Dark Reading

VMware, Airline Targeted as Ransomware Chaos Reigns

05/26/2022
Global ransomware incidents target everything from enterprise servers to grounding an airline, with one India-based group even taking a Robin Hood approach to extortion with the "GoodWill" strain.

Big Cyber Hits on GM, Chicago Public Schools, & Zola Showcase the Password Problem

05/26/2022
Credential-stuffing attacks against online accounts are still popular, and they work thanks to continuing password reuse.

Act Now: Leveraging PCI Compliance to Improve Security

05/26/2022
Let the threat landscape guide your company's timeline for complying with new data security standards for credit cards. Use the phase-in time to improve security overall — security as a process — not just comply with new standards.

Quanta Servers Caught With 'Pantsdown' BMC Vulnerability

05/26/2022
Researchers discover 3-year-old critical firmware vulnerability, running in popular cloud servers used to power hyperscalers and cloud providers alike.

Most Common Threats in DBIR

05/25/2022
Supply chain and ransomware attacks increased dramatically in 2021, which explains why so many data breaches in Verizon's "2022 Data Breach Investigations Report" were grouped as system intrusion.

Is Your Data Security Living on the Edge?

05/25/2022
Gartner's security service edge fundamentally changes how companies should be delivering data protection in a cloud and mobile first world.

Interpol's Massive 'Operation Delilah' Nabs BEC Bigwig

05/25/2022
A sprawling, multiyear operation nabs a suspected SilverTerrier BEC group ringleader, exposing a massive attack infrastructure and sapping the group of a bit of its strength.

JFrog Launches Project Pyrsia to Help Prevent Software Supply Chain Attacks

05/25/2022
Open source software community initiative utilizes blockchain technology.

Mastercard Launches Cybersecurity “Experience Centre”

05/25/2022
Experience Centre features emerging Mastercard products and solutions for securing digital payments on a global scale, including those developed locally in Vancouver.

Qualys to Unveil VMDR 2.0 at Qualys Security Conference in San Francisco

05/25/2022
Company will detail enhancements to Vulnerability Management, Detection and Response solution next month.

Corelight Announces New SaaS Platform for Threat Hunting

05/25/2022
Corelight Investigator aids threat hunting and investigation through intelligent alert aggregation, built-in queries and scalable search

Cybersecurity-Focused SYN Ventures Closes $300 Million Fund II

05/25/2022
Cylance co-founder Ryan Permeh has joined full time as an operating partner.

Vishing Attacks Reach All Time High, According to Latest Agari and PhishLabs Report

05/25/2022
According to the findings, vishing attacks have overtaken business email compromise as the second most reported response-based email threat since Q3 2021.

Zero-Click Zoom Bug Allows Code Execution Just by Sending a Message

05/25/2022
Google has disclosed a nasty set of six bugs affecting Zoom chat that can be chained together for MitM and RCE attacks, no user interaction required.

Meet the 10 Finalists in the RSA Conference Innovation Sandbox

05/25/2022
This year's finalists tackle such vital security concerns as permissions management, software supply chain vulnerability, and data governance. Winners will be announced June 6.

Brexit Leak Site Linked to Russian Hackers

05/25/2022
Purporting to publish leaked emails of pro-Brexit leadership in the UK, a new site's operations have been traced to Russian cyber-threat actors, Google says.

Spring Cleaning Checklist for Keeping Your Devices Safe at Work

05/25/2022
Implement zero-trust policies for greater control, use BYOD management tools, and take proactive steps such as keeping apps current and training staff to keep sensitive company data safe and employees' devices secure.

CLOP Ransomware Activity Spiked in April

05/25/2022
In just one month, the ransomware group's activity rose by 2,100%, a new report finds.

Industry 4.0 Points Up Need for Improved Security for Manufacturers

05/25/2022
With manufacturing ranking as the fourth most targeted sector, manufacturers that understand their exposure will be able to build the necessary security maturity.

DDoS Extortion Attack Flagged as Possible REvil Resurgence

05/25/2022
A DDoS campaign observed by Akamai from actors claiming to be REvil would represent a major pivot in tactics for the gang.