Securing AI: What You Should Know

Securing AI within your organization starts with understanding how AI differs from traditional business tools. Google's Secure AI Framework provides a model for what to do next.

DHS: Physical Security a Concern in Johnson Controls Cyberattack

An internal memo cites DHS floor plans that could have been accessed in the breach.

How Can Your Security Team Help Developers Shift Left?

Implementing a shift-left process in cybersecurity requires pulling together people, processes, and technology.

DHS Calls Into Question Physical Security in Johnson Controls Cyberattack

An internal memo notes of DHS floor plans that could have been accessed in the breach.

Government Shutdown Poised to Stress Nation's Cybersecurity Supply Chain

CISA announces it will furlough more than 80% of staff indefinitely if Congress can't reach an agreement to fund the federal government.

Chrome Flags Third Zero-Day This Month That's Tied to Spying Exploits

So far this year, Google has disclosed six vulnerabilities that attackers were actively exploiting before the company had a patch for them.

New Cisco IOS Zero-Day Delivers a Double Punch

The networking giant discloses new vulnerabilities the same day as warnings get issued that Cisco gear has been targeted in a Chinese APT attack.

Johnson Controls International Disrupted by Major Cyberattack

The company filed with the SEC and is assessing its operations and financial damages.

Q&A: UK Ambassador on Creating New Cybersecurity Agencies Around the World

How the UK is assisting other nations in forming their own versions of a National Centre for Cybersecurity (NCSC).

Novel ZenRAT Scurries Onto Systems via Fake Password Manager Tool

Attackers exclusively target Windows users with an impersonation website that distributes information-stealing malware.

Fortinet Announces Formation of Veterans Program Advisory Council to Narrow the Cybersecurity Skills Gap With Military Veteran Talent

Netscout Identified Nearly 7.9M DDOS Attacks in the First Half of 2023

Researchers Release Details of New RCE Exploit Chain for SharePoint

One of the already-patched flaws enables elevation of privilege, while the other enables remote code execution.

China APT Cracks Cisco Firmware in Attacks Against the US and Japan

Sophisticated hackers are rewriting router firmware in real time and hiding their footprints, leaving defenders with hardly a fighting chance.

Microsoft Adds Passkeys to Windows 11

It's the latest step in the gradual shift away from traditional passwords.

Threat Data Feeds and Threat Intelligence Are Not the Same Thing

It's important to know the difference between the two terms. Here's why.

HD Moore's Discovery Journey

Metasploit creator's shift into enterprise asset discovery and passive scanning with startup runZero is a natural evolution of his exploratory cyber career.

Delinea Secret Server Introduces MFA Enforcement at Depth to Meet Cyber Insurance Requirements

Maine Department of Labor to Announce the Launch of University of Maine at Augusta Cybersecurity and IT Registered Apprenticeship Program

4 Pillars for Building a Responsible Cybersecurity Disclosure Program

Responsible disclosure must strike a balance between the immediate need to protect users and the broader security implications for the entire community.

Chad Taps Huawei for Digital Modernization Project

Fiber optic networks and better connectivity for Chad's users are part of the ICT modernization project with the Chinese networking giant.

Amidst MGM, Caesar's Incidents, Attackers Focus on Luxury Hotels

A fast-growing cyber campaign solely takes aim at luxury hotel and resort chains, using security-disruptive tactics to spread info-stealing malware.

Proactive Security: What It Means for Enterprise Security Strategy

Proactive Security holds the elusive promise of helping enterprises finally get ahead of threats, but CISOs must come to grips with the technological and philosophical change that it brings.

Xenomorph Android Malware Targets Customers of 30 US Banks

The Trojan had mainly been infecting banks in Europe since it first surfaced more than one year ago.

MOVEit Flaw Leads to 900 University Data Breaches

National Student Clearinghouse, a nonprofit serving thousands of universities with enrollment services, exposes more than 900 schools within its MOVEit environment.

UAE-Linked 'Stealth Falcon' APT Mimics Microsoft in Homoglyph Attack

The cyberattackers are using the "Deadglyph" custom spyware, whose full capabilities have not yet been uncovered.

The Hot Seat: CISO Accountability in a New Era of SEC Regulation

Updated cybersecurity regulations herald a new era of transparency and accountability in the face of escalating industry vulnerabilities.

Cyber Hygiene: A First Line of Defense Against Evolving Cyberattacks

Back to basics is a good start, but too often security teams don't handle their deployment correctly. Here's how to avoid the common pitfalls.

Don't Get Burned by CAPTCHAs: A Recipe for Accurate Bot Protection

Traditional CAPTCHAs, such as reCAPTCHA, no longer protect online businesses adequately. Real users hate them. Bots bypass them. It's time to upgrade.

Do CISOs Have to Report Security Flaws to the SEC?

The new SEC rules make it seem that there is no need to report the presence of security vulnerabilities, but that doesn't quite tell the full story.

TikTok API Rules Stymie Analysis of US User Data, Academics Say

Terms of service for API access give TikTok publication review over findings and limit access to critical data on the platform's impact on US users, researchers say.

Hackers Let Loose on Voting Gear Ahead of US Election Season

Ethical hackers were given voluntary access to digital scanners, ballot markers, and electronic pollbooks, all in the name of making the voting process more resilient to cyber threats.

NFL, CISA Look to Intercept Cyber Threats to Super Bowl LVIII

The league is working with more than 100 partners to workshop responses to a host of hypothetical cyberattacks on the upcoming Big Game in Las Vegas.

Salvador Technologies Wins Funding for $2.2M Cybersecurity Project From BIRD Foundation

'Gold Melody' Access Broker Plays on Unpatched Servers' Strings

A financially motivated threat actor uses known vulnerabilities, ordinary TTPs, and off-the-shelf tools to exploit the unprepared, highlighting the fact that many organizations still don't focus on the security basics.

OPSWAT-Sponsored SANS 2023 ICS/OT Cybersecurity Report Reveals Vital Priorities to Mitigate Ongoing Threats

T-Mobile Racks Up Third Consumer Data Exposure of 2023

The mobile company states that the issue was due to a glitch that occurred in an update.

MGM Restores Casino Operations 10 Days After Cyberattack

The lost revenue due to downtime for gaming and hotel bookings is difficult to ballpark.

Growing Chinese Tech Influence in Africa Spurs 'Soft Power' Concerns

A working group is rolling out in developing parts of the world, in response to concerns about the amount of technology being rolled out and across Africa by Chinese companies.

Dig Security Enhances DSPM Platform to Secure Enterprise Data in On-Prem, File-Share Environments

OneLayer Expands Its Private Cellular Network Security Solutions to Operations and Asset Management

83% of IT Security Professionals Say Burnout Causes Data Breaches

International Criminal Court Suffers Cyberattack

The ICC did not reveal details on the cyber breach.

How Choosing Authentication Is a Business-Critical Decision

MFA may go a long way in improving password security, but it's not foolproof.

Changing Role of the CISO: A Holistic Approach Drives the Future

The CISO's role has grown far beyond supervising Patch Tuesday to focus on prevention and response and to cover people, processes, and technology.

Pro-Iranian Attackers Target Israeli Railroad Network

The group known as "Cyber Avengers" has targeted other Israeli services in the past and often publishes technical details of its hits.

Welcome to the Resilience Revolution, Where Defenders Act More Like Attackers

Dark Reading News Desk interviewed Kelly Shortridge about the role of infrastructure-as-code in helping security teams get more nimble in responding to cyber threats.

China-Linked Actor Taps Linux Backdoor in Forceful Espionage Campaign

"SprySOCKS" melds features from multiple previously known badware and adds to the threat actor's growing malware arsenal, Trend Micro says.

Trend Micro Patches Zero-Day Endpoint Vulnerability

The critical vulnerability involves uninstalling third-party security products and has been used in cyberattacks.

MGM, Caesars Face Regulatory, Legal Maze After Cyber Incidents

MGM and Caesars are putting new SEC incident disclosure regulations to a real-world test in the aftermath of twin cyberattacks on the casinos, as class-action lawsuits loom.

Qatar Cyber Chiefs Warn on Mozilla RCE Bugs

The WebP vulnerability affects multiple browsers besides Firefox and Thunderbird, with active exploitation ongoing.

Name That Toon: Somewhere in Sleepy Hollow

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

'ShroudedSnooper' Backdoors Use Ultra-Stealth in Mideast Telecom Attacks

The threat cluster hasn't been seen before, but its custom Windows server backdoors have researchers intrigued thanks to their extremely effective stealth mechanisms.

Security Conferences Keep Us Honest

Conferences are where vendors and security researchers meet face to face to address problems and discuss solutions — in public.

LockBit Is Using RMMs to Spread Its Ransomware

The LockBit group is using native IT management software to live off the land, planting and then spreading itself before deploying its ransomware.

Companies Explore Ways to Safeguard Data in the Age of LLMs

Generative AI models are forcing companies to become creative in how they keep employees from giving away sensitive data.

How to Get Your Board on Board With Cybersecurity

CISOs can refine their soft skills to help get their cybersecurity best-practices message across. Steps include increasing staff incident-response training and staying current with the threat landscape.

Dragos Raises $74M in Latest Funding Round

The funds will be used to expand its global presence beyond Europe and the US.

A Playbook for Bridging Africa's Cybersecurity Skills Shortage

A pledge to solve the skills and talent shortage by the US government has seen one Nigerian company join the effort and aid Africa.

Supporting Africa's Cybersecurity Talent Makes the World Safer

The global infosec community needs to help African nations defend against growing threats.

AI in Software Development: The Good, the Bad, and the Dangerous

Just like with using open source, organizations need to be diligent about testing AI components and understanding where and how it is used in their software.

Microsoft Flushes Out 'Ncurses' Gremlins

The maintainers of the widely used library recently patched multiple memory corruption vulnerabilities that attackers could have abused to, ahem, curse targets with malicious code and escalate privileges.

Why Shared Fate is a Better Way to Manage Cloud Risk

The shared responsibility model was good enough to cover the first years of the cloud revolution, but the model is showing its limitations. Shared fate is a more mature model for the future of cloud security.

Armis Launches Armis Centrix™, the AI-powered Cyber Exposure Management Platform

Greater Manchester Police Hack Follows Third-Party Supplier Fumble

This incident bears notable resemblance to an attack that occurred just last month affecting London's Metropolitan Police, raising concerns over UK cybersecurity safeguards for public safety.

Microsoft Teams Hacks Are Back, As Storm-0324 Embraces TeamsPhisher

Collaboration apps are a boost to business productivity, but also a uniquely attractive target for cyberattackers.

Zero-Click iPhone Exploit Drops Pegasus Spyware on Exiled Russian Journalist

The exploit is one of many that government and intelligence agencies have to infect target devices with the notorious surveillance tool.

MGM, Caesars File SEC Disclosures on Cybersecurity Incidents

Pursuant to new regulation, both gaming companies reported recent cyber incidents to the SEC.

Cybercriminals Use Webex Brand to Target Corporate Users

The false advertisement has been left up for days, flying under the radar by managing to adhere to Google Ads' policies.

Cuba Ransomware Gang Continues to Evolve With Dangerous Backdoor

The Russian-speaking ransomware gang continues to update its tactics while managing to steal highly sensitive information from its victims.

Stealer Thugs Behind RedLine & Vidar Pivot to Ransomware

In a notable shift in strategy, the threat actors are abusing code-signing certificates to spread a double whammy of infostealers and ransomware payloads.

How to Transform Security Awareness Into Security Culture

Leverage the human layer as a crucial cog in building cyber resilience within the organization.

Professional Sports: The Next Frontier of Cybersecurity?

Sports teams, major leagues, global sporting associations, and entertainment venues are all home to valuable personal and business data. Here's how to keep them safe.

'Scattered Spider' Behind MGM Cyberattack, Targets Casinos

The ransomware group is a collection of young adults, and also recently breached Caesars Entertainment and made a ransom score in the tens of millions range.

Claroty Unveils Vulnerability & Risk Management Capabilities to Elevate Risk Reduction for Cyber-Physical Systems

NordVPN Launches Sonar to Prevent Phishing Attacks

Federal Mandates on Medical-Device Cybersecurity Get Serious

In October, the US Food and Drug Administration will start rejecting medical devices that lack a secure design or a post-market cybersecurity plan.

Microsoft Azure HDInsight Plagued With XSS Vulnerabilities

To boot, the technology could be riddled with other flaws via its Apache services components, a security vendor says.

When LockBit Ransomware Fails, Attackers Deploy Brand-New '3AM'

Nothing good happens after 2 a.m., they say, especially when hackers have two kinds of ransomware at their disposal.

Recent Rhysida Attacks Show Focus on Healthcare By Ransomware Actors

The operators of the Rhysida ransomware-as-a-service have claimed credit for a crippling attack on Mississippi's Singing River health system.

Microsoft Patches a Pair of Actively Exploited Zero-Days

Five critical bugs, zero-days exploited in the wild, Exchange Server, and more headline Microsoft's September 2023 Patch Tuesday release. Here's what to patch now.

China's Winnti APT Compromises National Grid in Asia for 6 Months

Attacks against critical infrastructure are becoming more commonplace and, if a recent PRC-sponsored attack is anything to go by, easier to pull off.

Israeli Hospital Hit By Ransomware Attack, 1TB Data Stolen

Vital medical equipment was unaffected, but attackers stole and leaked lots of personal data.

MGM Resorts Cyberattack Hobbles Las Vegas Strip Operations

Hospitality behemoth struggles to recover following a Sunday cyber incident that looks a lot like a ransomware attack.

ChatGPT Jailbreaking Forums Proliferate in Dark Web Communities

By code or by command, cybercriminals are circumventing ethical and safety restrictions to use generative AI chatbots in the way that they want.

The Double-Edged Sword of Cyber Espionage

State-sponsored attacks are alarming and difficult to prevent, but they suffer from a fundamental weakness that can be leveraged by defenders.

'Anonymous Sudan' Sets Its Sights on Telegram in DDoS Attack

Telegram has not stated why it has suspended the group's primary account, but it is likely due to its use of bots.

Iran's Charming Kitten Pounces on Israeli Exchange Servers

Archrivals face off in the cyber plane, as opportunistic hackers prey on the unpatched and generally negligent.

Being Flexible Can Improve Your Security Posture

Changing your approach when you realize you could be more efficient pays dividends, especially in six areas of your cybersecurity program.

'Steal-It' Campaign Uses OnlyFans Models as Lures

Custom PowerShell scripts are being deployed against geofenced targets in Australia, Belgium, and Poland to exfiltrate data.

Iranian APT Hits US Aviation Org via ManageEngine, Fortinet Bugs

Known security vulnerabilities in the enterprise products allowed unauthorized access through a public-facing application, US Cyber Command said.

Attackers Abuse Google Looker Studio to Evade DMARC, Email Security

Cyberattackers are tapping the legitimacy of the Web-based data-visualization tool in a campaign aimed at stealing credentials and defrauding hundreds of business users.

Overcoming the Rising Threat of Session Hijacking

Passkeys and multifactor authentication aren't enough for combating infostealer malware, which can exfiltrate corporate data before anyone knows an attack happened.

Microsoft, Google Take on Obsolete TLS Protocols

Google shortened the lifetime of Transport Layer Security (TLS) certificates, and Microsoft plans to downgrade support for older versions, giving companies more data security but also removing visibility into their own traffic.

3 Ways to Expand the Cyber Talent Pool From Splash Pad to Watering Hole

Why — and how — "unqualified" candidates will fill the reservoir with the security workers America is thirsty for.

'Evil Telegram' Spyware Campaign Infects 60K+ Mobile Users

Legitimate-seeming Telegram "mods" available in the official Google Play store for the encrypted messaging app signal the rise of a new enterprise threat.

Software Supply Chain Strategies to Parry Dependency Confusion Attacks

Bad actors practice to deceive package managers with a tangled web of methods. Here's how to hoist them by their own petard.

Security for Multicloud and Hybrid Cloud Environments

In multicloud environments, security challenges are most common at the connecting points between different clouds. Internal cloud security skill sets and cloud-native security tools are also key.

Apple Hit By 2 No-Click Zero-Days in Blastpass Exploit Chain

Researchers at Citizen Lab recommend immediately updating any iPhones and iPads to the latest OSes.

NFL Security Chief: Generative AI Threats a Concern as New Season Kicks Off

Deepfake videos and audio of NFL players and phishing communications via ChatGPT-like tools are a worry, the NFL's CISO says.

Weaponized Windows Installers Target Graphic Designers in Crypto Heist

Attackers use legitimate Windows installer to hide malicious scripts that install a backdoor and miners that leverage victims' graphics processing power.

How New SEC Rules Can Benefit Cybersecurity Teams

Securities and Exchange Commission rules elevate cybersecurity to a critical strategic concern and compel businesses to prioritize cyber resilience.

Coding Tips to Sidestep JavaScript Vulnerabilities

This Tech Tip focuses on best security practices to write secure JavaScript code.

Cybersecurity Builds Trust in Critical Infrastructure

Improving an energy company's resistance to cyberattack does more than protect vital resources — it enhances trust from customers and investors.

W3LL Gang Compromises Thousands of Microsoft 365 Accounts

A secretive phishing cabal boasts a sophisticated affiliate network and a modular, custom toolset that's claiming victims on three continents.

AtlasVPN Linux Zero-Day Disconnects Users, Reveals IP Addresses

All it takes is a simple copy-paste to undo a VPN service used by millions worldwide.

MinIO Attack Showcases Fresh Corporate Cloud Attack Vector

The open source object storage service was the target of a never-before-seen attack on corporate cloud services, which researchers said should put DevOps in particular on notice.

Russia's 'Fancy Bear' APT Targets Ukrainian Energy Facility

The group, best known for 2016 US election interference and other attacks on Ukraine, used phishing emails offering pictures of women to lure its victim into opening a malicious attachment.

Hornetsecurity Releases 365 Total Protection Plan 4 for Microsoft 365

GhostSec Leaks Source Code of Alleged Iranian Surveillance Tool

GhostSec has made what the source code for what it calls a powerful surveillance tool openly available in a 26GB file, but FANAP denies its legitimacy.

Russia Undertakes Disinformation Campaign Across Africa

Following coups in some African nations, Russia is exploiting the instability with the manipulation of media channels to stoke anti-French sentiment, among other things.

How Companies Can Cope With the Risks of Generative AI Tools

To benefit from AI yet minimize risk, companies should be cautious about information they share, be aware of AI's limitations, and stay vigilant about business implications.

Name That Edge Toon: Prized Possessions

Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.

As LotL Attacks Evolve, So Must Defenses

Because living-off-the-land (LotL) attacks masquerade as frequently used, legitimate companies, they are very difficult to block and detect.

Realism Reigns on AI at Black Hat and DEF CON

Realistic expectations and caution began to replace wonder and confusion for generative AI at the recent security industry gatherings.

Facing Third-Party Threats With Non-Employee Risk Management

As businesses continue to grapple with third-party threats, a revamped approach to non-employee risk management can help limit their potential exposure.

AI for Good: Voxel AI Tech Increases Funding to $30M With Strategic Funding Round

US Government Denies Blocking Sales of AI Chips to Middle East

Nvidia and AMD do face expanded export rules for their A100 and H100 artificial intelligence (AI) chips in the Middle East, but it's not yet clear why.

Key Group Ransomware Foiled by New Decryptor

Researchers crack Key Group's ransomware encryption and release free tool for victim organizations to recover their data.

NYC Subway Disables Trip-History Feature Over Tap-and-Go Privacy Concerns

The move by New York's Metropolitan Transit Authority (MTA) follows a report that showed how easy it is for someone to pull up another individual's seven-day ride history through the One Metro New York (OMNY) website.