Gen Z Falls for Scams 2x More Than Older Generations

Forget gullible old people — Gen Z is the most at-risk age group on the Web. Older folks might want to ignore it, but employers are likely to feel the brunt.

DragonForce Ransom Cartel Profits Off Rivals' Demise

The fall of RansomHub led to a major consolidation of the ransomware ecosystem last quarter, which was a boon for the DragonForce and Qilin gangs.

SafePay Claims Ingram Micro Breach, Sets Ransom Deadline

The ransomware gang claims to have stolen 3.5TB of data, and told the technology distributor to pay up or suffer a data breach.

3 Things CFOs Need to Know About Mitigating Threats

To reposition cybersecurity as a strategic, business-critical investment, CFOs and CISOs play a critical role in articulating the significant ROI that robust security measures can deliver.

Inside the FBI's Strategy for Prosecuting Ransomware

The US government is throwing the book at even mid-level cybercriminals. Is it just, and is it working?

Koreans Hacked, Blackmailed by 250+ Fake Mobile Apps

A swath of copycat Korean apps are hiding spyware, occasionally leading to highly personal, disturbing extortions.

Silk Typhoon Linked to Powerful Offensive Tools, PRC-Backed Companies

An unsealed indictment associated with the Chinese threat group shows its members worked for companies closely aligned with the PRC as part of a larger contractor ecosystem.

The CrowdStrike Outage Was Bad, but It Could Have Been Worse

A year after the largest outage in IT history, organizations need to make an active effort to diversify their technology and software vendors and create a more resilient cyber ecosystem moving forward.

Attackers Can Use Browser Extensions to Inject AI Prompts

A proof-of-concept attack shows how threat actors can use a poisoned browser extension to inject malicious prompts into a generative AI tool.

African Orgs Fall to Mass Microsoft SharePoint Exploits

The National Treasury of South Africa is among the half-dozen known victims in South Africa — along with other nations — of the mass compromise of on-premises Microsoft SharePoint servers.

Nimble 'Gunra' Ransomware Evolves With Linux Variant

The emerging cybercriminal gang, which initially targeted Microsoft Windows systems, is looking to go cross-platform using sophisticated, multithread encryption.

New Risk Index Helps Organizations Tackle Cloud Security Chaos

Enterprises can use the IaC Risk Index to identify vulnerable cloud resources in their infrastructure-as-code environment which are not managed or governed.

Insurance Giant Allianz Life Grapples With Breach Affecting 'Majority' of Customers

The company has yet to report an exact number of how many individuals were impacted by the breach and plans to start the notification process around Aug. 1.

Chaos Ransomware Rises as BlackSuit Gang Falls

Researchers detailed a newer double-extortion ransomware group made up of former members of BlackSuit, which was recently disrupted by international law enforcement.

Sophisticated Shuyal Stealer Targets 19 Browsers, Demonstrates Advanced Evasion

A new infostealing malware making the rounds can exfiltrate credentials and other system data even from browsing software considered more privacy-focused than mainstream options.

How to Spot Malicious AI Agents Before They Strike

The rise of agentic AI means the battle of the machines is just beginning. To win, we'll need our own agents — human and machine — working together.

Cyber Career Opportunities: Weighing Certifications vs. Degrees

Longtime CISO Melina Scotto joins Dark Reading to discuss career advice gleaned from her 30 years in the cyber industry.

'Fire Ant' Cyber Spies Compromise Siloed VMware Systems

Suspected China-nexus threat actors targeted virtual environments and used several tools and techniques to bypass security barriers and reach isolated portions of victims' networks.

AI-Generated Linux Miner 'Koske' Beats Human Malware

AI malware is becoming less of a gimmick, with features that meet or exceed what traditional human-developed malware typically can do.

North Korea's IT Worker Rampage Continues Amid DoJ Action

Arrests and indictments keep coming, but the North Korean fake IT worker scheme is only snowballing, and businesses can't afford to assume their applicant-screening processes are up to the task of weeding the imposters out.

The Young and the Restless: Young Cybercriminals Raise Concerns

National governments warn that many hacker groups attract young people through a sense of community, fame, or the promise of money and the perception of a lack of risk of prosecution.

Can Security Culture Be Taught? AWS Says Yes

Newly appointed Amazon Web Services CISO Amy Herzog believes security culture goes beyond frameworks and executive structures. Having the right philosophy throughout the organization is key.

Ransomware Actors Pile on 'ToolShell' SharePoint Bugs

Storm-2603, a China-based threat actor, is targeting SharePoint customers in an ongoing ransomware campaign.

Department of Education Site Mimicked in Phishing Scheme

An ongoing phishing campaign is using fake versions of the department's G5 grant portal, taking advantage of political turmoil associated with the DoE's 1,400 layoffs.

US Nuclear Agency Hacked in Microsoft SharePoint Frenzy

Threat actors are piling on the zero-day vulnerabilities in SharePoint, including at least three Chinese nation-state cyberespionage groups.

Microsoft Integrates Data Lake With Sentinel SIEM

Microsoft Sentinel Data Lake aims to provide inexpensive storage for large volumes of telemetry, while threat intelligence will be included with Defender XDR at no extra cost.

CISO Conversations: How IT and OT Security Worlds Are Converging

Dark Reading's Kelly Jackson Higgins interviews Carmine Valente, Deputy CISO at Con Edison, about his role at the New York-based electric utility and the state of IT and OT security. Valente highlights current threats like ransomware and supply chain attacks, as well as the impact of AI on both defense and threats.

China Introduces National Cyber ID Amid Privacy Concerns

China officially rolled out a voluntary Internet identity system to protect citizens' online identities and personal information, but critics worry about privacy and surveillance.

3 China Nation-State Actors Target SharePoint Bugs

Hackers and cybercrime groups are part of a virtual feeding frenzy, after Microsoft's recent disclosure of new vulnerabilities in on-premises editions of SharePoint Server.

Human Digital Twins Could Give Attackers a Dangerous Advantage

While this emerging technology offers many benefits, digital twins also have several drawbacks, as these convincing impersonations can be used in social engineering attacks.

China-Backed APT41 Cyberattack Surfaces in Africa

Up to now, the prolific China-sponsored cyber-espionage group has been mostly absent from the region, but a sophisticated and highly targeted attack on an African IT company shows Beijing is branching out.

Malicious Implants Are Coming to AI Components, Applications

A red teamer is publishing research next month about how weaknesses in modern security products lay the groundwork for stealthy implants in AI-powered applications.

Europol Sting Leaves Russian Cybercrime's 'NoName057(16)' Group Fractured

National authorities have issued seven arrest warrants in total relating to the cybercrime collective known as NoName057(16), which recruits followers to carry out DDoS attacks on perceived enemies of Russia.

Containment as a Core Security Strategy

We cannot keep reacting to vulnerabilities as they emerge. We must assume the presence of unknown threats and reduce the blast radius that they can affect.

'PoisonSeed' Attacker Skates Around FIDO Keys

Researchers discovered a novel phishing attack that serves the victim a QR code as part of supposed multifactor authentication (MFA), in order to get around FIDO-based protections.

Printer Security Gaps: A Broad, Leafy Avenue to Compromise

Security teams aren't patching firmware promptly, no one's vetting the endpoints before purchase, and visibility into potential dangers is limited — despite more and more cyberattackers targeting printers as a matter of course.

Armenian Extradited to US Over Ryuk Ransomware

The suspect faces three charges for his alleged crimes that could earn him up to five years in federal prison, and a heap of fines.

Why Cybersecurity Still Matters for America's Schools

Cyberattacks on educational institutions are growing. But with budget constraints and funding shortfalls, leadership teams are questioning whether — and how — they can keep their institutions safe.

ISC2 Finds Orgs Are Increasingly Leaning on AI

While many organizations are eagerly integrating AI into their workflows and cybersecurity practices, some remain undecided and even concerned about potential drawbacks of AI deployment.

Women Who 'Hacked the Status Quo' Aim to Inspire Cybersecurity Careers

A group of female cybersecurity pioneers will share what they've learned about navigating a field dominated by men, in order to help other women empower themselves and pursue successful cybersecurity careers.

Cognida.ai Launches Codien: An AI Agent to Modernize Legacy Test Automation and Fast-Track Test Creation

AI Is Reshaping How Attorneys Practice Law

Experts recommend enhanced AI literacy, training around the ethics of using AI, and verification protocols to maintain credibility in an increasingly AI-influenced courtroom.

AsyncRAT Spawns Concerning Labyrinth of Forks

Since surfacing on GitHub in 2019, AsyncRAT has become a poster child for how open source malware can democratize cybercrime, with a mazelike footprint of variants available across the spectrum of functionality.

Attackers Abuse AWS Cloud to Target Southeast Asian Governments

The intelligence-gathering cyber campaign introduces the novel HazyBeacon backdoor and uses legitimate cloud communication channels for command-and-control (C2) and exfiltration to hide its malicious activities.

MITRE Launches AADAPT Framework for Financial Systems

The new framework is modeled after and meant to complement the MITRE ATT&CK framework, and it is aimed at detecting and responding to cyberattacks on cryptocurrency assets and other financial targets.

Web-Inject Campaign Debuts Fresh Interlock RAT Variant

A cyber-threat campaign is using legitimate websites to inject victims with remote access Trojans belonging to the Interlock ransomware group, in order to gain control of devices.

Military Veterans May Be What Cybersecurity Is Looking For

As the field struggles with a shortage, programs that aim to provide veterans with the technical skills needed to succeed in cybersecurity may be the solution for everyone.

Google Gemini AI Bug Allows Invisible, Malicious Prompts

A prompt-injection vulnerability in the AI assistant allows attackers to create messages that appear to be legitimate Google Security alerts but instead can be used to target users across various Google products with vishing and phishing.

The Dark Side of Global Power Shifts & Demographic Decline

As global power realigns and economies falter, the rise in cybercrime is no longer hypothetical — it's inevitable.

350M Cars, 1B Devices Exposed to 1-Click Bluetooth RCE

Mercedes, Skoda, and Volkswagen vehicles, as well as untold industrial, medical, mobile, and consumer devices, may be exposed to a vulnerable Bluetooth implementation called "PerfektBlue."

eSIM Bug in Millions of Phones Enables Spying, Takeover

eSIMs around the world may be fundamentally vulnerable to physical and network attacks because of a 6-year-old Oracle vulnerability in technology that underlies billions of cards.

Ingram Micro Up and Running After Ransomware Attack

Customers were the first to notice the disruption on the distributor's website when they couldn't place orders online.

4 Arrested in UK Over M&S, Co-op, Harrods Hacks

The UK's National Crime Agency arrested four people, who some experts believe are connected to the notorious cybercriminal collective known as Scattered Spider.

AirMDR Tackles Security Burdens for SMBs With AI

This security startup provides managed detection and response services for small-to-midsized businesses to detect and address modern threats such as ransomware, phishing attacks, and malicious insiders.

North American APT Uses Exchange Zero-Day to Attack China

Stories about Chinese APTs attacking the US and Canada are plentiful. In a turnabout, researchers found what they believe is a North American entity attacking a Chinese entity, thanks to a mysterious issue in Microsoft Exchange.

A NVIDIA Container Bug & Chance to Harden Kubernetes

A container escape flaw involving the NVIDIA Container Toolkit could have enabled a threat actor to access AI datasets across tenants.

New AI Malware PoC Reliably Evades Microsoft Defender

Worried about hackers employing LLMs to write powerful malware? Using targeted reinforcement learning (RL) to train open source models in specific tasks has yielded the capability to do just that.

South Korean Government Imposes Penalties on SK Telecom for Breach

Following a breach at the country's top mobile provider that exposed 27 million records, the South Korean government imposed a small monetary penalty but stiff regulatory requirements.

Malicious Open Source Packages Spike 188% YoY

Data exfiltration was the most common malware in Sonatype report, with more than 4,400 packages designed to steal secrets, personally identifiable information, credentials, and API tokens.

Suspected Hacker Linked to Silk Typhoon Arrested in Milan

The alleged Chinese state-sponsored hacker faces multiple charges, including wire fraud, aggravated identity theft, and unauthorized access to protected computers.

DPRK macOS 'NimDoor' Malware Targets Web3, Crypto Platforms

Researchers observed North Korean threat actors targeting cryptocurrency and Web3 platforms on Telegram using malicious Zoom meeting requests.

Ransomware Attack Triggers Widespread Outage at Ingram Micro

The outage began shortly before the July 4 holiday weekend and caused disruptions for customer ordering and other services provided by the IT distributor.

'Hunters International' RaaS Group Closes Its Doors

The announcement comes just months after security researchers observed that the group was making the transition to rebrand to World Leaks, a data theft outfit.

Chrome Store Features Extension Poisoned With Sophisticated Spyware

A color picker for Google's browser with more than 100,000 downloads hijacks sessions every time a user navigates to a new webpage and also redirects them to malicious sites.

US Treasury Sanctions BPH Provider Aeza Group

In the past, the bulletproof group has been affiliated with many well-known ransomware and malware groups, such as BianLian and Lumma Stealer.

Russian APT 'Gamaredon' Hits Ukraine With Fierce Phishing

A Russian APT known as "Gamaredon" is using spear-phishing attacks and network-drive weaponization to target government entities in Ukraine.

ClickFix Spin-off Attack Bypasses Key Browser Safeguards

A new threat vector exploits how modern browsers save HTML files, bypassing Mark of the Web and giving attackers another social-engineering attack for delivering malware.

1 Year Later: Lessons Learned From the CrowdStrike Outage

The ever-growing volume of vulnerabilities and threats requires organizations to remain resilient and anti-fragile — that is, to be able to proactively respond to issues and continuously improve.

Scope, Scale of Spurious North Korean IT Workers Emerges

Microsoft warns thousands of North Korean workers have infiltrated tech, manufacturing, and transportation sectors to steal money and data.

We've All Been Wrong: Phishing Training Doesn't Work

Teaching employees to detect malicious emails isn't really having an impact. What other options do organizations have?

DoJ Disrupts North Korean IT Worker Scheme Across Multiple US States

The US also conducted searches of 29 "laptop farms" across 16 states and seized 29 financial accounts used to launder funds.