US Leads 40-Country Alliance to Cut Off Ransomware Payments

The parties within the International Counter Ransomware Initiative intend to use information-sharing tools and AI to achieve their goals of cutting off the financial resources of threat actors.

'Prolific Puma' Hacker Gives Cybercriminals Access to .us Domains

Cybercriminals are upping their phishing with shortened links and showing that coveted, regulated top-level domains aren't as exclusive as you'd think.

Arid Viper Camouflages Malware in Knockoff Dating App

The APT group uses updates from the app to get the user to download the malware.

Survey: AppSec Maturity Hindered by Staffing, Budgets, Vulnerabilities

Report highlights the challenges impeding the applications industry from achieving AppSec maturity.

Biden's Artificial Intelligence Executive Order Covers Broad Concerns

The executive order is ambitious and seeks to protect a variety of different groups who are most at risk from the irresponsible use of AI.

Boeing Breached by Ransomware, LockBit Gang Claims

LockBit gives Boeing a Nov. 2 deadline to pay the ransom, or have its sensitive documents leaked to the public, but it hasn't given evidence of the compromise.

UAE Bolsters Cyber Future With US Treasury Partnership, Collaborations

A determination to be taken seriously as a cyber player sees the United Arab Emirates announce a series of collaborations.

What the Bionic Acquisition Can Bring to CrowdStrike

CrowdStrike is moving deeper into application security with its agreement to acquire Bionic, provider of ASPM technology that proactively scans software in production for vulnerabilities.

Getting Smart With Cybersecurity: AI Can Help the Good Guys, Too

With the rapid advancement and adoption of artificial intelligence (AI) in cybersecurity, the benefits of speed and accuracy are becoming clearer every day.

Securing Cloud Identities to Protect Assets and Minimize Risk

Preventative security should be driven by data and risk assessment, not compliance.

Safari Side-Channel Attack Enables Browser Theft

The "iLeakage" attack affects all recent iPhone, iPad, and MacBook models, allowing attackers to peruse your Gmail inbox, steal your Instagram password, or scrutinize your YouTube history.

Octo Tempest Group Threatens Physical Violence as Social Engineering Tactic

The financially motivated English-speaking threat actors use advanced social engineering techniques, SIM swapping, and even threats of violence to breach targets.

Understand the True Cost of a UEM Before Making the Switch

When investing in a unified endpoint management solution, prioritize the needs of your network and users ahead of brand names. This Tech Tip focuses on questions to ask.

Rockwell's Verve Buy Enlivens Critical Infrastructure Security

The industrial automation giant agrees to buy Verve Industrial Protection, joining in an ICS trend of bringing cybersecurity capabilities in-house to keep up with attackers.

Iran APT Targets the Mediterranean With Watering-Hole Attacks

Nation-state hackers are using hybrids to ensnare those in the maritime, shipping, and logistics industries.

Microsoft: 0ktapus Cyberattackers Evolve to 'Most Dangerous' Status

The English-speaking cyberattack group behind the MGM and Caesars Entertainment attacks is adding unique capabilities and gaining in sophistication. Prepare now, Microsoft says.

Longer Support Periods Raise the Bar for Mobile Security

With Google's announcement of seven years of support, other smartphone makers risk falling behind.

As Citrix Urges Its Clients to Patch, Researchers Release an Exploit

In the race over Citrix's latest vulnerability, the bad guys have a huge head start, with broad implications for businesses and critical infrastructure providers worldwide.

Virtual Alarm: VMware Issues Major Security Advisory

VMWare vCenter Servers need immediate patch against critical RCE bug as race against threat actors begins.

Kazakh Attackers, Disguised as Azerbaijanis, Hit Former Soviet States

The YoroTrooper group claims to be from Azerbaijan and even routes its phishing traffic through the former Soviet republic.

Cybersecurity Awareness Doesn't Cut It; It's Time to Focus on Behavior

We have too much cybersecurity awareness. It's time to implement repeatable, real-world practice that ingrains positive habits and security behaviors.

Former NSA Employee Faces Life in Prison After Espionage Attempt

The ex-employee claimed that he believed the shared information would benefit Russia and harm the US.

Do Small Companies Need Fractional AppSec Teams Akin to vCISOs?

Zatik takes a fractional approach to AppSec leadership to help small firms access the expertise they need to build secure-by-design software.

Strengthening Oman's Economic Backbone

Creating a new regulatory framework to better secure Oman's banking system against future attacks.

Ragnar Locker Ransomware Boss Arrested in Paris

Cops track down ransomware developer and seize Ragnar Locker infrastructure and data-leak site, Europol says.

Malicious Apps Spoof Israeli Attack Detectors: Conflict Goes Mobile

A spoofed version of an Israeli rocket-attack alerting app is targeting Android devices, in a campaign that shows how cyber-espionage attacks are shifting to individual, everyday citizens.

Freelance Market Flooded With North Korean IT Actors

US DoJ: Beware of hiring freelance and temporary workers that could be operatives working to funnel money to North Korea's WMD program.

Telling Small Businesses to Buy Cyber Insurance Isn't Enough

To protect themselves from threats, companies also need proactive cybersecurity.

FedRAMP Rev. 5: How Cloud Service Providers Can Prepare

What cloud service providers need to know to prepare for FedRAMP Baselines Rev. 5, as documented in the new Transition Guide.

Cisco Finds New Zero Day Bug, Pledges Patches in Days

A patch for the max severity zero-day bug tracked as CVE-2023-20198 is coming soon, but the bug has already led to the compromise of tens of thousands of Cisco devices. And now, there's a new unpatched threat.

DoD Gets Closer to Nominating Cyber Policy Chief

Though there is speculation regarding potential candidates, the Department of Defense will likely not nominate someone in the near term.

Ducktail Infostealer, DarkGate RAT Linked to Same Threat Actors

Vietnamese cybercrime groups are using multiple different MaaS infostealers and RATs to target the digital marketing sector.

SIM Card Ownership Slashed in Burkina Faso

Users could hold up to five SIM cards previously, but now they can only have two; it's a move that the government says is intended to cut down mobile spam levels.

Europol Strike Wounds Ragnar Locker Ransomware Group

Several countries in Europe as well as the United States and Japan were involved in the operation, which is aimed at defanging one of the bigger names in ransomware.

Tips for a Successful SecOps Game Plan

Dark Reading's special report on SecOps data analytics looks at the elements needed to set up a proper data foundation. Getting the data right when collecting, aggregating, and analyzing it is essential.

AI-Powered Israeli 'Cyber Dome' Defense Operation Comes to Life

The Israelis are building a cyber defense system that will use ChatGPT-like generative AI platforms to parse threat intelligence.

Q&A: The Outlook for Israeli Cyber Startups, As War Clouds Gather

Amid the burgeoning war, Israel's tech sector is focused on resilience. Ofer Schreiber, senior director at YL Ventures, weighs in on the conflict, funding for cybersecurity startups, overblown valuations, and what the future holds.

OCP Launches SAFE to Standardize Firmware Audits

Under the Security Appraisal Framework and Enablement (SAFE) program, device manufacturers would be able to work with approved auditors to verify firmware.

The Most Popular IT Admin Password Is Totally Depressing

Analysis of more than 1.8 million admin portals reveals IT leaders, with the highest privileges, are just as lazy about passwords as everyone else.

EPA Turns Off Taps on Water Utility Cyber Regulations

Facing a potential cascade of legal challenges from industry groups and state attorneys general, the EPA has rescinded its cyber-rules. But where does that leave local water safety?

Chatbot Offers Roadmap for How to Conduct a Bio Weapons Attack

Once ethics guardrails are breached, generative AI and LLMs could become nearly unlimited in its capacity to enable evil acts, researchers warn.

UAE, US Partner to Bolster Financial Services Cybersecurity

The two countries agree to share financial services information and provide cross-border training and best practices.

Zero-Day Alert: 10K Cisco IOS XE Systems Now Compromised

Just a day after Cisco disclosed CVE-2023-20198, it remains unpatched, and one vendor says a Shodan scan shows at least 10,000 Cisco devices with an implant for arbitrary code execution on them. The vendor meanwhile has updated the advisory with more mitigation steps.

‘Etherhiding’ Blockchain Technique Hides Malicious Code in WordPress Sites

The ClearFake campaign uses fake browser updates to lure victims and spread RedLine, Amadey, and Lumma stealers.

Critical, Unpatched Cisco Zero-Day Bug Is Under Active Exploit

No patch or workaround is currently available for the maximum severity flaw, which allows attackers to gain complete administrator privilege on affected devices remotely and without authentication.

'RomCom' Cyber Campaign Targets Women Political Leaders

A threat group known as "Void Rabisu" used a spoofed Women Political Leaders Summit website to target attendees to the actual conference with espionage malware.

Name That Toon: Modern Monarchy

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Pro-Israeli Hacktivist Group Predatory Sparrow Reappears

It's been a year since its last communication and attack on Iran — but the conflict with Hamas appears to have reactivated the group.

How Data Changes the Cyber-Insurance Market Outlook

By using data to drive policy underwriting, cyber-insurance companies can offer coverage without a price tag that drives customers away.

3 Essential Steps to Strengthen SaaS Security

SaaS security is broad, possibly confusing, but undeniably crucial. Make sure you have the basics in place: discovery, risk assessment, and user access management.

Security Pros Warn that EU's Vulnerability Disclosure Rule is Risky

The European Union's Cyber Resilience Act's requirement to disclose vulnerabilities within 24 hours of exploitation could potentially expose organizations to attacks from adversaries or government surveillance.

Gaza Conflict Paves Way for Pro-Hamas Information Operations

Mandiant's John Hultquist says to expect anti-Israel influence and espionage campaigns to ramp up as the war grinds on.

DigiCert Announces Comprehensive Discovery of Cryptographic Assets

BlackBerry Unveils Next-Generation UEM Redefining the Endpoint Management Market

Brands Beware: X's New Badge System Is a Ripe Cyber-Target

Scammers have targeted the vaunted blue check marks on the platform formerly known as Twitter, smearing individuals and brands alike.

Microsoft Set to Retire Grunge-Era VBScript, to Cybercrime's Chagrin

Popular malware like QakBot and DarkGate rely on VBScript, which dates back to 1996 — but their days are numbered now that Microsoft is finally deprecating the Windows programming. language.

Simpson Manufacturing Launches Investigation After Cyberattack

The company has taken down its systems in an effort to determine the scope of the attack.

The Cyberwar Between the East and the West Goes Through Africa

By working cooperatively, the West and Africa can mobilize to tackle nation-state-backed cyber threats.

Chinese 'Stayin' Alive' Attacks Dance Onto Targets With Dumb Malware

A sophisticated APT known as "ToddyCat," sponsored by Beijing, is cleverly using unsophisticated malware to keep defenders off their trail.

Curl Bug Hype Fizzles After Patching Reveal

Touted for days as potentially catastrophic, the curl flaws only impact a narrow set of deployments.

Microsoft: Chinese APT Behind Atlassian Confluence Attacks; PoCs Appear

Organizations should brace for mass exploitation of CVE-2023-22515, an uber-critical security bug that opens the door to crippling supply chain attacks on downstream victims.

Gaza Conflict: How Israeli Cybersecurity Will Respond

The Israeli-Hamas war will most assuredly impact businesses when it comes to ramped-up cyberattacks. Experts say that Israel's considerable collection of cybersecurity vendors be a major asset on the cyber-front.

Addressing a Breach Starts With Getting Everyone on the Same Page

The best incident-response plans cover contingencies and are fine-tuned in stress tests to ensure collaboration, remediation, and recovery efforts align.

Reassessing the Impacts of Risk Management With NIST Framework 2.0

The latest NIST Cybersecurity Framework draft highlights four major themes that organizations should pay attention to for managing risk.

New One-Click Exploit Is a Supply Chain Risk for Linux OSes

An overlooked library contains a vulnerability that could enable full remote takeover simply by clicking a link.

Internet-Wide Zero-Day Bug Fuels Largest-Ever DDoS Event

Ongoing Rapid Reset DDoS flood attacks exposed organizations need to patch CVE-2023-44487 immediately to head off crippling outages and business disruption.

Hackers For Hire Hit Both Sides in Israel-Hamas Conflict

DDoS for hire and live attacks hit both sides as cyber campaigns continue.

How Keyloggers Have Evolved From the Cold War to Today

Keyloggers have been used for espionage since the days of the typewriter, but today's threats are easier to get and use than ever.

North Korea's State-Sponsored APTs Organize & Align

An unprecedented collaboration by various APTs within the DPKR makes them harder to track, setting the stage for aggressive, complex cyberattacks that demand strategic response efforts, Mandiant warns.

Old-School Attacks Are Still a Danger, Despite Newer Techniques

The cold, hard truth? Cybercriminals are still perpetuating plenty of unsophisticated attacks for a simple reason: They work.

Hacktivists Enter Fray Following Hamas Strikes Against Israel

Killnet, Anonymous Sudan, along with other groups, pick up up their Middle East activities as war breaks out.

'Looney Tunables' Linux Flaw Sees Snowballing Proof-of-Concept Exploits

Following the publication of the critical Linux security vulnerability, security specialists released PoC exploits to test the implications of CVE-2023-4911.

Operation Behind Predator Mobile Spyware Is 'Industrial Scale'

The Intellexa alliance has been using a range of tools for intercepting and subverting mobile and Wi-Fi technologies to deploy its surveillance tools, according to an investigation by Amnesty International and others.

Patch Now: Massive RCE Campaign Wrangles Routers Into Botnet

Thousands of devices, including D-Link and Zyxel gear, remain vulnerable to takeover despite the availability of patches for the several bugs being exploited by IZ1H9 campaign.

Cybersecurity Talent in America: Bridging the Gap

It's past time to reimagine how to best nurture talent and expand recruiting and training to alleviate the shortage of trained cybersecurity staff. We need a diverse talent pool trained for tomorrow's challenges.

The Need for Speed: When Cloud Attacks Take Only 10 Minutes

Security sensors are common in the home for both prevention and response in the event something goes wrong. But in the cloud, have you taken the same approach?

Google, Yahoo Push DMARC, Forcing Companies to Catch Up

The move means that DMARC, already in use by half of enterprises, will become table stakes for anyone using email for marketing.

Too Rich To Ransomware? MGM Brushes Off $100M in Losses

MGM wins big bet that days of operations outages is better business than paying a ransom, following last month's data breach.

Predictive Analysis Can Reduce Risks Associated With Data Breaches

Cybersecurity Funding Rises by 21% in Q3 2023, Pinpoint Search Group's Report Indicates

Suspected Crime Gang Hacks Israeli President's Telegram Account

The encrypted messaging app was hacked in the wake of an online scam before access was "swiftly restored."

Quash EDR/XDR Exploits With These Countermeasures

With tools and hacker groups constantly evading defenses, expanding cybersecurity beyond endpoint security becomes crucial.

Legions of Critical Infrastructure Devices Subject to Cyber Targeting

Nearly 100,000 ICS devices have been found open to the public Internet, potentially threatening physical safety globally. Here's how to quantify the risk.

Madagascar Drops Predator Spyware on Citizens in Watering Hole Attack

The Predator spyware was distributed by dropping malicious links inside typosquatted facsimiles of news websites.

Stealthy, Thieving Python Packages Slither Onto Windows Systems

A campaign that's been active since April has already racked up nearly 75,000 downloads, stealing data and cryptocurrency in the process.

Critical 'ShellTorch' Flaws Light Up Open Source AI Users, Like Google

The vulnerabilities exist in the widely used TorchServe framework, used by Amazon, Google, Walmart, and many other heavy hitters.

Unkillable? Qakbot Infections Fly On Even After Its High-Profile Raid

A literal seven-nation (cyber) army wasn't enough to hold back the famous initial access broker (IAB) for long — it's been chugging along, spreading ransomware, despite a massive takedown in August.

Mitiga Secures Strategic Investment From Cisco

Breaches Are the Cost of Doing Business, but NIST Is Here to Help

Treating the NIST Cybersecurity Framework as a business requirement is a strong step toward preventing breaches.

Turnkey Rootkit for Amateur Hackers Makes Supply Chain Attacks Easy

It's never been easier to hide malware in plain sight in open source software package repositories, and "DiscordRAT 2.0" now makes it easy to take advantage of those who stumble upon it.

Patch Confusion for Critical Exim Bug Puts Email Servers at Risk--Again

Defenders have been left scrambling after the way patches were released for six flaws in the open source mail server, which is the most popular mail transfer agent on the Internet.

Russian Hacktivism Takes a Toll on Organizations in Ukraine, EU, US

Russian hacktivist attacks are mostly for show, but sometimes they cause serious damage and are poised to begin getting worse.

Gartner Forecasts Global Security and Risk Management Spending to Grow 14% in 2024

USPS Anchors Snowballing Smishing Campaigns

Researchers found 164 domains connected to a single threat actor located in Tehran.

North Korea Poses as Meta to Deploy Complex Backdoor at Aerospace Org

The Lazarus Group's "LightlessCan" malware executes multiple native Windows commands within the RAT itself, making detection significantly harder, security vendor says.

FBI: Crippling 'Dual Ransomware Attacks' on the Rise

Once they compromise an victim with an initial ransomware attack, threat actors are ready to deploy a secondary attack with a different strain, which could leave even more damage.

Addressing AI and Security Challenges With Red Teams: A Google Perspective

Red Teams can help organizations better understand vulnerabilities and secure critical AI deployments.

Which DFIR Challenges Does the Middle East Face?

Demand for digital forensics and incident response (DFIR) surges in the Middle East, a new IDC report finds. Is automation the answer?

Making Sense of Today's Payment Cybersecurity Landscape

PCI DSS v4.0 is the future of the payment card industry's information security standard, but businesses must continue to look beyond this guidance and engage in proactive strategies of their own.

The Silent Threat of APIs: What the New Data Reveals About Unknown Risk

The rapid growth of APIs creates a widening attack surface and increasing unknown cybersecurity risks.