Pre-Infected Android Phones to Enable Cybercrime Enterprise

Lemon Group's Guerrilla malware model an example of how threat actors are monetizing compromised Android devices, researchers say.

5 Ways Security Testing Can Aid Incident Response

Organizations can focus on these key considerations to develop their cybersecurity testing program sustainably.

Houthi-Backed Spyware Effort Targets Yemen Aid Workers

Pro-Houthi OilAlpha uses spoofed Android apps to monitor victims across the Arab peninsula working to bring stability to Yemen.

Apple Boots a Half-Million Developers From Official App Store

The mobile phone and MacBook giant also rejected nearly 1.7 million app submissions last year in an effort to root out malware and fraud.

Microsoft Teams Features Amp Up Orgs' Cyberattack Exposure

It's as they say: A Teams is only as strong as its weakest links. Microsoft's collaboration platform offers Tabs, Meetings, and Messages functions, and they all can be exploited.

Talking Security Strategy: Cybersecurity Has a Seat at the Boardroom Table

Pending new SEC rules reinforce how integral cybersecurity is to modern business operations, and will help close the gap between security teams and those making policy decisions.

I Was an RSAC Innovation Sandbox Judge — Here's What I Learned

Three pieces of advice to startups serious about winning funding and support for their nascent companies: Articulate your key message clearly, have the founder speak, and don't use a canned demo.

Microsoft Digital Defense Report: Nation-State Threats and Cyber Mercenaries

In part three of this three-part series, Microsoft dissects these twinned threats and what organizations can do to reduce or eliminate their risk.

Attackers Target MacOS with 'Geacon' Cobalt Strike Tool

Threat actors seen using Go-language implementation of the red-teaming tool on Intel and Apple silicon-based macOS systems.

Russian Ransomware Perp Charged After High-Profile Hive, Babuk & LockBit Hits

LockBit, Babuk, and Hive ransomware used by Russian to target critical US organizations, DOJ says.

Qilin Ransomware Operation Outfits Affiliates With Sleek, Turnkey Cyberattacks

Researchers infiltrate a ransomware operation and discover slick services behind Qilin's Rust-based malware variant.

Name That Toon: One by One

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Circle Security Technology Partnership With ForgeRock to Accelerate the Prevention-First Era in Digital Security

Joint integration delivers effective DSPM enforcement for self-managed customers starting with credential-free access, risk-based continuous authentication, and protection from data exposure.

'MichaelKors' Showcases Ransomware's Fashionable VMware ESXi Hypervisor Trend

Wide use and lack of support for malware detection technologies has made VMware's virtualization technology a prime target for cyberattackers.

PharMerica Leaks 5.8M Deceased Users' PII, Health Information

Relatives are being alerted that a PharMerica compromise exposed the sensitive data of their deceased loved ones, which could be used for identity theft.

RA Ransomware Group Emerges With Custom Spin on Babuk

The freshly minted ransomware gang is customizing leaked Babuk source code to go after cyber targets in the US and South Korea — and it's expanding its operations quickly.

Toyota Discloses Decade-Long Data Leak Exposing 2.15M Customers' Data

A misconfigured cloud instance exposed vehicle data, but not personally identifiable information, the car maker says.

Microsoft Follina Bug Is Back in Meme-Themed Cyberattacks Against Travel Orgs

A two-bit comedian is using a patched Microsoft vulnerability to attack the hospitality industry, and really laying it on thick along the way.

Microsoft Advisories Are Getting Worse

A predictable patch cadence is nice, but the software giant can do more.

TSA Official: Feds Improved Cybersecurity Response Post-Colonial Pipeline

US Transportation Security Agency (TSA) administrator reflects on how the Colonial Pipeline incident has moved the needle in public-private cooperation.

WordPress Plugin Used in 1M+ Websites Patched to Close Critical Bug

The privilege escalation flaw is one in thousands that researchers have disclosed in recent years.

Making Sure Lost Data Stays Lost

Retired hardware and forgotten cloud virtual machines are a trove of insecure confidential data. Here's how to ameliorate that weakness.

New Competition Focuses on Hardening Cryptosystems

The Technology Innovation Institute’s year-long cryptographic challenge invites participants to assess concrete hardness of McEliece public-key encryption scheme.

Malicious Chatbots Target Casinos in Southeast Asia

Dubbed "ChattyGoblin," the China-backed actors use chatbots to scam Southeast Asian gambling companies.

Microsoft Authenticator to Enforce Number Matching

As a way to enhance the security of MFA, Microsoft will require users to authorize login attempts by entering a numeric code into the Microsoft Authenticator app.

Security Leaders Discuss Industry Trends at Dark Reading's News Desk at RSAC 2023

Watch News Desk interviews with Dark Reading and cybersecurity leaders as they discuss trends and industry drivers druing RSA Conference 2023 in San Francisco.

Plug-and-Play Microsoft 365 Phishing Tool 'Democratizes' Attack Campaigns

New "Greatness" phishing-as-a-service used in attacks targeting manufacturing, healthcare, technology, and other sectors.

Billy Corgan Paid Off Hacker Who Threatened to Leak New Smashing Pumpkins Songs

Corgan got FBI involved to track down the cybercriminal, who had stolen from other artists as well, he said.

North Korean Hackers Behind Hospital Data Breach in Seoul

Data on more than 830K people exposed in the 2021 cyberattack.

Startup Competition Secures ML Systems, Vulnerabilities in Automation

RSA's Innovation Sandbox 2023 focused on the software supply chain, as well as attack surfaces exposed by generative AI, ML systems, and APIs.

Experian Announces US Fintech Data Network to Combat Fraud

Experian's Hunter comes to the United States with nine top fintechs committed to participating.

Global Research From Delinea Reveals That 61% of IT Security Decision Makers Think Leadership Overlooks the Role of Cybersecurity in Business Success

Disconnect between security and business goals had negative consequences for 89% of respondents and increased the success of cyberattacks at one in four companies.

Infamous Twitter Hacker Cops to Cybercrimes, Extradited to US for Trial

Confessed cybercriminal hijacked Twitter, TikTok, and Snapchat accounts; defrauded victims; and more.

2023 AT&T Cybersecurity Insights Report: Edge Ecosystem

The 2023 AT&T Cybersecurity Insights Report examines how edge use cases are evolving, how organizations are changing to deliver better business outcomes through digital first experiences, and how an integrated ecosystem can work together to put security at the core of edge computing.

Dark Reading Goes Global

While the goal of the site's new DR Global section is to expand international coverage, the initial focus will be cybersecurity professionals in the Middle East and Africa.

Sysco Data Breach Exposes Customer, Employee Data

Food distribution company first learned of the cyberattack in March 2023.

Free Tool Unlocks Some Encrypted Data in Ransomware Attacks

"White Phoenix" automated tool for recovering data on partially encrypted files hit with ransomware is available on GitHub.

Microsoft Patches 2 Zero-Day Vulnerabilities

The 49 CVE's in Microsoft's May security update is the lowest volume in nearly two years.

Privoro and Samsung Partner to Provide Trusted Control Over Smartphone Radios and Sensors

New hardware-to-hardware integration between SafeCase and Galaxy's Hardware Device Manager fortifies mobile security, protecting customers from spyware attacks.

FBI Disarms Russian FSB 'Snake' Malware Network

Operation "Medusa" disabled Turla's Snake malware with an FBI-created tool called Perseus.

ESET APT Report: Attacks by China-, North Korea-, and Iran-aligned Threat Actors; Russia Eyes Ukraine and the EU

Justice Department Targets 13 Websites Linked to DDoS-for-Hire

Ten of the domains targeted today were "reincarnations" of services seized in December 2022.

The Problem of Old Vulnerabilities — and What to Do About It

The vulnerabilities most often exploited by ransomware attackers are already known to us.

Consilient Inc. and Harex InfoTech Partner to Fight Financial Crime in South Korea

Companies bring generative AI-Federated Learning to the forefront to transform business processes and enable dynamic risk management.

Whiteford Taylor & Preston LLP Issues Notice of Data Incident

1M NextGen Patient Records Compromised in Data Breach

BlackCat ransomware operators reportedly stole the sensitive data.

Western Digital Confirms Customer Data Stolen in Ransomware Attack

Company refutes BlackCat claims, saying it still controls digital signature infrastructure.

Why the 'Why' of a Data Breach Matters

The motivations of an attacker help establish what protections to put into place to protect assets.

Why the FTX Collapse Was an Identity Problem

Cryptocurrency has a valuable role to play in a Web3 world — but only if the public can fully trust it.

North Korean APT Uses Malicious Microsoft OneDrive Links to Spread New Malware

ReconShark, aimed at gaining initial access to targeted systems, is a component of previous malware used by the Kimsuky group.

Satori Unveils Universal Data Permissions Scanner, A Free Open-Source Tool that Sheds Light on Data Access Authorization

Addressing data access blindspots commonly faced by enterprises, data security leader launches the first open-source authorization analysis tool to provide universal visibility into data access permissions across multiple data stores.

Browser Isolation Adapts to Remote Work, Greater Cloud Usage

As browsers become the center of many workers' days, isolation technologies shift to protecting the extended enterprise.

Judge Spares Former Uber CISO Jail Time Over 2016 Data Breach Charges

Tell other CISO's "you got a break," judge says in handing down a three-year probation sentence to Joseph Sullivan.

Apple Patches Bluetooth Flaw in AirPods, Beats

Users can check for the updated firmware version of their wireless headphones in the Bluetooth settings of their iPhone, iPad, or Mac devices.

Attackers Route Malware Activity Over Popular CDNs

One way to hide malicious activity is to make it look benign by blending in with regular traffic passing through content delivery networks (CDNs) and cloud service providers, according to a Netskope report.

Dallas City Systems Taken Down by Royal Ransomware

Courts closed, but police, fire rescues unaffected following ransomware attack.

OneTrust Enhances Data Discovery and Governance by Introducing AI-Powered Document Classification

Organizations can effectively classify unstructured data, automatically apply policies, and remediate violations.

Netskope: Attackers Double Down on Social Engineering Techniques and Malicious Functionalities

Researchers find attackers are successfully evading detection by blending in with normal network traffic via HTTP and HTTPS.

Google Launches Cybersecurity Career Certificate Program

Google's new program aims to offer accessible training to fill 750K open cybersecurity jobs with diverse array of talent.

How Public-Private Information Sharing Can Level the Cybersecurity Playing Field

Sharing information is critical to help organizations protect data and systems. To be even more effective, collaboration should be inclusive — vendors, researchers, and private companies large and small.

Microsoft Digital Defense Report: Trends In Device and Infrastructure Attacks

In part two of this three-part series, Microsoft synthesizes the impact of IoT/OT security challenges and offers tips for strengthening security there.

The Daily Number of Human-Driven Cyber Incidents Increased by 1.5 Times in 2022

Google Chrome Drops Browser Lock Icon

Chrome 117 will retire the lock icon and replace it with a "tune" icon, reflecting evolving cybersecurity standards.

DNA Sequencing Equipment Vulnerability Adds New Twist to Medical Device Cyber Threats

A vulnerability in a DNA sequencer highlights the expanded attack surface area of healthcare organizations but also shows that reporting of medical device vulnerabilities works.

Court Rejects Merck Insurers' Attempt to Refuse Coverage for NotPetya Damages

Insurers unsuccessfully argued Merck's $1.4B in losses following NotPetya cyberattack fell under wartime exclusion.

Anatomy of a Malicious Package Attack

Malicious packages are hard to avoid and hard to detect — unless you know what to look for.

Legitimate Software Abuse: A Disturbing Trend in Ransomware Attacks

Build a culture of security so that everyone is on the lookout for suspect behavior. Implement least privilege, improve visibility.

Meta Expunges Multiple APT, Cybercrime Groups from Facebook, Instagram

The company has removed three APTs and six potentially criminal networks from its platforms who leveraged elaborate campaigns of fake personas and profiles to lure and compromise users.

Hotels at Risk From Bug in Oracle Property Management Software

Oracle's characterization of the vulnerability in its Opera software as complex and hard to exploit is incorrect, researchers who found the flaw and reported it say.

AppSec Making Progress or Spinning Its Wheels?

Software developers and application security specialists estimate they are catching only 60% of vulnerabilities, but other measures indicate better results.

T-Mobile Experiences Yet Another Data Breach

Hundreds of customers are at risk of identity theft after the mobile communication company faces its second breach of the year.

Apple Debuts Its Rapid Response Security Update Approach

Smaller fixes deliver quick improvements for iPhones, iPads, and iMacs between software updates.

North Korean APT Gets Around Macro-Blocking With LNK Switch-Up

APT37 is among a growing list of threat actors that have switched to Windows shortcut files after Microsoft blocked macros last year.

China 'Innovated' Its Cyberattack Tradecraft, Mandia Says

Mandiant CEO Kevin Mandia explains why a recently revealed targeted attack by a cyber-espionage group out of China rivals the SolarWinds attack in its complexity, and weighs in on how defenders can best leverage generative AI.

4 Principles for Creating a New Blueprint for Secure Software Development

Improving the security of the software development process is key to thwarting bad actors.

Enterprise Strategy Group Research Reveals 75% of Organizations Change or Update APIs on a Daily or Weekly Basis

According to the ESG Study, 92% of organizations have experienced at least one security incident related to insecure APIs in the past year.

BlackCat Trolls Western Digital With Leaked Response Meeting Image

The ransomware group adds in personal insults to ratchet up pressure on Western Digital threat hunters.

What the Cybersecurity Industry Can Learn From the SVB Crisis

The banking industry has safeguards designed to mitigate financial risk, something the cybersecurity industry can learn from.

Name That Edge Toon: Fare Thee Well

Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.