Air-Gapped ICS Systems Targeted by Sophisticated Malware

Researchers uncovered new worming second-stage tools used to locally exfiltrate data from air gapped ICS environments, putting threat actors one step away from transmission of the info to a C2.

Abyss Locker Ransomware Looks to Drown VMware's ESXi Servers

The 4-month-old ransomware gang is now actively targeting VMware's virtual environments with a second variant of its custom malware.

Call of Duty Self-Spreading Worm Takes Aim at Player Lobbies

The revival of the beloved online multiplayer video game was short-lived once players detected unusual activity and behavior that portended malware.

Israeli Oil Refinery Taken Offline by Pro-Iranian Attackers

The apparent pro-Iranian Cyber Avengers posted images of BAZAN Groups's SCADA systems, diagrams, and programmable logic controller (PLC) code.

Best Practices for Enterprise Private 5G Security

Omdia's latest research with Trend Micro and CTOne sheds light on 5G security challenges and ways to effectively extend enterprise-grade security to 5G networks

Summer Documentary Watch Party: 8 Sizzling Cybersecurity Tales

From the upcoming Billion Dollar Heist to docs on the Ashley Madison breach and Stuxnet, here are a bevy of films that can scratch that wanna-be hacker itch.

Healthcare Innovation: A Safe and Secure Approach

Six focus areas to address the top security challenges facing healthcare organizations today.

Hack Crew Responsible for Stolen Data, NATO Investigates Claims

NATO asserts that their cyber experts continue to look into the claims and that its classified networks remain secure.

CherryBlos Malware Uses OCR to Pluck Android Users' Cryptocurrency

The malware, along with a sister strain dubbed "FakeTrade," was found lurking in Google Play.

Choose the Best Biometrics Authentication for Your Use Case

Voice, face, and vein recognition each have its pros and cons. Here's what CISOs need to know.

Senator Blasts Microsoft for Negligence in 365 Email Breach

In a letter to the DoJ, FTC and CISA, Oregon's Wyden also called for Microsoft to be held accountable in the sprawling SolarWinds breach.

Another AI Pitfall: Digital Mirroring Opens New Cyberattack Vector

The more artificial intelligence builds out our digital personas, the easier it will become for bad actors to target us with more convincing attacks.

Despite Post-Log4J Security Gains, Developers Can Still Improve

Developers need more software security safeguards earlier in the process, especially as AI becomes more common.

7 in 10 MSPs Name Data Security and Network Security As Their Top IT Priorities for 2023

CompTIA ChannelCon Technology Vendor Fair Highlights Tech Solutions

Ryanair Hit With Lawsuit Over Use of Facial Recognition Technology

Airline violates privacy protections of the EU's General Data Protection Regulation, plaintiff says, seeking a $210 million fine.

Millions of People Affected in MOVEit Attack on US Gov't Vendor

Living up to its name, Maximus sees a whale of a breach that affects millions of people's sensitive government records, including health data.

TSA Updates Pipeline Cybersecurity Requirements

The updates will require pipeline owners and operators to do more than just plan for potential cyberattacks; now, those plans will need to be tested.

Group-IB Co-Founder Sentenced to 14 Years in Russian Penal Colony

Ilya Sachkov, convicted of treason by the Kremlin, will serve time in one of Russia's prison camps, which feature rigid schedules and isolation from the outside world, critics say.

Israeli-Trained Azerbaijan Cyber Students Mark Inaugural Graduation

Azerbaijan minister pledges to train many more cyber specialists in the coming years to improve regional cyber-readiness.

What Will CISA's Secure Software Development Attestation Form Mean?

The proposed attestation form is meant to help secure the software chain and formalizes the role of the SBOM as the first line of defense.

Rezilion Uncovers High-Risk Vulnerabilities Missing From CISA KEV Catalog

SE Labs Unveils Latest Comparative Analysis of Endpoint Detection and Response Products

Massive macOS Campaign Targets Crypto Wallets, Data

Threat actors are distributing new "Realst" infostealer via fake blockchain games, researchers warn.

SEC Adopts New Rule on Cybersecurity Incident Disclosure Requirements

Boards must now file notice of a "material incident" within four business days, although questions remain.

Former NSA-er Harry Coker Nominated National Cyber Director

The potential nominee is coming in with a model resume and background in cyberspace, as well as strong political support from the Hill.

ETSI Dismisses Claims of 'Backdoor' Vulnerabilities in TETRA Standard

Nonetheless, European standards body revised the wireless standard and insists its integrity remains sound.

Decoy Dog Gets an Upgrade With New Persistence Features

At least three actors are using the new, improved version, prompting researchers to conclude it was likely developed by a nation-state.

ChatGPT, Other Generative AI Apps Prone to Compromise, Manipulation

Researchers find artificial intelligence applications that use large language models could be compromised by attackers using natural language to dupe users.

Ivanti Zero-Day Exploit Disrupts Norway's Government Services

Cyberattackers have used a zero-day exploit to compromise up to 12 Norwegian government departments.

10 Free Purple Team Security Tools to Check Out

Check out the curated list of cool tools and platforms for both offensive security experts and defenders which will be released or demoed at Black Hat USA 2023.

Zero-Day Vulnerabilities Discovered in Global Emergency Services Communications Protocol

Weak encryption algorithms leave radio communications open to attack and abuse.

Atlassian RCE Bugs Plague Confluence, Bamboo

The security vulnerabilities allow full takeover of Atlassian instances, so admins should patch now.

KillNet's Kremlin Connection Unclear as the Cybercrime Collective Grows

KillNet is amassing members, capabilities, and know-how, as it looks to consolidate cybercrime power under its own umbrella.

North Korean Cyberspies Target GitHub Developers

The North Korean APT is setting up legitimate accounts on GitHub and social media platforms to pose as developers or recruiters — ultimately to fool targets into loading npm repositories with malicious code.

Designing a Security Strategy for Defending Multicloud Architectures

Complex security issues arise when different clouds and computing models interact.

What C-Suite Leaders Need to Know About XDR

Considering adopting extended detection and response (XDR) in your cybersecurity defense program? Here's what you need to know about the technology platform.

How to Put the Sec in DevSecOps

Learn the importance of adding security practices into DevOps life cycles and how to make security stronger.

BGP Software Vulnerabilities Under the Microscope in Black Hat Session

In a nod to its centrality in IP networking, a Forescout researcher will parse overlooked vulnerabilities in the Border Gateway Protocol at Black Hat USA.

Banks In Attackers' Crosshairs, Via Open Source Software Supply Chain

In separate targeted incidents, threat actors tried to upload malware into the Node Package Manager registry to gain access and steal credentials.

Rootkit Attack Detections Increase at UAE Businesses

Detections of rootkit attacks against businesses in the United Arab Emirates are up 167% in 2023, with an increased view of their use in the Middle East overall.

CVSS 4.0 Is Here, But Prioritizing Patches Still a Hard Problem

CVSS Version 4 arguably performs better, but companies also need to tailor any measure of threat to their own environment to quickly evaluate new software bugs for patching order.

Mallox Ransomware Group Activity Shifts Into High Gear

Malicious activity targeting vulnerable SQL servers has surged 174% compared to 2022, Palo Alto's Unit 42 says.

Docker Leaks API Secrets & Private Keys, as Cybercriminals Pounce

Researchers found that the private keys and secrets they discovered being exposed within the Docker framework are already being used in the wild.

Google Categorizes 6 Real-World AI Attacks to Prepare for Now

The models powering generative AI like ChatGPT are open to several common attack vectors that organizations need to understand and get ready for, according to Google's dedicated AI Red Team.

P2P Self-Replicating Cloud Worm Targets Redis

Although not all Redis instances are vulnerable to the P2P worm variant, all of them can expect a compromise attempt, researchers warn.

China's APT41 Linked to WyrmSpy, DragonEgg Mobile Spyware

Nation-states see the opportunity in targeting people directly through their mobile phones, in this case with sophisticated Android surveillanceware.

Seed Group Brings Resecurity Options to UAE Region

UAE's Seed Group is partnering with Resecurity to expand cybersecurity options in the Middle East and Africa.

Microsoft Relents, Offers Free Key Logging to All 365 Customers

Industry pushback prompts Microsoft to drop premium pricing for access to cloud logging data.

3 Ways AI Could Improve Authentication

As companies navigate how to protect themselves from the onslaught of increasingly sophisticated fraud threats, artificial intelligence will be a critical piece of next-gen authentication.

Reducing Security Debt in the Cloud

Security debt exists in on-premises data centers as well as in cloud platforms — but preventing it from accumulating in the cloud requires different skills, processes, and tools.

Hacker Infected & Foiled by Own Infostealer

A prolific threat actor has been operating on Russian-language forums since 2020, but then he accidentally infected his own computer and sold off its contents to threat researchers.

Microsoft Takes Security Copilot AI Assistant to the Next Level

The company's AI for security operations centers is now available for technology integrations, as the industry looks to large language models.

Name That Toon: Shark Sighting

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Attackers Pummel Millions of Websites via Critical WooCommerce Payments Flaw

A barrage of targeted attacks against vulnerable installations peaked at 1.3 million against 157,000 sites over the weekend, aimed at unauthenticated code execution.

Sogu, SnowyDrive Malware Spreads, USB-Based Cyberattacks Surge

Two separate threat actors are using poisoned USB drives to distribute malware in cyber-espionage campaigns targeting organizations across different sectors and geographies.

Linux Ransomware Poses Significant Threat to Critical Infrastructure

Organizations running Linux distributions need to prepare to defend their systems against ransomware attacks. Steps to ensure resiliency and basics such as access control reduce major disruptions.

5 Major Takeaways From Microsoft's July Patch Tuesday

July's updates contained 100+ patches and security policy notes, leaving vulnerability management teams stressed and scrambling to prioritize. We're here to help find some zen.

AWS Cloud Credential Stealing Campaign Spreads to Azure, Google Cloud

The TeamTNT threat actor appears to be setting the stage for broader cloud worm attacks, researchers say.

UAE and South African Hospitals Fail on DMARC Implementation

Only a quarter of hospitals have implemented the strongest level of DMARC, with a third running any version of the email validation protocol.

If George Washington Had a TikTok, What Would His Password Be?

Artificial intelligence can be tricked into making password-based authentication even weaker.

Why CFOs & CISOs Must Collaborate to Strengthen and Protect Organizations in a Recession

Cyber threats are intensifying even as budgets are being scrutinized. Now, more than ever, security and finance professionals need to align on cybersecurity strategies.

Insider Risk Management Starts With SaaS Security

SaaS security posture management helps mitigate common threats posed by malicious or negligent insiders.

How Hackers Can Hijack a Satellite

We rely on them for communications, military activity, and everyday tasks. How long before attackers really start to look up at the stars?

Cisco Flags Critical SD-WAN Vulnerability

A flaw in the REST API of Cisco's SD_WAN vManage software could allow remote, unauthenticated attackers to perform data exfiltration.

SBOMs Still More Mandate Than Security

A software bills of materials standard gets an update, but while half of firms require the manifests, the driver is compliance rather than security.

Training's New Understanding

Risk reduction is the new gold standard for cybersecurity awareness training.

Brand Impersonation Scams in Middle East & Africa See Massive Growth

The Middle East and Africa region saw a whopping 135% increase in scams over the past year, with finance, telecommunications, and logistics the most-targeted sectors.

Cybersecurity Leaders Report Reduction in Disruptive Cyber Incidents With MSS/MDR Solutions

Optiv survey highlights organizations' need for talent, challenges with sophistication of threat actors and expanding attack surface.

Orca Sues Wiz for 'Copying' Its Cloud Security Tech

Two fierce cloud security competitors are locked in a legal battle, as Orca accuses Wiz of ripping off its intellectual property.

How the EU AI Act Will Affect Businesses, Cybersecurity

The draft AI Act represents a significant step in regulating AI technologies, recognizing the need to address the potential risks and ethical concerns.

Critical RCE Bug in Rockwell Automation PLCs Zaps Industrial Sites

Rockwell Automation and CISA warn of security vulnerabilities that affect power plants, factories, and other critical infrastructure sites.

Okta, Ping Identity, CyberArk & Oracle Lead the IDaaS Omdia Universe

Omdia has published its Omdia Universe on IDaaS. This vendor comparison study highlights the capabilities of the vendors in the space.

Startup Spotlight: Mobb Aims to Be the Fixer

The startup, one of four finalists in this year's Black Hat USA Startup Spotlight competition, automates vulnerability remediation using AI.

Chinese APT Cracks Microsoft Outlook Emails at 25 Government Agencies

Foreign state-sponsored actors likely had access to privileged state emails for weeks, thanks to a token validation vulnerability.

Firedome Integrates With Microsoft Defender for IoT to Enhance IoT Device Security, Using Microsoft Sentinel

Firedome's on device real-time detection, prevention and response along with Microsoft Defender for IoT cloud-based security provides a holistic view of IoT attacks for the first time.

Console & Associates, P.C. Investigates HCA Healthcare After Report of Data Breach Affecting an Estimated 11M Patients

(ISC)² Strengthens DEI Initiatives through Global Partnerships

Partnership program empowers underrepresented groups by removing barriers to entering the cybersecurity workforce.

Less Than Half of SMBs Deploy Privileged Access Management

Keeper Security highlights S&P Market Intelligence's latest research showing that lack of PAM is leaving SMBs vulnerable to attack.

QuickBlox API Vulnerabilities Open Video, Chat Users to Data Theft

QuickBlox users should update to the latest version of the platform in order to protect against several avenues of exploitation.

Tracy Resident Charged With Computer Attack On Discovery Bay Water Treatment Facility

Former employee of contractor allegedly unleashed computer attack on the town's critical infrastructure — the systems controlling its water treatment facility.

11M HCA Healthcare Patients Impacted by Data Breach

The hackers posted up for sale stolen HCA Healthcare data on Dark Web forum.

Microsoft Expands Entra Into Secure Service Edge

Among the changes are the new offerings Entra Internet Access and Entra Private Access — and Azure AD has been renamed.

Bangladesh Government Website Leaks Personal Data

Personal details of Bangladeshi citizens found online by researcher included full names, phone numbers, email addresses, and national ID numbers.

Mastodon Patches 4 Bugs, but Is the Twitter Killer Safe to Use?

Platform's independent server "instances" may have different security levels, creating potential for supply chain-like vulnerabilities.

Cyberattacks Are a War We'll Never Win, but We Can Defend Ourselves

Giving ourselves a chance in this fight means acknowledging that yesterday's successful defensive tactics may already be obsolete.

Analysts: Cybersecurity Funding Set for Rebound

Analysts seem bullish about funding and M&A activity for the second half of the year, though transaction volumes and values dipped again in Q2.

NIST Launches Generative AI Working Group

The public working group will develop guidance around the special risks of AI technologies that generate content.

Why Hybrid Work Has Made Secure Access So Complicated

Employees now have the freedom to work wherever they want, which brings new challenges for security teams trying to protect data.

APT35 Develops Mac Bespoke Malware

Iran-linked APT35 group crafted specific Mac malware when targeting a member of the media with new tools to add backdoors.

Deepfake Quantum AI Investment Scam Pops Up on Facebook

A consumer finance journalist and television personality took to Twitter to warn his followers about advertisements using his name and face to scam victims.

Banking Firms Under Attack by Sophisticated 'Toitoin' Campaign

An attack involves a multi-stage infection chain with custom malware hosted on Amazon EC2 that ultimately steals critical system and browser data; so far, targets have been located in Latin America.

Zero Trust Keeps Digital Attacks From Entering the Real World

Amid IT/OT convergence, organizations must adopt an "assume breach" mindset to stop bad actors and limit their impact.

How to Use Log Management to Retrace Your Digital Footsteps

Log management tools help IT and security teams monitor and improve a system's performance by identifying bugs, cybersecurity breaches, and other issues that can create outages or compliance problems.

Exposure Management Looks to Attack Paths Identity to Better Measure Risk

Security firms analyze attack paths and seek out weak identities to find compromise vectors and critical assets that need better controls.

Global Hacking Competition Addresses Critical Increase in Cybersecurity Threats for Businesses

Hack The Box launches Capture The Flag competition, including offensive and defensive challenges, to unite teams as cyberattacks increase in 2023 to unprecedented levels.

Meta's Rush to Topple Twitter Sets Up Looming Privacy Debate

GDPR is halting Meta's new Threads app from entering EU markets, portending a broader struggle over the right ways to collect user data on social apps.

Truebot Malware Variants Abound According to CISA Advisory

US and Canadian government agencies find that new variants of the malware are increasingly being utilized.

MOVEit Transfer Faces Another Critical Data-Theft Bug

Users need to patch the latest SQL injection vulnerability as soon as possible. Meanwhile, Cl0p's data extortion rampage gallops on.

Can Generative AI Be Trusted to Fix Your Code?

Not yet — but it can help make incremental progress in reducing vulnerability backlogs.

Startup Spotlight: Endor Labs Focuses on Reachability

The company, one of four finalists in Black Hat USA's 2023 startup competition, looks to find the vulnerabilities an attacker could actually access.

StackRot Linux Kernel Bug Has Exploit Code on the Way

Linus Torvalds led a Linux kernel team in developing a set of patches that should be available by the end of July.

Shell Becomes Latest Cl0p MOVEit Victim

In another MOVEit attack, oil and gas giant Shell saw the release of the private information of its employees.

Privacy Woes Hold Up Global Instagram Threads Launch

Meta's answer to Twitter went live and quickly racked up millions of members — but the social media app's privacy practices are under the microscope.

Cybersecurity's Future Hinges on Stronger Public-Private Partnerships

Public and private sector organizations must collaborate on a shared cybersecurity agenda to protect and benefit society at large.

6 Steps To Outsmart Business Email Compromise Scammers

Email fraud is a confidence game that costs the economy billions. An effective defense takes technology and vigilance.

Microsoft Teams Exploit Tool Auto-Delivers Malware

The "TeamsPhisher" cyberattack tool gives pentesters — and adversaries — a way to deliver malicious files directly to a Teams user from an external account, or tenant.

OPERA1ER Cybercrime Group's Leader Arrested by Interpol

The group's mastermind was nabbed in Côte d'Ivoire for stealing up to $30 million using malware, phishing campaigns, and BEC scams, as part of international law enforcement's Operation Nervone.

A Golden Age of AI or Security Threats?

Now is the time to build safeguards into nascent AI technology.

C10p's MOVEit Campaign Represents a New Era in Cyberattacks

The ransomware group shows an evolution of its tactics with MOVEit zero day — potentially ushering in a new normal when it comes to extortion supply chain cyberattacks, experts say.

China's Mustang Panda Linked to SmugX Attacks on European Governments

Attackers use HTML smuggling to spread the PlugX RAT in the campaign, which has been ongoing since at least December.

Microsoft Can Fix Ransomware Tomorrow

You can't encrypt a file you can't open — Microsoft could dramatically impact ransomware by slowing it down.

Researchers Develop Exploit Code for Critical Fortinet VPN Bug

Some 340,000 FortiGate SSL VPN appliances remain exposed to the threat more than three weeks after Fortinet released firmware updates to address the issue.

Russian Satellite Internet Downed via Attackers Claiming Ties to Wagner Group

Attribution for the cyberattack on Dozor-Teleport remains murky, but the effects are real — downed communications and compromised data.

Israel Aided UAE in Defending Against DDoS Attack

Israel's cyber head points finger at Iran-backed MuddyWater APT group as the perpetrator of a recent attack against a university.

SSH Servers Hit in 'Proxyjacking' Cyberattacks

Cybercriminals employ obfuscated script to stealthily hijack victim server bandwidth for use in legitimate proxy networks.

Name That Edge Toon: Three-Ring Circus

Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.

A CISO's Guide to Paying Down Software Supply Chain Security Debt

When you just keep filing it away to handle "someday," security debt typically rears its head when you are most vulnerable and can least afford to pay it.

Architecting XDR to Save Money and Your SOC's Sanity

XDR can lower platform costs and improve detection, but it requires committing to a few principles that go against the established way of thinking about SOC.