Cybersecurity Lags in Middle East Business Development

The fast growing region has its own unique cyber issues — and it needs its own talent to fight them.

6 AI-Related Security Trends to Watch in 2025

AI tools will enable significant productivity and efficiency benefits for organizations in the coming year, but they also will exacerbate privacy, governance, and security risks.

Chinese State Hackers Breach US Treasury Department

In what's being called a 'major cybersecurity incident,' Beijing-backed adversaries broke into cyber vendor BeyondTrust to access US Department of Treasury workstations and steal unclassified data, according to a letter sent to lawmakers.

How to Get the Most Out of Cyber Insurance

Cyber insurance should augment your cybersecurity strategy — not replace it.

What Security Lessons Did We Learn in 2024?

Proactive defenses, cross-sector collaboration, and resilience are key to combating increasingly sophisticated threats.

Deepfakes, Quantum Attacks Loom Over APAC in 2025

Organizations in the region should expect to see threat actors accelerate their use of AI tools and mount ongoing "harvest now, decrypt later" attacks for various malicious use cases.

Defining & Defying Cybersecurity Staff Burnout

Sometimes it feels like burnout is an inevitable part of working in cybersecurity. But a little bit of knowledge can help you and your staff stay healthy.

Quantum Computing Advances in 2024 Put Security In Spotlight

The work on quantum computing hit some major milestones in 2024, making the path to a workable quantum computer seem closer than ever. Google, Microsoft, and other research efforts hit significant milestones this year, but is the cybersecurity world ready?

SEC Disclosures Up, But Not Enough Details Provided

While companies have responded to the new SEC rules by disclosing incidents promptly, many of the reports don't meet the SEC's "material" standard.

Emerging Threats & Vulnerabilities to Prepare for in 2025

From zero-day exploits to 5G network vulnerabilities, these are the threats that are expected to persist over the next 12 months.

DDoS Attacks Surge as Africa Expands Its Digital Footprint

As organizations on the continent expand their use of digital technologies, they increasingly face many of the same threats that entities in other regions have had to deal with for years.

Too Much 'Trust,' Not Enough 'Verify'

"Zero trust" doesn't mean "zero testing."

Trump 2.0 Portends Big Shift in Cybersecurity Policies

Changes at CISA and promises of more public-private partnerships and deregulation are just a few ways the incoming administration could upend the feds' role in cybersecurity.

DNSSEC Denial-of-Service Attacks Show Technology's Fragility

The security extensions for the Domain Name System aimed to make the Internet more reliable, but instead the technology has exchanged one set of problems for another.

Non-Human Identities Gain Momentum, Requires Both Management, Security

The number of Non-Human Identities (NHIs) in many organizations has exploded. Key trends, drivers, and market landscape in this fast-developing area are explored.

Name That Toon: Sneaking Around

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card.

How CISOs Can Communicate With Their Boards Effectively

With the increased frequency of board reporting, CISOs need to ensure their interactions are brief, productive, and valuable.

Middle East Cyberwar Rages On, With No End in Sight

Since October 2023, cyberattacks among countries in the Middle East have persisted, fueled by the conflict between Israel and Hamas, reeling in others on a global scale.

LockBit Ransomware Developer Arrested in Israel

Dual Russian-Israeli national Rostislav Panev was arrested last August and is facing extradition to the US for playing a critical role in LockBit's RaaS activities, dating back to the ransomware gang's origins.

US Ban on TP-Link Routers More About Politics Than Exploitation Risk

While a number of threat groups have used TP-Link bugs to infiltrate networks, a proposed ban of the company's popular routers is more about geopolitics than actual cybersecurity — and that may not be a bad thing.

Managing Threats When Most of the Security Team Is Out of the Office

During holidays and slow weeks, teams thin out and attackers move in. Here are strategies to bridge gaps, stay vigilant, and keep systems secure during those lulls.

Fortinet Addresses Unpatched Critical RCE Vector

Fortinet has patched CVE-2023-34990 in its Wireless LAN Manager (FortiWLM), which combined with CVE-2023-48782 could allow for unauthenticated remote code execution (RCE) and the ability to read all log files.

Orgs Scramble to Fix Actively Exploited Bug in Apache Struts 2

A newly discovered vulnerability, CVE-2024-53677, in the aging Apache framework is going to cause major headaches for IT teams, since patching isn't enough to fix it.

Recorded Future: Russia's 'Undesirable' Designation Is a Compliment

The threat intelligence business, which is set to be acquired by Mastercard for billions, is officially vendor non grata in Putin's regime.

Manufacturers Lose Azure Creds to HubSpot Phishing Attack

Cyberattackers used fake DocuSign links and HubSpot forms to try to solicit Azure cloud logins from hundreds of thousands of employees across Europe.

Wallarm Releases API Honeypot Report Highlighting API Attack Trends

Wald.ai Launches Data Loss Protection for AI Platforms

The cybersecurity startup's data loss protection platform uses contextual redaction to help organizations safely use private business information across AI platforms.

Texas Tech Fumbles Medical Data in Massive Breach

The cyberattack impacts at least 1.4 million patients, as tranches of highly sensitive personal, medical, and financial data fall into the hands of cyber crooks who have everything they need to carry out convincing social engineering and fraud attacks.

CISA Directs Federal Agencies to Secure Cloud Environments

Actions direct agencies to deploy specific security configurations to reduce cyber-risk.

Delinea Joins CVE Numbering Authority Program

Citizen Development Moves Too Fast for Its Own Good

While low-code/no-code tools can speed up application development, sometimes it's worth taking a slower approach for a safer product.

Microsoft Teams Vishing Spreads DarkGate RAT

A thwarted attack demonstrates that threat actors using yet another delivery method for the malware, which already has been spread using phishing emails, malvertising, hijacking of instant messages, and SEO poisoning.

Cleo MFT Zero-Day Exploits Are About Escalate, Analysts Warn

Defenders running the Cleo managed file transfer are urged to be on the lookout for the Cleopatra backdoor and other indicators of an ongoing ransomware campaign, as patching details remain foggy, and no CVE has been issued.

With 'TPUXtract,' Attackers Can Steal Orgs' AI Models

A new side-channel attack method is a computationally practical way to infer the structure of a convolutional neural network — meaning that cyberattackers or rival companies can plagiarize AI models and take their data for themselves.

Test Your Cyber Skills With the SANS Holiday Hack Challenge

Open to players of all skill levels, the "Snow-mageddon" cybersecurity competition takes place in the world of Santa, elves, and Christmas mayhem.

IoT Cloud Cracked by 'Open Sesame' Over-the-Air Attack

Researchers demonstrate how to hack Ruijie Reyee access points without Wi-Fi credentials or even physical access to the device.

Europol Cracks Down on Holiday DDoS Attacks

In Operation PowerOFF, global authorities aim to deter individuals from engaging in malicious cyber acts.

Efforts to Secure US Telcos Beset by Salt Typhoon Might Fall Flat

The rules necessary to secure US communications have already been in place for 30 years, argues Sen. Wyden, the FCC just hasn't enforced them. It's unclear if they will help.

Chinese Hacker Pwns 81K Sophos Devices With Zero-Day Bug

The US State Department has offered a $10 million reward for Guan Tianfeng, who has been accused of developing and testing a critical SQL injection flaw with a CVSS score of 9.8 used in Sophos attacks.

Krispy Kreme Doughnut Delivery Gets Cooked in Cyberattack

Threat actors punch holes in the company's online ordering systems, tripping up doughnut deliveries across the US after a late November breach.

Symmetrical Cryptography Pioneer Targets the Post-Quantum Era

Researchers at Cavero have created a correlating numbers mechanism, adding a layer of privacy that even threat actors can't gain enough information to breach.

Researchers Crack Microsoft Azure MFA in an Hour

A critical flaw in the company's rate limit for failed sign-in attempts allowed unauthorized access to a user account, including Outlook emails, OneDrive files, Teams chats, Azure Cloud, and more.

Governments, Telcos Ward Off China's Hacking Typhoons

Infiltrating other nations' telecom networks is a cornerstone of China's geopolitical strategy, and it's having the unintended consequence of driving the uptake of encrypted communications.

Actively Exploited Zero-Day, Critical RCEs Lead Microsoft Patch Tuesday

The zero-day (CVE-2024-49138), plus a worryingly critical unauthenticated RCE security vulnerability (CVE-2024-49112), are unwanted gifts for security admins this season.

'Termite' Ransomware Likely Behind Cleo Zero-Day Attacks

The threat actor group recently took credit for a similar attack on Blue Yonder that affected multiple organizations, including Starbucks.

Scottish Parliament TV at Risk From Deepfakes

Because the streaming service website offers no content restrictions, attackers are able to hijack and manipulate live streams.

Microsoft NTLM Zero-Day to Remain Unpatched Until April

The second zero-day vulnerability found in Windows NTLM in the past two months paves the way for relay attacks and credential theft. Microsoft has no patch, but released updated NTLM cyberattack mitigation advice.

Millionaire Airbnb Phishing Ring Busted Up by Police

Scammers set up call centers in luxury rentals to run bank help-desk fraud, as well as large-scale phishing campaigns, across at least 10 European countries, according to law enforcement.

Attackers Can Use QR Codes to Bypass Browser Isolation

Researchers demonstrate a proof-of-concept cyberattack vector that gets around remote, on-premises, and local versions of browser isolation security technology to send malicious communications from an attacker-controlled server.

Genetec Physical Security Report Shows Accelerating Hybrid Cloud Adoption

More than 4% of US attempted e-commerce transactions between Thanksgiving and Cyber Monday suspected to be fraudulent.

Large-Scale Incidents & the Art of Vulnerability Prioritization

We can anticipate a growing number of emerging vulnerabilities in the near future, emphasizing the need for an effective prioritization strategy.

Compromised Software Code Poses New Systemic Risk to U.S. Critical Infrastructure

New Fortress Information Security research shows 90% of software products used by critical infrastructure organizations contain code developed in China.

Texas Teen Arrested for Scattered Spider Telecom Hacks

An FBI operation nabbed a member of the infamous cybercrime group, who is spilling the tea on 'key Scattered Spider members' and their tactics.

Microsoft Expands Access to Windows Recall AI Feature

The activity-recording capability has drawn concerns from the security community and privacy experts, but the tech giant is being measured in its gradual rollout, which is still in preview mode.

Russia's 'BlueAlpha' APT Hides in Cloudflare Tunnels

Cloudflare Tunnels is just the latest legitimate cloud service that cybercriminals and state-sponsored threat actors are abusing to hide their tracks.

LLMs Raise Efficiency, Productivity of Cybersecurity Teams

AI-powered tools are making cybersecurity tasks easier to solve, as well as easier for the team to handle.

Russian FSB Hackers Breach Pakistan's APT Storm-0156

Parasitic advanced persistent threat Secret Blizzard accesses another APT's infrastructure and steals what it has stolen from South Asian government and military targets.

Pegasus Spyware Infections Proliferate Across iOS, Android Devices

The notorious spyware from Israel's NSO Group has been found targeting journalists, government officials, and corporate executives in multiple variants discovered in a threat scan of 3,500 mobile phones.

KnowBe4 Releases the Latest Phishing Trends in Q3 2024 Phishing Report

Decade-Old Cisco Vulnerability Under Active Exploit

Cisco encourages users to update to an unaffected version of its Adaptive Security Appliance (ASA) software since there are no workarounds for the 2014 vulnerability.

Cyber-Unsafe Employees Increasingly Put Orgs at Risk

Too much access and privilege, plus a host of unsafe cyber practices, plague most workplaces, and the introduction of tools like GenAI will only make things worse.

Interpol Cyber-Fraud Action Nets More Than 5K Arrests

Chalk up another win for global cooperation among law enforcement, this time targeting seven types of cyber fraud, including voice phishing and business email compromise.

AWS Launches New Incident Response Service

AWS Security Incident Response will help security teams defend organizations from security threats such as account takeovers, breaches, and ransomware attacks.

Name That Edge Toon: Shackled!

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card.

Does Your Company Need a Virtual CISO?

With cybersecurity talent hard to come by and companies increasingly looking for guidance and best practices, virtual and fractional chief information security officers can make a lot of sense.

2 UK Hospitals Targeted in Separate Cyberattacks

Alder Hey Children's Hospital got hit with a ransomware attack, while the nature of an incident at Wirral University Teaching Hospital remains undisclosed.

Incident Response Playbooks: Are You Prepared?

The playbooks that accompany your incident response plan provide efficiency and consistency in responses, help reduce downtime and dwell time, and can be a cost-saving and reputational-saving measure for your organization.

Microsoft Boosts Device Security With Windows Resiliency Initiative

Microsoft is readying a new release of Windows in 2025 that will have significant security controls such as more resilient drivers and "self-defending" operating system kernel.

How AI Is Enhancing Security in Ridesharing

Whether it's detecting fraudulent activity, preventing phishing, or protecting sensitive data, AI is transforming cybersecurity in ridesharing.

Ransomware Gangs Seek Pen Testers to Boost Quality

Qualified applicants must be able to test ransomware encryption and find bugs that might enable defenders to jailbreak the malware.

'Operation Undercut' Adds to Russia Malign Influence Campaigns

Just like Russia's Doppelgänger effort, the goal is to spread misinformation about Ukraine and Western efforts to help Ukraine in its war with Russia.

Sneaky Skimmer Malware Targets Magento Sites Ahead of Black Friday

A stealthy JavaScript injection attack steals data from the checkout page of sites, either by creating a fake credit card form or extracting data directly from payment fields.

Geico, Travelers Fined $11.3M for Lax Data Security

New York state regulators punish insurers after cybercriminals illegally access customer info they then used to file scam unemployment claims during the COVID-19 pandemic.

Salt Typhoon Builds Out Malware Arsenal With GhostSpider

The APT, aka Earth Estries, is one of China's most effective threat actors, performing espionage for sometimes years on end against telcos, ISPs, and governments before being detected.

OpenSea Phishers Aim to Drain Crypto Wallets of NFT Enthusiasts

Cyberattackers have been targeting the online NFT marketplace with emails claiming to make an offer to a targeted user; in reality, clicking on a malicious link takes victims to a crypto-draining site.

BlackBasta Ransomware Brand Picks Up Where Conti Left Off

New analysis says law enforcement efforts against Russian-language ransomware-as-a-service (RaaS) infrastructure helped consolidate influence behind BlackBasta, but some experts aren't so sure the brand means that much.

Phishing Prevention Framework Reduces Incidents by Half

The anti-fraud plan calls for companies to create a pipeline for compiling attack information, along with formal processes to disseminate that intelligence across business groups.

Fancy Bear 'Nearest Neighbor' Attack Uses Nearby Wi-Fi Network

In a "new class of attack," the Russian APT breached a target in Washington, DC, by credential-stuffing wireless networks in close proximity to it and daisy-chaining a vector together in a resourceful and creative way, according to researchers.

Closing the Cybersecurity Career Diversity Gap

Diversity isn't just an issue of fairness — it's about operational excellence and ensuring we have the best possible teams defending our national security.

Faux ChatGPT, Claude API Packages Deliver JarkaStealer

Attackers are betting that the hype around generative AI (GenAI) is attracting less technical, less cautious developers who might be more inclined to download an open source Python code package for free access, without vetting it or thinking twice.

Yakuza Victim Data Leaked in Japanese Agency Attack

A local government resource for helping Japanese citizens cut ties with organized crime was successfully phished in a tech support scam, and could have dangerous consequences.

What Talent Gap? Hiring Practices Are the Real Problem

While the need for cybersecurity talent still exists, the budget may not. Here's how to maximize security staff despite hiring freezes.

Going Beyond Secure by Demand

Secure by Demand offers a starting point for third-party risk management teams, but they need to take the essential step of using a mature software supply chain security solution to ensure they're not blindly trusting a provider's software.

How a Mental Health Nonprofit Secures Endpoints for Compassionate Care

Consolidating endpoint management boosts cybersecurity while keeping an Oklahoma-based nonprofit focused on community mental health.

Cloud Security Startup Wiz to Acquire Dazz in Risk Management Play

Dazz's remediation engine will boost risk management in Wiz's cloud security portfolio.

Chinese APT Gelsemium Deploys 'Wolfsbane' Linux Variant

In a sign of the times, a backdoor malware whose ancestors date back to 2005 has morphed to target Linux systems.

Scattered Spider Cybercrime Members Face Prison Time

Four of the arrested individuals of the cybercriminal gang, known for hacking MGM and Caesars, are American, all of whom could face up to 27 years in prison for the charges against them.

How Can PR Protect Companies During a Cyberattack?

When a cybersecurity incident occurs, it's not just IT systems and data that are at risk — a company's reputation is on the line, too.

It's Near-Unanimous: AI, ML Make the SOC Better

Efficiency is the name of the game for the security operations center — and 91% of cybersecurity pros say AI and ML are winning that game.

China's 'Liminal Panda' APT Attacks Telcos, Steals Phone Data

In US Senate testimony, a CrowdStrike exec explained how this advanced persistent threat penetrated telcos in Asia and Africa, gathering SMS messages, unique identifiers, and other metadata along the way.

Alleged Ford 'Breach' Encompasses Auto Dealer Info

Cybersecurity investigators found the leaked data to be information from a third party, not Ford itself, that is already accessible to the public and not sensitive in nature.

SWEEPS Educational Initiative Offers Application Security Training

The secure coding curriculum was developed by University of California, Davis; University of Maryland Baltimore County; Worcester Polytechnic Institute; California Polytechnic State University-San Luis Obispo; Cosumnes River College; DARK Enterprises; and StrongAuth.

Linux Variant of Helldown Ransomware Targets VMware ESxi Systems

Since surfacing in August, the likely LockBit variant has claimed more than two dozen victims and appears poised to strike many more.

Russian Ransomware Gangs on the Hunt for Pen Testers

In further proof of the professionalization of Russian cybercriminal groups, ransomware gangs have been posting job ads for security positions such as pen testers, looking to boost their ransomware deployment operations.

'Phobos' Ransomware Cybercriminal Extradited From South Korea

According to the unsealed criminal charges, the operation is believed to have running for nearly four years.

Jen Easterly, CISA Director, to Step Down on Inauguration Day

Other Biden administration appointees at CISA will also submit their resignations on Jan. 20, as the cyberdefense agency prepares for President-elect Trump's new DHS director.

Akira Ransomware Racks Up 30+ Victims in a Single Day

Of the numerous victims, at least three refused to pay the demanded ransom, with the rest seemingly in talks with the cybercriminal group.

Palo Alto Networks Patches Critical Zero-Day Firewall Bug

The security vendor's Expedition firewall appliance's PAN-OS interface tool has racked up four critical security vulnerabilities under active attack in November, leading tit to advise customers to update immediately or and take them off the Internet.

Why the Demand for Cybersecurity Innovation Is Surging

Companies that recognize current market opportunities — from the need to safely implement revolutionary technology like AI to the vast proliferation of cyber threats — have remarkable growth prospects.

DHS Releases Secure AI Framework for Critical Infrastructure

The voluntary recommendations from the Department of Homeland Security cover how artificial intelligence should be used in the power grid, water system, air travel network, healthcare, and other pieces of critical infrastructure.

Microsoft Pulls Exchange Patches Amid Mail Flow Issues

Email at many organizations has stopped working; the tech giant has advised users who are facing the issue to uninstall the updates so that it can address flaw.

ChatGPT Exposes Its Instructions, Knowledge & OS Files

According to Mozilla, users have a lot more power to manipulate ChatGPT than they might realize. OpenAI hopes those manipulations remain within a clearly delineated sandbox.

Varonis Warns of Bug Discovered in PostgreSQL PL/Perl

Several versions of PostgreSQL are impacted, and customers will need to upgrade in order to patch.

The Vendor's Role in Combating Alert Fatigue

As alerts pile up, the complexity can overwhelm security professionals, allowing real threats to be missed. This is where vendors must step up.

Cloud Ransomware Flexes Fresh Scripts Against Web Apps

Cloud service providers are getting better at protecting data, pushing adversaries to develop new cloud ransomware scripts to target PHP applications, a new report says.

20% of Industrial Manufacturers are Using Network Security As a First Line of Defense

5 Ways to Save Your Organization From Cloud Security Threats

The shift to cloud means securing your organization's digital assets requires a proactive, multi-layered approach

Iranian Cybercriminals Target Aerospace Workers via LinkedIn

The group seeks out aerospace professionals by impersonating job recruiters — a demographic it has targeted in the past as well — then deploys the SlugResin backdoor malware.

Google AI Platform Bugs Leak Proprietary Enterprise LLMs

The tech giant fixed privilege-escalation and model-exfiltration vulnerabilities in Vertex AI that could have allowed attackers to steal or poison custom-built AI models.

Amazon Employee Data Compromised in MOVEit Breach

The data leak was not actually due to a breach in Amazon's systems but rather that of a third-party vendor; the supply chain incident affected several other clients as well.

CrowdStrike Spends to Boost Identity Threat Detection

Adaptive Shield is the third security posture management provider the company has acquired in the last 14 months as identity-based attacks continue to rise.

'GoIssue' Cybercrime Tool Targets GitHub Developers En Masse

Marketed on a cybercriminal forum, the $700 tool harvests email addresses from public GitHub profiles, priming cyberattackers for further credential theft, malware delivery, OAuth subversion, supply chain attacks, and other corporate breaches.

Citrix Issues Patches for Zero-Day Recording Manager Bugs

There is some disagreement over whether the remote code execution (RCE) security flaws allow for unauthenticated exploitation or not. Citrix says no, but researchers say the company is downplaying a "good old unauthenticated RCE."

Halliburton Remains Optimistic Amid $35M Data Breach Losses

Though its third-quarter earnings report confirms that the company remains on track, it's unclear how that will be affected if the threat actors commit further damage.

Revamped Remcos RAT Deployed Against Microsoft Windows Users

Windows users are at risk for full device takeover by an emerging malicious version of the Remcos remote admin tool, which is being used in an ongoing campaign exploiting a known remote code execution (RCE) vulnerability in Microsoft Office and WordPad.

Flexible Structure of Zip Archives Exploited to Hide Malware Undetected

Attackers abuse concatenation, a method that involves appending multiple zip archives into a single file, to deliver a variant of the SmokeLoader Trojan hidden in malicious attachments delivered via phishing

Facebook Asks Supreme Court to Dismiss Cambridge Analytica Lawsuit

Meta has maintained that Facebook did not mislead investors by not including mention of the Cambridge Analytica scandal in its forward-looking risk disclosures, but the plaintiffs say it was a glaring omission.

Open Source Security Incidents Aren't Going Away

Companies and organizations need to recognize the importance of investing in engineers who possess both the soft and hard skills required to secure open source software effectively.

AI & LLMs Show Promise in Squashing Software Bugs

Large language models (LLMs) can help app security firms find and fix software vulnerabilities. Malicious actors are on to them too, but here's why defenders may retain the edge.

Mystery Hackers Target Texas Oilfield Supplier in Ransomware Attack

It remains unclear how the attackers gained access to Newpark Resources' system, or what they plan to do with any stolen data the strike may have spewed out.

Preparing for DORA Amid Technical Controls Ambiguity

The European Union's Digital Operational Resilience Act requires financial entities to focus on third-party risk, resilience, and testing.

Has the Cybersecurity Workforce Peaked?

While training and credentialing organizations continue to talk about a "gap" in skilled cybersecurity workers, demand — especially for entry-level workers — has plateaued, spurring criticism of the latest rosy stats that seem to support a hot market for qualified cyber pros.

Gootloader Cyberattackers Target Bengal-Cat Aficionados in Oz

It's unclear what the threat actors have against this particular breed of cat, but it's taking down the kitty's enthusiasts with SEO-poisoned links and malware payloads.

Canada Closes TikTok Offices, Citing National Security

Questions remain over what a corporate ban will achieve, since Canadians will still be able to use the app.

Cisco Bug Could Lead to Command Injection Attacks

Though Cisco reports of no known malicious exploitation attempts, three of its wireless access points are vulnerable to these attacks.

'SteelFox' Malware Blitz Infects 11K Victims With Bundle of Pain

The malware combines a miner and data stealer, and it packs functions that make detection and mitigation a challenge.

German Law Could Protect Researchers Reporting Vulns

The draft amendment also includes prison time for those who access systems to maliciously spy or intercept data.

International Police Effort Obliterates Cybercrime Network

Interpol disrupts 22,000 malicious IP addresses, 59 servers, 43 electronic devices, and arrests 41 suspected cybercriminals.

Nokia: No Evidence So Far That Hackers Breached Company Data

The mobile device maker continues to investigate IntelBroker's claims of another high-profile data breach, with the cybercriminal group posting on BreachForums internal data allegedly stolen from Nokia through a third-party contractor.

Attacker Hides Malicious Activity in Emulated Linux Environment

The CRON#TRAP campaign involves a novel technique for executing malicious commands on a compromised system.

Schneider Electric Clawed by 'Hellcat' Ransomware Gang

The cybercriminal group holding the stolen information is demanding the vendor admit to the breach and pay up.

Okta Fixes Auth Bypass Bug After 3-Month Lull

The bug affected accounts with 52-character user names, and had several pre-conditions that needed to be met in order to be exploited.

OWASP Beefs Up GenAI Security Guidance Amid Growing Deepfakes

As businesses worry over deepfake scams and other AI attacks, organizations are adding guidance for cybersecurity teams on how to detect, and respond to, next-generation threats. That includes Exabeam, which was recently targeted by a deepfaked job candidate.

Name That Edge Toon: Aerialist's Choice

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Can Automatic Updates for Critical Infrastructure Be Trusted?

The true measure of our cybersecurity prowess lies in our capacity to endure.

OWASP Releases AI Security Guidance

OWASP released guidance materials addressing how to respond to deepfakes, AI security best practices, and how to secure open source and commercial generative AI applications.

4 Main API Security Risks Organizations Need to Address

Misconfigurations, weak authentication and logic flaws are among the main drivers of API security risks at many organizations.

Privacy Anxiety Pushes Microsoft Recall AI Release Again

The Recall AI tool will be available to Copilot+ PC subscribers in December, and can be used to record images of every interaction on the device for review later. Critics say this introduces major privacy and security concerns along with useful functionality.

Chinese APTs Cash In on Years of Edge Device Attacks

The sophisticated Chinese cyberattacks of today rest on important groundwork laid during the pandemic and before.

Critical Auth Bugs Expose Smart Factory Gear to Cyberattack

Factory automation software from Mitsubishi Electric and Rockwell Automation could be subject to remote code execution (RCE), denial-of-service (DoS), and more.

IT Security Centralization Makes the Use of Industrial Spies More Profitable

As organizations centralize IT security, the risk of espionage is silently becoming a more profitable threat.

The Overlooked Importance of Identifying Riskiest Users

"See one, teach one, do one" takes a page out of the healthcare playbook to reduce human vulnerabilities where they matter most in cybersecurity.

Facebook Businesses Targeted in Infostealer Phishing Campaign

The threat actors deceive their victims by impersonating the legal teams of companies, well-known Web stores, and manufacturers.

Cybersecurity Job Market Stagnates, Dissatisfaction Abounds

The 2024 ISC2 Cybersecurity Workforce Study found that amid a tightening job market and dynamic cyber-threat environment, ongoing staffing and skills shortages are putting organizations at serious risk. Can AI move the needle in defenders' favor?

Canada Grapples With 'Second-to-None' PRC-Backed Threat Actors

Chinese APTs lurked in Canadian government networks for five years — and that's just one among a whole host of threats from Chinese bad actors.

Casap Secures $8.5M in Funding

Cybersecurity Training Resources Often Limited to Developers

With a lack of cybersecurity awareness training resources for all employees, organizations are more susceptible to being breached or falling short when it comes to preventing threats.

'CrossBarking' Attack Targets Secret APIs, Exposes Opera Browser Users

Using a malicious Chrome extension, researchers showed how an attacker could inject custom code into a victim's Opera browser to exploit special and powerful APIs, used by developers and typically saved for only the most trusted sites.

Recurring Windows Flaw Could Expose User Credentials

Now a zero-day, the vulnerability enables NTLM hash theft, an issue that Microsoft has already fixed twice before.

China's 'Evasive Panda' APT Debuts High-End Cloud Hijacking

A professional-grade tool set, appropriately dubbed "CloudScout," is infiltrating cloud apps like Microsoft Outlook and Google Drive, targeting sensitive info for exfiltration.

French ISP Confirms Cyberattack, Data Breach Affecting 19M

In the latest attack against ISPs, second-largest French provider Free fell victim to unknown cyberattackers who attempted to sell the compromised data it stole from the company on an underground cybercrime forum.

Delta Launches $500M Lawsuit Against CrowdStrike

Delta argues that it lost hundreds of million of dollars in downtime and other costs in the aftermath of the incident, while CrowdStrike says it isn't liable for more than $10 million.

Mozilla: ChatGPT Can Be Manipulated Using Hex Code

LLMs tend to miss the forest for the trees, understanding specific instructions but not their broader context. Bad actors can take advantage of this myopia to get them to do malicious things, with a new prompt-injection technique.

Put End-of-Life Software to Rest

Relying on EOL software leaves critical systems exposed — making it a problem no business can afford to ignore.

SEC Fines Companies Millions for Downplaying SolarWinds Breach

Four companies — Avaya, Check Point, Mimecast, and Unisys — have been charged by the SEC for misleading disclosures in the aftermath of the 2020 SolarWinds compromise.

UnitedHealth Reveals 100M Compromised in Change Healthcare Breach

Eight months after the breach occurred, Change Healthcare has finally sent out millions of notices of compromised data to affected individuals.

Microsoft: Healthcare Sees 300% Surge in Ransomware Attacks

Even after the ransom is paid, such attacks lead to spikes in strokes and heart attacks and increased wait times for patients.

Critical Bug Exploited in Fortinet's Management Console

An attacker compromised one of Fortinet's most sensitive products and mopped up all kinds of reconnaissance data helpful for future mass device attacks.

'Prometei' Botnet Spreads Its Cryptojacker Worldwide

The Russian-language malware primarily enlists computers to mine Monero, but theoretically it can do worse.

Lazarus Group Exploits Chrome Zero-Day in Latest Campaign

The North Korean actor is going after cryptocurrency investors worldwide leveraging a genuine-looking game site and AI-generated content and images.

Russian Trolls Pose as Reputable Media to Sow US Election Chaos

Operation Overload pushes dressed up Russian state propaganda with the aim of flooding the US with election disinformation.

Microsoft SharePoint Vuln Is Under Active Exploit

The risk of exploitation is heightened, thanks to a proof-of-concept that's been made publicly available.

Retail & Hospitality ISAC Launches Program Aimed at Securing Supply Chains

Most US Political Campaigns Lack DMARC Email Protection

Without DMARC, campaigns remain highly susceptible to phishing, domain spoofing, and impersonation.

Swarms of Fake WordPress Plug-ins Infect Sites With Infostealers

GoDaddy flagged a ClickFix campaign that infected 6,000 sites in a one-day period, with attackers using stolen admin credentials to distribute malware.

Cisco Disables DevHub Access After Security Breach

The networking company confirms that cyberattackers illegally accessed data belonging to some of its customers.

Internet Archive Gets Pummeled in Round 2 Breach

This latest breach was through Zendesk, a customer service platform that the organization uses.

Anti-Bot Services Help Cybercrooks Bypass Google 'Red Page'

The emergence of novel anti-detection kits for sale on the Dark Web limit the effectiveness of a Chrome browser feature that warns users that they have reached a phishing page.

Why I'm Excited About the Future of Application Security

The future of application security is no longer about reacting to the inevitable — it's about anticipating and preventing attacks before they can cause damage.

EU Adopts Cyber Resilience Act to Regulate Internet of Things

The European Union adopted a new law setting EU-wide cybersecurity requirements for connected devices to ensure their safety.

DPRK Uses Microsoft Zero-Day in No-Click Toast Attacks

The "Code-on-Toast" supply chain cyberattacks by APT37 delivered data-stealing malware to users in South Korea who had enabled Toast pop-up ads.

MacOS Safari 'HM Surf' Exploit Exposes Camera, Mic, Browser Data

Microsoft researchers toyed with app permissions to uncover CVE-2024-44133, using it to access sensitive user data. Adware merchants may have as well.

CISOs: Throwing Cash at Tools Isn't Helping Detect Breaches

A survey shows three-quarters of CISOs are drowning in threat detections put out by a sprawling stack of tools, yet still lack the basic visibility necessary to identify breaches.

ESET-Branded Wiper Attack Targets Israel; Firm Denies Compromise

The security firm is denying an assessment that its systems were compromised in Israel by pro-Palestinian cyberattackers, but acknowledged an attack on one of its partners.

Hong Kong Crime Ring Swindles Victims Out of $46M

The scammers used real-time deepfakes in online dating video calls to convince the victims of their legitimacy.

Internet Archive Slowly Revives After DDoS Barrage

Days after facing a major breach, the site is still struggling to get fully back on its feet.

4 Ways to Address Zero-Days in AI/ML Security

As the unique challenges of AI zero-days emerge, the approach to managing the accompanying risks needs to follow traditional security best practices but be adapted for AI.

Anonymous Sudan Unmasked as Leaders Face Life in Prison

US officials disrupted the group's DDoS operation and arrested two individuals behind it, who turned out to be far less intimidating than they were made out to be in the media.

Port Raises $35M for its End-to-End Internal Developer Portal

Hybrid Work Exposes New Vulnerabilities in Print Security

The shift to a distributed work model has exposed organizations to new threats, and a low but continuing stream of printer-related vulnerabilities isn't helping.

Cyber Gangs Aren't Afraid of Prosecution

Challenges with cybercrime prosecution are making it easier for attackers to act with impunity. Law enforcement needs to catch up.

Sidewinder Casts Wide Geographic Net in Latest Attack Spree

The long-active, India-sponsored cyber-threat group targeted multiple entities across Asia, Africa, the Middle East, and even Europe in a recent attack wave that demonstrated the use of a previously unknown post-exploit tool called StealerBot.

FHE Consortium Pushes for Quantum-Resilient Cryptography Standards

The FHE Technical Consortium for Hardware (FHETCH) brings together developers, hardware manufacturers and cloud providers to collaborate on technical standards necessary to develop commercial fully homomorphic encryption solutions and lower adoption barriers.

North Korea Hackers Get Cash Fast in Linux Cyber Heists

The thieves modify transaction messages to initiate unauthorized withdrawals, even when there are insufficient funds.

Serious Adversaries Circle Ivanti CSA Zero-Day Flaws

Suspected nation-state actors are spotted stringing together three different zero-days in the Ivanti Cloud Services Application to gain persistent access to a targeted system.

Pokémon Gaming Company Employee Info Leaked in Hack

The gaming company reports that the server has been rebuilt after the leak, but has not confirmed if its insider video game data was leaked.

Microsoft: Schools Grapple With Thousands of Cyberattacks Weekly

Education, including K-12 schools and universities, has become the third most targeted sector due to the high variety of sensitive data it stores in its databases.

ConfusedPilot Attack Can Manipulate RAG-Based AI Systems

Attackers can introduce a malicious document in systems such as Microsoft 365 Copilot to confuse the system, potentially leading to widespread misinformation and compromised decision-making processes.

Fighting Crime With Technology: Safety First

By combining human and nonhuman identity management in one solution, Flock Safety is helping law enforcement solve an impressive number of criminal cases every day.

Why Your Identity Is the Key to Modernizing Cybersecurity

Ultimately, the goal of creating a trusted environment around all digital assets and devices is about modernizing the way you do business.

American Water Reconnects Its Network Taps After Cyber Incident

The company is beginning to bring its systems back online, though the investigation wages on.

Marriot & Starwood Face $52M Settlement After Security Breaches

The hotel giant will be held to higher security standards in a series of proposed requirements, including implementing a new annually reviewed security program.

EU Plans Sanctions for Cyberattackers Acting on Behalf of Russia

The European Union's new sanctions framework will target individuals and organizations engaging in pro-Russian activities such as cyberattacks and information manipulation to undermine EU support for Ukraine.

Critical Mozilla Firefox Zero-Day Allows Code Execution

The bug is already being exploited in the wild, but Firefox has provided patches for those who may be vulnerable.

Fidelity Notifies 77K Customers of Data Breach

The third-party actor had access for two days, in the financial services company's second major breach of the year.

Microsoft Previews New Windows Feature to Limit Admin Privileges

In the latest Windows preview, Microsoft adds a feature — Administrator Protection — designed to prevent threat actors from easily escalating privileges and restrict lateral movement.

Australia Intros Its First National Cyber Legislation

The bill is broken up into several pieces, including ransomware reporting and securing smart devices, among other objectives.

Mamba 2FA Cybercrime Kit Targets Microsoft 365 Users

A stealthy new underground offering uses sophisticated adversary-in-the-middle (AitM) techniques to convincingly serve up "Microsoft" login pages of various kinds, with dynamic enterprise branding.

3 More Ivanti Cloud Vulns Exploited in the Wild

The security bugs were found susceptible to exploitation in connection to the previously disclosed, critical CVE-2024-8963 vulnerability in the security vendor's Cloud Services Appliance (CSA).

Cloud, AI Talent Gaps Plague Cybersecurity Teams

Cyber pros are scrambling to stay up-to-date as the businesses they work for quickly roll out AI tools and keep expanding their cloud initiatives.

5 CVEs in Microsoft's October Update to Patch Immediately

Threat actors are actively exploiting two of the vulnerabilities, while three others are publicly known and ripe for attack.

Healthcare's Grim Cyber Prognosis Requires Security Booster

As healthcare organizations struggle against operational issues, two-thirds of the industry suffered ransomware attacks in the past year, and an increasing number are caving to extortion and paying up.

The Perils of Ignoring Cybersecurity Basics

The massive outage involving a faulty Falcon update is an excellent illustration of what happens when organizations neglect security fundamentals.

How Major Companies Are Honoring Cybersecurity Awareness Month

The annual event reinforces best practices while finding new ways to build a culture where employees understand how their daily decisions affect company security. Find out how AWS, IBM, Intuit, SentinelOne, and Gallo are spreading the word.

GorillaBot Goes Ape With 300K Cyberattacks Worldwide

Among those affected by all this monkeying around with DDoS in September were some 4,000 organizations in the US.

Salt Typhoon APT Subverts Law Enforcement Wiretapping: Report

The Chinese state-sponsored cyberattack threat managed to infiltrate the "lawful intercept" network connections that police use in criminal investigations.

CISO Paychecks: Worth the Growing Security Headaches?

CISOs' cash compensation tops $400,000 now, but with the high pay comes struggles, rapidly changing responsibilities, and tight budgets.

Malicious Chrome Extensions Skate Past Google's Updated Security

Google's Manifest V3 offers better privacy and security controls for browser extensions than the previous M2, but too many lax permissions and gaps remain.

Single HTTP Request Can Exploit 6M WordPress Sites

The popular LiteSpeed Cache plug-in is vulnerable to unauthenticated privilege escalation via a dangerous XSS flaw.

What the White House Should Do Next for Cyber Regulation

Creating a new office of cyber-regulation strategy is the government's best opportunity to improve security and to protect Americans in an increasingly dangerous world.

Name That Edge Toon: And For My Next Trick ...

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

MITRE Launches AI Incident Sharing Initiative

The collaboration with industry partners will improve collective AI defenses. Trusted contributors receive protected and anonymized data on real-world AI incidents.

iPhone 'VoiceOver' Feature Could Read Passwords Aloud

CVE-2024-44204 is one of two new Apple iOS security vulnerabilities that showcase an unexpected coming together of privacy snafus and accessibility features.

Microsoft, DOJ Dismantle Russian Hacker Group Star Blizzard

The successful disruption of notorious Russian hacker group Star Blizzard's operations arrives one month out from the US presidential election — one of the APT's prime targets.

CISA Adds High-Severity Ivanti Vulnerability to KEV Catalog

Ivanti reports that the bug is being actively exploited in the wild for select customers.

Ukraine-Russia Cyber Battles Tip Over Into the Real World

"Pig butchering," generative AI, and spear-phishing have all transformed digital warfare.

AI 'Nude Photo Generator' Delivers Infostealers Instead of Images

The FIN7 group is mounting a sophisticated malware campaign that spans numerous websites, to lure people with a deepfake tool promising to create nudes out of photos.

NSA Releases 6 Principles of OT Cybersecurity

Organizations can use this guide to make decisions for designing, implementing, and managing OT environments to ensure they are both safe and secure, as well as enable business continuity for critical services.

Unix Printing Vulnerabilities Enable Easy DDoS Attacks

All an attacker needs to exploit flaws in the Common Unix Printing System is a few seconds and less than 1 cent in computing costs.

LockBit Associates Arrested, Evil Corp Bigwig Outed

A global operation cuffed four LockBit suspects and offered more details into the org chart of Russia's infamous Evil Corp cybercrime gang.

Cyberattackers Use HR Targets to Lay More_Eggs Backdoor

The FIN6 group is the likely culprit behind a spear-phishing campaign that demonstrates a shift in tactics, from targeting job seekers to going after those who hire.

Overtaxed State CISOs Struggle With Budgeting, Staffing

CISOs for US states face the same kinds of challenges those at private companies do: lots of work to handle, but not necessarily enough money or people to handle it sufficiently well.

DoJ Charges 3 Iranian Hackers in Political 'Hack & Leak' Campaign

The cyberattackers allegedly stole information from US campaign officials only to turn around and weaponize it against unfavored candidates.

Elaborate Deepfake Operation Takes a Meeting With US Senator

The threat actors managed to gain access to Sen. Ben Cardin (D-Md.) by posing as a Ukrainian official, before quickly being outed.

Treat Your Enterprise Data Like a Digital Nomad

By combining agility with compliance, and security with accessibility, businesses will treat their data as a well-prepared traveler, ready for any adventure.

Shadow AI, Sensitive Data Exposure & More Plague Workplace Chatbot Use

Productivity has a downside: A shocking number of employees share sensitive or proprietary data with the generational AI platforms they use, without letting their bosses know.

Millions of Kia Vehicles Open to Remote Hacks via License Plate

The vulnerability is the latest discovered in connected vehicles in recent years, and it points out the cyber dangers lurking in automotive APIs.

Novel Exploit Chain Enables Windows UAC Bypass

Adversaries can exploit CVE-2024-6769 to jump from regular to admin access without triggering UAC, but Microsoft says it's not really a vulnerability.

Top Allies Executives & Boards Should Leverage During a Cyber Crisis

It is imperative for executives and board members to know who their top allies are, and how to best leverage them to successfully navigate a crisis and minimize the harm caused by a breach.

5 Cyber Strategies Research Universities Can Adopt to Lead in Global Research

Public Wi-Fi Compromised in UK Train Stations

British Transport Police and Network Rail are investigating the incident, in which bad actors posted Islamophobic messages on the transport system's network.

Hurricane Helene Prompts CISA Fraud Warning

Beware that friendly text from the IT department giving you an "update" about restoring your broadband connectivity.

Pwn2Own Auto Offers $500K for Tesla Hacks

There will be four major categories in the 2025 retread of the hacking competition, with prizes ranging for each challenge, from $20,000 to half a million.

China's 'Salt Typhoon' Cooks Up Cyberattacks on US ISPs

The state-sponsored advanced persistent threat (APT) is going after high-value communications service provider networks in the US, potentially with a dual set of goals.

Third Ivanti Bug Comes Under Active Exploit, CISA Warns

Though the critical vulnerability was patched in August, Ivanti is reminding customers to update as soon as possible as attacks from unauthenticated threat actors start circulating.

How Russia, China & Iran Are Targeting US Elections

While these threats remain a valid concern, US government agencies have doubled down on their assurances to the American public that election infrastructure is secure.

Kansas Water Plant Pivots to Analog After Cyber Event

A water treatment facility in a small city took serious precautions to prevent any bad outcomes from a hazy cyber incident.

Telegram to Share User Info With Law Enforcement in Policy Shift

The encrypted messaging service said it will share users' IP addresses and phone numbers with authorities when requested.

Critical Automated Tank Gauge Bugs Threaten Critical Infrastructure

The security vulnerabilities could lead to everything from gas spills to operations data disclosure, affecting gas stations, airports, military bases, and other hypersensitive locations.

MoneyGram Goes Offline After Vague Cyber Woes

The money-transfer company is going on day four of its services being suspended.

Kaspersky Rolls Back for US Customers, Makes Way for UltraAV

Some users complain they had no idea the switch would be automatic on their devices, vowing to uninstall the unwanted antivirus software.

Mastercard's Bet on Recorded Future a Win for Cyber Threat Intel

The $2.65B buy validates the growing importance of threat intelligence to enterprise security strategies.

Target Practice: Honing Critical Skills on Cyber Ranges

Cyber ranges are a great way for cyber professionals to keep up on emerging threats and new technologies — while having a little fun.

Commerce Dept. Proposes Ban on Automotive Software & Hardware From China, Russia

After launching an investigation in February into vehicles made by foreign adversaries, the Biden administration is finally making its move in the name of national security.

Data Security Posture Management: Accelerating Time to Value

Data discovery and classification are foundational for data security, data governance, and data protection.

China's 'Earth Baxia' Spies Exploit Geoserver to Target APAC Orgs

The APT group uses spear-phishing and a vulnerability in a geospatial data-sharing server to compromise organizations in Taiwan, Japan, the Philippines, and South Korea.

Ivanti's Cloud Service Appliance Attacked via Second Vuln

The critical bug, CVE-2024-8963, can be used in conjunction with the prior known flaw to achieve remote code execution (RCE).

Citrine Sleet Poisons PyPI Packages With Mac & Linux Malware

A North Korean advanced persistent threat (APT) actor (aka Gleaming Pisces) tried to sneak simple backdoors into public software packages.

Zero-Click MediaTek Bug Opens Phones, Wi-Fi to Takeover

Critical-rated CVE-2024-20017 allows remote code execution (RCE) on a range of phones and Wi-Fi access points from a variety of OEMs.

LinkedIn Addresses User Data Collection for AI Training

The company announced an update to its privacy policy, acknowledging it is using customer data to train its AI models.

c/side Lands $6M to Combat Rising Browser Supply Chain Attacks

1 PoC Exploit for Critical RCE Flaw, but 2 Patches From Veeam

The first patch lets threat actors with low-level credentials still exploit the vulnerability, while the second fully resolves the flaw.

Packed With Features, 'SambaSpy' RAT Delivers Hefty Punch

Thought to be Brazilian in origin, the remote access Trojan is the "perfect tool for a 21st-century James Bond."

FCC: AT&T Didn't Adequately Protect Customers' Cloud Data

Regulators fine AT&T $13 million for failing to protect customer information held by a third-party vendor, and extend consumer data protections to the cloud.

QR Phishing Scams Gain Motorized Momentum in UK

Criminal actors are finding their niche in utilizing QR phishing codes, otherwise known as "quishing," to victimize unsuspecting tourists in Europe and beyond.

Thousands of ServiceNow KB Instances Expose Sensitive Corporate Data

Despite security updates to protect data, 45% of total enterprise instances of the cloud-based IT management platform leaked PII, internal system details, and active credentials over the past year.

'Marko Polo' Creates Globe-Spanning Cybercrime Juggernaut

The Eastern European group is actively expanding its financial fraud activities, with its pipelines representing a veritable Silk Road for the transfer of cryptocurrency, and lucrative and exploitable data.

RT News Hosted Russian Cyber Spy Unit, US Says

US State Department warns that Kremlin-backed media outlets in democracies around the world are hiding Russian cyber spies and actively working to sow discord.

Apple Abandons Spyware Suit to Avoid Sharing Cyber Secrets

Despite more US sanctions against spyware operators, Apple decided the cost in terms of disclosures about its own anti-spyware efforts was too great.

Cambodian Tycoon Sanctioned for Forced Cyber Labor, Trafficking

The sanctions are unlikely to affect the growing network of criminals who lure victims into working for cybercrime sweat shops around the world.

Ivanti Cloud Bug Goes Under Exploit After Alarms Are Raised

Three days after Ivanti published an advisory about the high-severity vulnerability CVE-2024-8190, threat actors began to abuse the flaw.

Name That Toon: Tug of War

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Cybersecurity & the 2024 US Elections

While the 2024 election may see various cyber threats, existing security measures and coordination across all levels of government aim to minimize their impact.

Cloud-Native Network Security Up 17%, Hardware Down 2%

NFL Teams Block & Tackle Cyberattacks in a Digital World

As the 104th season of the National Football League kicks off, expect cyberattacks aimed at its customers, players, and arenas.

US Army Selects QuSecure Solution for 'Enhanced Post-Quantum Cryptography Suite for Tactical Networks' Project

SCADA Market Is Set to Reach $18.7B by 2031

Amateurish 'CosmicBeetle' Ransomware Stings SMBs in Turkey

With an immature codebase and a "rather chaotic encryption scheme" prone to failure, the group targets small businesses with custom malware.

Dark Reading Expands Its Coverage to the Asia-Pacific Region

The latest step in a journey to serve cybersecurity professionals in other regions of the world.

Xiphera Develops Quantum-Resilient Hardware Security Solutions for Space

Microsoft Discloses 4 Zero-Days in September Update

This month's Patch Tuesday contains a total of 79 vulnerabilities — the fourth largest of the year.

Air-Gapped Networks Vulnerable to Acoustic Attack via LCD Screens

Sound waves generated by pixels on a screen can transmit information across seemingly impenetrable air gaps.

Cyber Staffing Shortages Remain CISOs' Biggest Challenge

Besides operational issues connected to a talent shortage, the cost of running security platforms — and their training costs — also keeps CISOs up at night.

Chinese Tag Team APTs Keep Stealing Asian Gov't Secrets

A PRC threat cluster known as "Crimson Palace" is demonstrating the benefits of having specialized units carry out distinct stages of a wider attack chain.

10 Writing Tips for Cybersecurity Professionals

It takes more than technical knowledge to write about cybersecurity in a way people want to read. It takes creativity, discipline, and other key skills.

Akira Ransomware Actors Exploit SonicWall Bug for RCE

CISA has added CE-2024-40766 to its Known Exploited Vulnerabilities catalog.

300K Victims' Data Compromised in Avis Car Rental Breach

Though the company reports that data was exfiltrated in the breach, it has been remained tightlipped regarding the kind of data that was exposed.

How to Establish & Enhance Endpoint Security

Endpoint security has been around for decades, but changes in device use and the quick evolution of new attacks have triggered the development of new security techniques.

'TIDrone' Cyberattackers Target Taiwan's Drone Manufacturers

The Chinese-speaking group is launching sophisticated malware towards military and satellite targets globally.

FreeBSD Gets €686,400 to Boost Security Features

The funds from Germany’s Sovereign Tech Fund will be used to integrate security features such as zero trust capabilities and tools for software bill of materials.

CISA Flags ICS Bugs in Baxter, Mitsubishi Products

The vulnerabilities affect industrial control tech used across the healthcare and critical manufacturing sectors.

Commercial Spyware Use Roars Back Despite Sanctions

Vendors of mercenary spyware tools used by nation-states to track citizens and enemies have gotten savvy about evading efforts to limit their use.

Malvertising Campaign Builds a Phish for Lowe's Employees

Retail employees are being duped into divulging their credentials by typosquatting malvertisements.

China's 'Earth Lusca' Propagates Multiplatform Backdoor

The malware, KTLVdoor, has already been found on more than 50 command-and-control servers and enables full control of any environment it compromises.

Biden Admin Files Charges Against Election Meddlers From Russia

Working with the Treasury and Justice departments, the president has sanctioned anti-democratic Russian adversaries.

Open-Source Tool Allows Voters to Verify Election Results

The ElectionGuard project allows anyone — voters, campaign staffers, and election officials — to cryptographically verify ballots, a promise which may bolster faith in election integrity.

Indian Army Propaganda Spread by 1.4K AI-Powered Social Media Accounts

For three years now, more than a thousand social media accounts have been reposting the same pro-India, anti-Pakistan content on Facebook and X.

'Revival Hijack' on PyPI Disguises Malware with Legitimate File Names

Adversaries reusing abandoned package names sneak malware into organizations in a sort of software shell game.

FBI: North Korean Actors Readying Aggressive Cyberattack Wave

Sophisticated social engineering is expected to accompany threat campaigns that are highly targeted and aimed at stealing crypto and deploying malware.

Name That Edge Toon: Bug Off

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

City of Columbus Sues Researcher After Ransomware Attack

The city filed for a restraining order, claiming the researcher was working in tandem with the ransomware attackers.

Cyberattackers Spoof Palo Alto VPNs to Spread WikiLoader Variant

The malware, first discovered two years ago, has returned in campaigns using SEO poisoning.

Evolving NPM Package Campaign Targets Roblox Devs, For Years

Attackers have added aggressive social engineering to their arsenal, along with a novel Windows-manipulating persistence mechanism that demands developer vigilance.

BlackCat Spinoff 'Cicada3301' Uses Stolen Creds on the Fly, Skirts EDR

Malware authors have iterated on one of the premier encryptors on the market, building something even bigger and better.

Improved Software Supply Chain Resilience Equals Increased Security

Understanding through visibility, managing through governance, and anticipating through continuous deployment will better prepare organizations for the next supply chain attack.

Ransomware Gangs Pummel Southeast Asia

Successful ransomware attacks against organizations in Asia continue at peak levels in 2024 following a wave of high-profile data breaches last year.

Commercial Spyware Vendors Have a Copycat in Top Russian APT

Russia's Midnight Blizzard infected Mongolian government websites to try to compromise the devices of visitors, using watering-hole tactics.

'Voldemort' Malware Curses Orgs Using Global Tax Authorities

The global malware campaign (that must not be named?) is targeting organizations by impersonating tax authorities, and using custom tools like Google Sheets for command and control.

Brazilian Ad Fraud Network 'Camu' Hits 2B+ Daily Bid Requests

The global Internet helps just about everything to scale more easily, including piracy and ad fraud.

SANS Institute Unveils Critical Infrastructure Strategy Guide for 2024

Exploited: CISA Highlights Apache OFBiz Flaw After PoC Emerges

The vulnerability carries nearly the highest score possible on the CVSS scale, at 9.8, impacting a system used by major companies around the world.

South Korean APT Exploits 1-Click WPS Office Bug, Nabs Chinese Intel

The most popular office software suite in China actually has two critical vulnerabilities, which allowed hackers the opportunity for remote code execution. Time to patch.

BlackByte Targets ESXi Bug With Ransomware to Access Virtual Assets

The pivot is one of several changes the groups using the malware have used in recent attacks.

Attackers Exploit Critical Atlassian Confluence Flaw for Cryptojacking

Novel attack vectors leverage the CVE-2023-22527 RCE flaw discovered in January, which is still under active attack, to turn targeted cloud environments into cryptomining networks.

Zimbabwe Trains Government Officials in Cybersecurity Skills

African nation's proactive approach to cybersecurity comes amid a rise in painful cyberattacks including the breach of a major bank.

77% of Educational Institutions Spotted a Cyberattack Within the Last 12 Months

PoC Exploit for Zero-Click Vulnerability Made Available to the Masses

The exploit can be accessed on GitHub and makes it easier for the flaw to be exploited by threat actors.

Microsoft's Sway Serves as Launchpad for 'Quishing' Campaign

The attack is a mashup of QR codes and phishing that gets users to click on links to malicious Web pages.

Microsoft to Host Windows Security Summit in CrowdStrike Outage Aftermath

The tech giant seeks to work with endpoint security partners, including CrowdStrike, on how to prevent an outage event of such gravity from happening again.

Cybercriminals Tap Greasy Opal to Create 750M Fake Microsoft Accounts

Such cyberattack enablement services let attackers breach security measures, establish new fake accounts, and brute-force servers.

Seattle-Tacoma Airport Suffers System Outages Due to Possible Cyberattack

As the entire Port of Seattle struggles to become fully operational once more, the airport recommends that those who are traveling take extra precautions.

Aggressively Monitoring for Changes Is a Key Aspect of Cybersecurity

Employees and management must fully support change detection and file integrity monitoring, allowing a proactive approach with definitive security controls to be implemented against threat actors.

India's Critical Infrastructure Suffers Spike in Cyberattacks

The financial and government sectors have come under increasing attacks in India, with the Reserve Bank of India (RBI) warning banks to double down on cybersecurity.

NIST Hands Off Post-Quantum Cryptography Work to Cyber Teams

The release of new NIST quantum-proof cryptography standards signals it's time for cybersecurity teams to get serious about preparing for the rise of quantum threats.

Patch Now: Second SolarWinds Critical Bug in Web Help Desk

The disclosure of CVE-2024-28987 means that, in two weeks, there have been two critical bugs and corresponding patches for SolarWinds' less-often-discussed IT help desk software.

Liverpool Fans Take English Premier League Title for Ticket Scams

Ticket scams are costing football fans close to £200 a season, on average, according to a report.

NFC Traffic Stealer Targets Android Users & Their Banking Info

The malware builds on a near-field communication tool in combination with phishing and social engineering to steal cash.

NSA Issues Tips for Better Logging, Threat Detection in LotL Incidents

The guidance is part of a coordinated, global effort to eradicate living-off-the-land techniques used against critical infrastructure.

Infostealers Waltz Through macOS to Grab Crypto Wallets, Browser Creds

Ironically, Macs' lower risk profile may make them more susceptible to any given threat than the average Windows or Linux system.

Google Chrome Update Fixes Flaw Exploited in the Wild

New Chrome release set to roll out over the next few days addresses 38 security issues in the browser.

Malicious Links, AI-Enabled Tools, and Attacks on SMBs Among Top Cybersecurity Threats in H1 Mimecast Global Threat Intelligence Report

'Styx Stealer' Blows Its Own Cover With Sloppy OpSec Mistake

An individual in Turkey is behind a new information stealer that researchers have recently observed in multiple attacks.

Taiwan University Under Fire From Unique DLL Backdoor

It's unclear who the "Msupedge" threat actors were or what the motive for the attack was.

Azure Kubernetes Bug Lays Open Cluster Secrets

Vulnerability gave attackers with access to a pod a way to obtain credentials and other secrets.

Toyota Customer, Employee Data Leaks in Confirmed Data Breach

The company has released little information on the breach, but claims it's been in contact with the individuals affected.

Name That Toon: Security Games

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Multiple Microsoft Apps for macOS Vulnerable to Library Injection Attacks

Outlook, Teams, PowerPoint, OneNote, Excel, and Word undermine macOS's strict user permission-based privacy and security protections.

IBM SkillsBuild Cybersecurity and Data Analytics Certificates to be Deployed in Community College Systems

Every Google Pixel Phone Has a Verizon App that Doubles As a Backdoor

What is a Verizon Wireless demo store app doing on non-Verizon phones, and why is it a vehicle to an attacker?

National Public Data Confirms Massive Breach

Cyber incidents like this highlight the need for tougher action on companies that fail to adequately protect consumer data.

Assume Breach When Building AI Apps

AI jailbreaks are not vulnerabilities; they are expected behavior.

Human Nature Is Causing Our Cybersecurity Problem

By moving beyond guidelines and enforcing accountability, encouraging innovation, and prioritizing the safety and well-being of our communities in the digital age, we can build a more secure software future.

A Critical Look at the State Department's Risk Management Profile

The US needs to seize this moment to set a global standard for responsible and ethical AI, ensuring that technological progress upholds and advances human rights.

Iran Reportedly Grapples With Major Cyberattack on Banking Systems

The last known cyberattack waged against Iranian infrastructure took place last December with the blame placed on Israel and the US.

Are 2024 US Political Campaigns Prepared for the Coming Cyber Threats?

When it comes to this year's candidates and political campaigns fending off major cyberattacks, a lot has changed since the 2016 election cycle.

CISA, FBI Assure American Voters of Cyber Safe Electoral Process

Though it is possible for cyber disruptions to occur, CISA and the FBI say that ransomware will not impact casting or counting ballots.

DARPA Announces AI Cyber Challenge Finalists

Teams designed AI systems to secure open-source infrastructure software to be used in industry sectors such as financial services, utilities, and healthcare. Each finalist was awarded a $2 million prize.

Unfixed Microsoft Entra ID Authentication Bypass Threatens Hybrid IDs

The attack affects organizations that have synced multiple on-premises Active Directory domains to a single Azure tenant.

SolarWinds: Critical RCE Bug Requires Urgent Patch

The vulnerability was given a high-severity CVSS score, indicating that customers should act swiftly to mitigate the flaw.

Google: Iran's Charming Kitten Targets US Presidential Elections, Israeli Military

The threat group tracked as APT42 remains on the warpath with various phishing and other social engineering campaigns, as tensions with Israel rise.

Experian Acquires Behavioral Analytics Company NeuroID

GitHub Attack Vector Cracks Open Google, Microsoft, AWS Projects

Cloud services and thus millions of end users who access them could have been affected by the poisoning of artifacts in the development workflow of open source projects.

Critical Ivanti vTM Bug Allows Unauthorized Admin Access

The CVSS 9.8 authentication bypass in Ivanti's traffic manager admin panel already has a proof-of-concept (PoC) exploit lurking in the wild.

Microsoft Azure AI Health Bot Infected With Critical Vulnerabilities

Privilege escalation flaws in the healthcare chatbot platform could have allowed unauthorized cross-tenant access and management of other customers’ resources.

FBI Shuts Down Dozens of Radar/Dispossessor Ransomware Servers

Computer infrastructure in the US, UK, and Germany associated with the cybercriminal group, which targeted SMBs using double extortion, is officially out of commission.

APT41 Spinoff Expands Chinese Actor's Scope Beyond Asia

Earth Baku, yet another subgroup of the highly active and increasingly sophisticated collective, is moving into EMEA with new malware and living-off-the-land (LOL) tactics.

UN Approves Cybercrime Treaty Despite Major Tech, Privacy Concerns

The treaty would allow any country to request technology firms to aid in cybercrime investigations and preserve data about their users — potentially imperiling penetration testers and security researchers, among others.

AMD Issues Updates for Silicon-Level 'SinkClose' Processor Flaw

The vulnerability has been around for nearly 20 years and gives sophisticated attackers a way to bury virtually undetectable bootkits on devices with EPYC and Ryzen microprocessors.

CLFS Bug Crashes Even Updated Windows 10, 11 Systems

A quick and easy exploit for crashing Windows computers has no fix yet nor really any way to mitigate its effects.

A Lesson From the CrowdStrike Incident

The recent outage highlights the critical importance of adhering to established processes and governance frameworks.

Tennessee Man Helped DPRK Workers Get Jobs at US Orgs, Fund WMDs

US citizens play middleman between US companies and the North Korean government agents they unwittingly hire.

Media & Victims Find Common Ground Against Hackers

In a panel at Black Hat 2024, journalists and investigators explain their differing goals when a victim organization is breached.

Rubrik Partners With Mandiant for Cyber Resilience and Accelerated Incident Response Recovery

CrowdStrike's Legal Pressures Mount, Could Blaze Path to Liability

Following the July 19 outages caused by a bad update, the cybersecurity firm faces shareholder lawsuits and pressure to pay damages for at least one major customer, by Delta Airlines. Will software liability follow?

How to Weaponize Microsoft Copilot for Cyberattackers

At Black Hat USA, security researcher Michael Bargury released a "LOLCopilot" ethical hacking module to demonstrate how attackers can exploit Microsoft Copilot — and offered advice for defensive tooling.

Microsoft on CISOs: Thriving Community Means Stronger Security

Microsoft execs detailed the company's reaction to the CrowdStrike incident and emphasized the value of a collective identity.

'0.0.0.0 Day' Flaw Puts Chrome, Firefox, Mozilla Browsers at RCE Risk

Attackers can use a seemingly innocuous IP address to exploit localhost APIs to conduct a range of malicious activity, including unauthorized access to user data and the delivery of malware.

CrowdStrike Will Give Customers Control Over Falcon Sensor Updates

The security vendor has also implemented several changes to protect against the kind of snafu that crashed 8.5 million Windows computers worldwide last month.

Knostic Wins 2024 Black Hat Startup Spotlight Competition

During a "Shark Tank"-like final, each startup's representative spent five minutes detailing their company and product, with an additional five minutes to take questions from eight judges from Omdia, investment firms, and top companies in cyber.

Creating Insecure AI Assistants With Microsoft Copilot Studio Is Easy

Microsoft claims 50,000 organizations are using its new Copilot Creation tool, but researcher Michael Bargury demonstrated at Black Hat USA ways it could unleash insecure chatbots.

Chameleon Banking Trojan Makes a Comeback Cloaked as CRM App

The evolving malware is targeting hospitality and other B2C workers in Canada and Europe with capabilities that can evade Android 13 security restrictions.

Startup Spotlight: RAD Security Brings Behavioral Profiling to Cloud

Cybersecurity startup RAD Security, a finalist in this year's Black Hat USA Startup Spotlight competition, looks for "drift events," or events that vary from the baseline.

Attackers Use Multiple Techniques to Bypass Reputation-Based Security

Protections like Windows Smart App Control are useful but susceptible to attacks that allow threat actors initial access to an environment without triggering any alerts.

Cyberattack Strikes the Grand Palais RMN; Impact Appears Limited

Everyone expected some kind of cyberattack during the Olympics. If this is the best they've got, the bad guys don't deserve a spot on the podium.

Russia's Priorities in Prisoner Swap Suggest Cyber Focus

At least two Russian nationals serving prison sentences for cybercrime offenses, Vladislav Klyushin and Roman Seleznev, were released as part of the landmark prisoner swap.

China's Evasive Panda Attacks ISP to Send Malicious Software Updates

The APT used DNS poisoning to install the Macma backdoor on targeted networks and then deliver malware to steal data via post-exploitation activity.

Startup Spotlight: LeakSignal Helps Plug Leaky Data in Organizations

Cybersecurity startup LeakSignal, a finalists in this year's Black Hat USA Startup Spotlight competition, helps organizations see where data is leaking within their environment.

Protect Data Differently for a Different World

Adopting a military mindset toward cybersecurity means the industry moves beyond the current network protection strategies and toward a data-centric security approach.

How Regional Regulations Shape Global Cybersecurity Culture

Ultimately, a more cyber-secure world requires a global governing body to regulate and campaign for cybersecurity, with consistent regulatory requirements in the various regions around the world.

Russia's 'Fighting Ursa' APT Uses Car Ads to Install HeadLace Malware

The scheme, from the group also known as APT28, involves targeting Eastern European diplomats in need of personal transportation, tempting them with a purported good deal on a Audi Q7 Quattro SUV.

Fortune 50 Co. Pays Record-Breaking $75M Ransomware Demand

The runaway success of an upstart ransomware outfit called "Dark Angels" may well influence the cyberattack landscape for years to come.

China's APT41 Targets Taiwan Research Institute for Cyber Espionage

The state-sponsored Chinese threat actor gained access to three systems and stole at least some research data around computing and related technologies.

Twilio Users Kicked Out of Desktop App, Forced to Switch to Mobile

Now that the Authy Desktop app has reached EOL and is no longer accessible, users are hoping their 2FA tokens synced correctly with their mobile devices.

'Sitting Ducks' Attacks Create Hijacking Threat for Domain Name Owners

Researchers say the attacks are easy to perform, difficult to contact, nearly unrecognizable, and "entirely preventable."

Meta Agrees to $1.4B Settlement With Texas Over Biometric Privacy

The process took two years, but this is the first successful settlement obtained under Texas' Capture or Use of Biometric Identifier Act, which forbids the capture of biometric data without users' explicit consent.

AI-Driven Executive Impersonations Emerge As Significant Threat to Business Payment Processes

Smart Cars Share Driver Data, Prompting Calls for Federal Scrutiny

Two US senators accuse carmakers of deceptive language and shifty practices in sharing and resale of driver data.

Clutch Security Launches With NHI Platform

Clutch Security is the latest cybersecurity startup looking to secure and manage non-human identity.

India-Linked SideWinder Group Pivots to Hacking Maritime Targets

The nation-state espionage group known for attacking Pakistan has expanded its reach to targets in Egypt and Sri Lanka.

Criminal Hackers Add GenAI Credentials to Underground Markets

According to the study, around 400 stolen GenAI credentials are being sold by threat actors per day.

Ransomware Gangs Exploit ESXi Bug for Instant, Mass Encryption of VMs

With sufficient privileges in Active Directory, attackers only have to create an "ESX Admins" group in the targeted domain and add a user to it.

Heimdal Security Presents its Latest Report on Brute-Force Cyberattacks

Microsoft Lowballs CrowdStrike Outage Impact

Microsoft says that its initial estimate of 8.5 million PCs affected was only a subset of the affected number of machines in the crash.

'Zeus' Hacker Group Strikes Israeli Olympic Athletes in Data Leak

Security presence has been heightened in Paris to ensure that the Games are safe, and Israeli athletes have been provided with even more protection.

OAuth+XSS Attack Threatens Millions of Web Users With Account Takeover

An attack flow that combines API flaws within "log in with" implementations and Web injection bugs could affect millions of websites.

7 Sessions Not to Miss at Black Hat USA 2024

This year's conference will be a treasure trove of insights for cybersecurity professionals.

Targeted PyPi Package Steals Google Cloud Credentials from macOS Devs

The campaign is laser-targeted, bucking the trend of "spray-and-pray" malicious open source packages turning up in code repositories seemingly every other day.

CrowdStrike Outage Losses Estimated at a Staggering $5.4B

Researchers track the healthcare sector as experiencing the biggest financial losses, with banking and transportation following close behind.

US Offers $10M Reward for Information on North Korean Hacker

The individual is part of a DPRK-backed group known as Andariel, which is known for using the 'Maui' ransomware strain to target and extort healthcare entities.

Nvidia Embraces LLMs & Commonsense Cybersecurity Strategy

Nvidia doesn't just make the chips that accelerate a lot of AI applications — the company regularly creates and uses its own large language models, too.

Feds Warn of North Korean Cyberattacks on US Critical Infrastructure

The Andariel group is targeting critical defense, aerospace, nuclear, and engineering companies for data theft, the FBI, NSA, and others said.

Microsoft's Internet Explorer Gets Revived to Lure in Windows Victims

Though IE was officially retired in June 2022, the vulnerability ramped up in January 2023 and has been going strong since.

Unexpected Lessons Learned From the CrowdStrike Event

How your organization can leverage the disruptive CrowdStrike update to become more resilient.

Fighting Third-Party Risk With Threat Intelligence

With every new third-party provider and partner, an organization's attack surface grows. How, then, do enterprises use threat intelligence to enhance their third-party risk management efforts?

'Stargazer Goblin' Amasses Rogue GitHub Accounts to Spread Malware

The threat group uses its "Stargazers Ghost Network" to star, fork, and watch malicious repos to make them seem legitimate, all to distribute a variety of notorious information-stealers-as-a-service.

Cyberattackers Exploit Microsoft SmartScreen Bug in Stealer Campaign

The good news: Only organizations far behind on standard Windows patching have anything to worry about.

Hamster Kombat Players Threatened by Spyware & Infostealers

Players can only access the game by first joining its Telegram channel, with some going astray in copycat channels with hidden malware.

China's 'Evasive Panda' APT Spies on Taiwan Targets Across Platforms

The cohort's variety of individual tools covers just about any operating system it could possibly wish to attack.

Goodbye? Attackers Can Bypass 'Windows Hello' Strong Authentication

Accenture researcher undercut WHfB's default authentication using open source Evilginx adversary-in-the-middle (AitM) reverse-proxy attack framework.

Sprawling CrowdStrike Incident Mitigation Showcases Resilience Gaps

A painful recovery from arguably one of the worst IT outages ever continues, and the focus is shifting to what can be done to prevent something similar from happening again.

Threat Hunting Market Worth $6.9B by 2029

Russian Hacktivists Sanctioned for US Critical Infrastructure Attacks

"CARR" hackers have managed to gain control over ICS and SCADA systems in the US and Europe.

Kaspersky Is an Unacceptable Risk Threatening the Nation's Cyber Defense

As geopolitical tensions rise, foreign software presents a grave supply chain risk and an ideal attack vector for nation-state adversaries.

Chinese Forced-Labor Ring Sponsors Football Clubs, Hides Behind Stealth Tech

An illegal gambling empire fueled by modern-day slavery is being propped up by high-profile sponsorships — and defended with sophisticated anti-detection software.

Fallout From Faulty Friday CrowdStrike Update Persists

Historic IT outage expected to spur regulatory scrutiny, soul-searching over "monoculture" of IT infrastructure - and cyberattack threats.

Under-Resourced Maintainers Pose Risk to Africa's Open Source Push

Many nations see open source software as a great equalizer, giving the Global South the tools necessary for sustainable development. But recent supply chain attacks highlight the need for security.

Buggy CrowdStrike EDR Update Crashes Windows Systems Worldwide

Though the cybersecurity vendor has since reverted the update, chaos continues as companies continue to struggle to get back up and running.

US Data Breach Victim Numbers Increase by 1,000%, Literally

Though the number of victims has risen, the actual number of breaches has gone down, as fewer, bigger breaches affect more individuals.

High-Severity Cisco Bug Grants Attackers Password Access

The vulnerability was given the highest CVSS score possible, though few details have been released due to its severity.

Microsoft-Signed Chinese Adware Opens the Door to Kernel Privileges

An official stamp of approval might give the impression that a purported "HotPage" adtech tool is not, in fact, a dangerous kernel-level malware — but that's just subterfuge.

Aura Partners With Mosaic Compliance Services to Launch a Program to Protect Auto Dealers and Buyers From Cybercrime

DPRK Hackers Tweak Malware to Lure MacOS Users into Video Calls

North Korean espionage campaign delivers updated BeaverTail info stealer by spoofing legitimate video calling service, researcher finds.

West African Crime Syndicate Taken Down by Interpol Operation

Law enforcement managed to arrest numerous members of Black Axe, a notorious group engaged in a wide variety of criminal activity.

Microsoft: Scattered Spider Widens Web With RansomHub & Qilin

The gang already uses varied tools in its attacks, such as phishing, SIM swapping, and MFA fatigue.

Name That Toon: Near Miss

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

'Trial' DDoS Attacks on French Sites Portend Greater Olympics Threats

Russian hacktivists claim DDoS attacks against basic tourist websites. Is it real, or just smoke and mirrors?

SEXi Ransomware Rebrands as 'APT Inc.,' Keeps Old Methods

The cybercrime group demands ransoms of varying degrees, from thousands to even millions of dollars — in some cases, 2 bitcoin per encrypted customer.

Well-Established Cybercriminal Ecosystem Blooming in Iraq

A malicious Telegram bot is the key to a veritable flourishing garden of nefarious cybercriminal activity, which was discovered via a series of Python packages.

Rite Aid Becomes RansomHub's Latest Victim After Data Breach

The breach affects older customer information involved in purchases made from June 6, 2017, up until July 30, 2018.

How Manufacturers Can Secure Themselves Against Cyber Threats

Good risk management is necessary to protect customers, ensure operational continuity, safeguard intellectual property, and maintain fiscal responsibility.

7 Tips for Navigating Cybersecurity Risks in M&As

Careful planning and proactive measures can ensure smooth and secure transitions, paving the way for a successful merger or acquisition.

AT&T Breach May Also Impact Millions of Boost, Cricket, H2O Customers

In the scrum, countless call and text records leaked, other cell companies caught strays, the DoJ became involved, and someone has already been arrested.

CISA, FBI Warn of OS Command-Injection Vulnerabilities

Agencies say flaws are preventable and can be addressed with secure-by-design principles.

Apple Warns iPhone Users in 98 Countries of More Spyware Attacks

Users receiving the warnings are likely being targeted based on who they are or what they do, according to the vendor.

Advance Auto Parts Data Breach Affects 2.3M Customers

Threat actors had access to the automotive provider's networks for more than a month before they were discovered.

FishXProxy Phishing Kit Outfits Cybercriminals for Success

A new end-to-end toolkit circulating on the Dark Web significantly lowers the barrier to entry for creating sophisticated campaigns that can avoid most traditional security detection and protection systems.

Saviynt Expands Capabilities With EY Alliance, Elevating Approach to External User Management With its Identity Cloud

Attackers Have Been Leveraging Microsoft Zero-Day for 18 Months

Likely two separate threat actors are using the just-patched CVE-2024-38112 in targeted, concurrent infostealer campaigns.

Feds Uncover Sprawling, GenAI-Enabled Russian Troll Farm

The bot farm was created using AI-enhanced software that was able to create a host of different false personas to spread disinformation in convincing and unsettling ways.

Attackers Already Exploiting Flaws in Microsoft's July Security Update

In all, the company released fixes for a whopping 139 CVEs in its own products and four for non-Microsoft products.

Evolve Bank & Trust Reveals 7M Impacted in LockBit Breach

Though the company reassures its users that customer funds were not accessed, the same cannot be said for customer information.

Chinese Threat Group APT40 Exploits N-Day Vulns at Rapid Pace

The state-sponsored threat group is capable of exploiting fresh software vulnerabilities within hours of their initial discovery.

10B Passwords Pop Up on Dark Web 'RockYou2024' Release

The passwords, dumped on a cyber-underground forum on July 4 by a hacker called "ObamaCare," were collected from a variety of older and more recent breaches.

Apple Geolocation API Exposes Wi-Fi Access Points Worldwide

Beyond the devices that use them, Wi-Fi hubs themselves can leak interesting data, thanks to some quirks in Apple's geolocation system.

Cyber-Insurance Prices Plummet as Market Competition Grows

Now may be a good time to find good deals on insurance coverage for ransomware and security incidents.

Deconstructing Security Assumptions to Ensure Future Resilience

By breaking down fundamental assumptions, we can proactively plan for, and begin to achieve, future resilience.

5 Ways to Run Security as a Meritocracy

Actions speak louder than words. Here are five tips for encouraging a security culture based on achievements.

Euro Vishing Fraudsters Add Physical Intimidation to Arsenal

The persistent threat of social engineering tactics sees cybercriminals blending technology with human manipulation to exploit individuals.

Are SOC 2 Reports Sufficient for Vendor Risk Management?

SOC 2 reports are a valuable tool for evaluating vendor security, but they shouldn't be the only piece of the puzzle.

Euro 2024 Becomes Latest Sporting Event to Attract Cyberattacks

Cybercriminals are selling credentials linked to the tournament on underground markets, with some geopolitics playing out in denial-of-service attacks.

A CISO's Guide to Avoiding Jail After a Breach

Yahoo, Uber, SolarWinds — increasingly, the government is incentivizing better corporate security by punishing the individuals leading it. Is that a good idea? And how can security pros avoid ending up on the butt end of a lawsuit?

Any IoT Device Can Be Hacked, Even Grills

Researchers uncover a way to hack the summer cookout — but firmware updates will stop that grilled meat (or tofu) from turning into an inedible mess.

Bay Area Credit Union Struggles to Recover After Ransomware Attack

Tens of thousands of Patelco customers remain without access to their accounts, with no estimates for when systems will be restored.

Hacker Busted for 'Evil Twin' Wi-Fi That Steals Airline Passenger Data

Australian cops arrest man found with a portable Wi-Fi access device in his carry-on luggage, allegedly used for standing up scam Wi-Fi networks on flights.

Networking Without the Hangover

How Sober in Cyber is redefining professional connections in the security industry.

Human Technology Inc. — Notification of Data Breach

Implementing Zero Trust and Mitigating Risk: ISC2 Courses to Support Your Development

Interlock Launches ThreatSlayer Web3 Security Extension and Incentivized Crowdsourced Internet Security Community

Odaseva Raises $54M Series C Round to Expand Product Offerings and Continue Category Leadership

Google Opens $250K Bug Bounty Contest for VM Hypervisor

If security researchers can execute a guest-to-host attack using a zero-day vulnerability in the KVM open source hypervisor, Google will make it worth their while.

Prudential Data Breach Victim Count Soars to 2.5M

The company seemingly underestimated the severity of the breach after originally providing a head count of roughly 36,000 impacted individuals.

Juniper Rushes Out Emergency Patch for Critical Smart Router Flaw

Although not yet exploited in the wild, the max-critical authentication bypass bug could allow adversaries to take over unpatched Juniper Session Smart Routers and Conductors, and WAN Assurance Routers, the company warns.

Thinking About Security, Fast & Slow

To be effective, managing risk demands both fast responses and strategic thinking.

CISO Corner: The NYSE & the SEC; Ransomware Negotiation Tips

Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps.

CISA's Flags Memory-Unsafe Code in Major Open Source Projects

Despite more than 50% of all open source code being written in memory-unsafe languages like C++, we are unlikely to see a massive overhaul to code bases anytime soon.

Hundreds of Thousands Impacted in Children's Hospital Cyberattack

Though the Chicago-area hospital did not pay a ransom, a host of sensitive medical information is now at risk.

Authenticator for X, TikTok Exposes Personal User Info for 18 Months

With many popular apps, users must hand over personal information to prove their identity, and the big downside is they have no control over how that information gets processed and stored.

Dark Reading Confidential: Meet the Ransomware Negotiators

Episode 2: Incident response experts-turned-ransomware negotiators Ed Dubrovsky, COO and managing partner of CYPFER, and Joe Tarraf, chief delivery officer of Surefire Cyber, explain how they interact with cyber threat actors who hold victim organizations' systems and data for ransom. Among their fascinating stories: how they negotiated with cybercriminals to restore operations in a hospital NICU where lives were at stake, and how they helped a church, where the attackers themselves "got a little religion."

Your Phone's 5G Connection is Vulnerable to Bypass, DoS Attacks

Wireless service providers prioritize uptime and lag time, occasionally at the cost of security, allowing attackers to take advantage, steal data, and worse.

Dangerous AI Workaround: 'Skeleton Key' Unlocks Malicious Content

Microsoft, OpenAI, Google, Meta genAI models could be convinced to ditch their guardrails, opening the door to chatbots giving unfettered answers on building bombs, creating malware, and much more.

Apple AirPods Bug Allows Eavesdropping

The vulnerability affects not only AirPods, but also AirPods Max, Powerbeats Pro, Beats Fit Pro, and all models of AirPods Pro.

Polyfill.io Supply Chain Attack Smacks Down 100K+ Websites

The site is supplying malicious code that delivers dynamically generated payloads and can lead to other attacks, after a Chinese organization bought it earlier this year.

Neiman Marcus Customers Impacted by Snowflake Data Breach

The high-end retailer is the latest company to confirm it was impacted by the wide-ranging Snowflake data breach, which impacted more than 165 organizations.

'ChamelGang' APT Disguises Espionage Activities With Ransomware

The China-nexus cyberthreat actor has been operating since at least 2019 and has notched victims in multiple countries.

Fresh MOVEit Bug Under Attack Mere Hours After Disclosure

The high-severity CVE-2024-5806 allows cyberattackers to authenticate to the file-transfer platform as any valid user, with accompanying privileges.

Indonesia Refuses to Pay $8M Ransom After Cyberattack

More than 200 regional and national government agencies have been impacted by the ransomware attack, and few of them are once again operational.

Threat Actor May Have Accessed Sensitive Info on CISA Chemical App

An unknown adversary compromised a CISA app containing the data via a vulnerability in the Ivanti Connect Secure appliance this January.

China-Linked Cyber-Espionage Teams Target Asian Telecoms

In the latest breaches, threat groups compromised telecommunications firms in at least two Asian nations, installing backdoors and possibly eavesdropping or pre-positioning for a future attack.

CDK Attack: Why Contingency Planning Is Critical for SaaS Customers

Daily operations at some 15,000 automotive dealers remain impacted as CDK works to restore its dealer management system, following what appears to be a ransomware attack last week.

What Building Application Security Into Shadow IT Looks Like

AppSec is hard for traditional software development, let alone citizen developers. So how did two people resolve 70,000 vulnerabilities in three months?

30M Potentially Affected in Tickettek Australia Cloud Breach

In an incident with direct parallels to the recent Ticketmaster compromise, an Aussie live events giant says it was breached via a third-party cloud provider, as ShinyHunters takes credit.

The NYSE's $10M Wake-up Call

The settlement between the SEC and the owner of the New York Stock Exchange is a critical reminder of the vulnerabilities within financial institutions' cybersecurity frameworks as well as the importance of regulatory oversight.

VicOne Solutions for Detection of Zero-Day Vulnerabilities and Contextualized Attack Paths

Legal Defense Fund Covers Crypto Research

The nonprofit Security Alliance provided funding to protect those who illegally access crypto assets with the aim of improving security.

Multifactor Authentication Is Not Enough to Protect Cloud Data

Ticketmaster, Santander Bank, and other large firms have suffered data leaks from a large cloud-based service, underscoring that companies need to pay attention to authentication.

Consumer Privacy Bill Fails in Vermont

The bill, if it had successfully become law, would have given consumers the right to sue companies that violate their privacy.

Thousands of Car Dealerships Stalled Out After Software Provider Cyberattack

CDK Global, which makes software for car dealers, experienced a cyber incident that halted vehicle sales and service across the US.

High-Risk Overflow Bug in Intel Chips Likely Impacts 100s of PC Models

The old, but newly disclosed, vulnerability is buried deep inside personal computers, servers, and mobile devices, and their supply chains, making remediation a headache.

CHERI Alliance Aims to Secure Hardware Memory

The consortium of private companies and academia will focus on ways to protect hardware memory from attacks.

How Cybersecurity Can Steer Organizations Toward Sustainability

By integrating environmental initiatives, social responsibility, and governance into their strategies, security helps advance ESG goals.

'ONNX' MFA Bypass Targets Microsoft 365 Accounts

The service, likely a rebrand of a previous operation called 'Caffeine,' mainly targets financial institutions in the Americas and EMEA and uses malicious QR codes and other advanced evasion tactics.

France Seeks to Protect National Interests With Bid for Atos Cybersec

By offering to buy Atos's big data and cybersecurity operations. Paris is trying to make sure key technologies do not fall under foreign control.

Hackers Derail Amtrak Guest Rewards Accounts in Breach

The US passenger rail giant said attackers used previously compromised credentials to crack accounts and access a freight train of personal data.

Blackbaud Fined $6.75M After 2020 Ransomware Attack

Threat actors were able to breach Blackbaud's systems and compromise sensitive data, largely because of the company's poor cybersecurity practices and lack of encrypted data, the AG said.

Cut & Paste Tactics Import Malware to Unwitting Victims

"ClearFake" and "ClickFix" attackers are tricking people into cutting and pasting malicious PowerShell scripts to infect their own machines with RATs and infostealers.

LA County Dept. of Public Health Data Breach Impacts 200K

Threat actors were able to breach the department using the credentials accessed through phishing emails.

Addressing Misinformation in Critical Infrastructure Security

As the lines between the physical and digital realms blur, widespread understanding of cyber threats to critical infrastructure is of paramount importance.

China's 'Velvet Ant' APT Nests Inside Multiyear Espionage Effort

The campaign is especially notable for the remarkable lengths to which the threat actor went to maintain persistence on the target environment.

Name That Toon: Future Shock

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

MITRE: US Government Needs to Focus on Critical Infrastructure

With the presidential election this year and increase in cyberattacks and conflict around the world, MITRE has outlined four important areas the incoming presidential administration should focus on next year.

Hamas Hackers Sling Stealthy Spyware Across Egypt, Palestine

The Arid Viper APT group is deploying AridSpy malware with Trojanized messaging applications and second-stage data exfiltration.

'Sleepy Pickle' Exploit Subtly Poisons ML Models

A model can be perfectly innocent, yet still dangerous if the means by which it's packed and unpacked are tainted.

Panera Notifies Employees of Compromised Data

Though the company is informing affected individuals of a breach, it's keeping the nature and scope of the cybersecurity incident that led to it under wraps.

Marsh Insurance: Volume of Cyber-Insurance Claims Reaches New Heights

More claims are being made across the US and Canada compared with previous years, with healthcare organizations leading the way.

PoC Exploit Emerges for Critical RCE Bug in Ivanti Endpoint Manager

A new month, a new high-risk Ivanti bug for attackers to exploit — this time, an SQL injection issue in its centralized endpoint manager.

North Korea's Moonstone Sleet Widens Distribution of Malicious Code

The recently identified threat actor uses public registries for distribution and has expanded capabilities to disrupt the software supply chain.

AI Chatbot Fools Scammers & Scores Money-Laundering Intel

Experiment demonstrates how AI can turn the tables on cybercriminals, capturing bank account details of how scammers move stolen funds around the world.

Rockwell's ICS Directive Comes As Critical Infrastructure Risk Peaks

Critical infrastructure is facing increasingly disruptive threats to physical processes, while thousands of devices are online with weak authentication and riddled with exploitable bugs.

Scores of Biometrics Bugs Emerge, Highlighting Authentication Risks

Face scans stored like passwords inevitably will be compromised, like passwords are. But there's a crucial difference between the two that organizations can rely on when their manufacturers fail.

Cleveland City Hall Shuts Down After Cyber Incident

As city officials continue to investigate, it's unclear which systems were affected and whether it was a ransomware attack.