Dark Reading

600K Payment Card Records Leaked After Swarmshop Breach

04/08/2021
A leaked database also contains the nicknames, hashed passwords, contact details, and activity history of Swarmshop admins, sellers, and buyers.

Handcuffs Over AI: Solving Security Challenges With Law Enforcement

04/08/2021
We've tried everything else ... now it's time to make the prospect of getting caught -- and punished -- a real deterrent to cybercrime.

SecOps and DevOps: From Cooperation to Automation

04/07/2021
Omdia Principal Analyst Eric Parizo discusses the major obstacles SecOps organizations face as they seek to build ties with DevOps teams, and offers a programmatic approach to help create a path toward DevSecOps.

Did 4 Major Ransomware Groups Truly Form a Cartel?

04/07/2021
An analysis of well-known extortion groups and their cryptocurrency transactions reveals the answer.

Voice-Changing Software Found on APT Attackers' Server

04/07/2021
Security researchers believe the presence of Morph Vox Pro could indicate APT-C-23 has new plans for their phishing campaigns.

Cring Ransomware Used in Attacks on European Industrial Firms

04/07/2021
Attackers exploited a vulnerability in Fortigate VPN servers to gain access to target networks, researchers report.

Fortune 500 Security Shows Progress and Pitfalls

04/07/2021
Fortune 500 companies have improved on email security and vulnerability disclosure programs but struggle in asset management and high-risk services.

Rethinking Cyberattack Response: Prevention & Preparedness

04/07/2021
The SolarWinds incident is the starkest reminder yet that complacency can exact a terrible price.

5 Ways to Transform Your Phishing Defenses Right Now

04/07/2021
By transforming how you approach phishing, you can break the phishing kill chain and meaningfully reduce your business risk.

Attackers Actively Seeking, Exploiting Vulnerable SAP Applications

04/07/2021
Analysis of threat activity in mission-critical environments prompts CISA advisory urging SAP customers to apply necessary security patches and updates.

Cartoon Caption Winner: Something Seems Afoul

04/07/2021
And the winner of Dark Readings's March cartoon caption contest is ...

Microsoft Teams, Exchange Server, Windows 10 Hacked in Pwn2Own 2021

04/06/2021
The 2021 Pwn2Own is among the largest in its history, with 23 separate entries targeting 10 products.

Security Falls Short in Rapid COVID Cloud Migration

04/06/2021
The quick pivot to the cloud for remote support also ushered in risks.

Crime Service Gives Firms Another Reason to Purge Macros

04/06/2021
Recent Trickbot campaigns and at least three common banking Trojans all attempt to infect systems using malicious macros in Microsoft Office documents created using EtterSilent.

The Edge Pro Tip: Update Your DDoS Defense Plan

04/06/2021
The idea of monetizing distributed denial-of-service (DDoS) attacks dates back to the 1990s. But the rise of DDoS-for-hire services and cryptocurrencies has radically changed the landscape.

Ryuk's Rampage Has Lessons for the Enterprise

04/06/2021
The Ryuk ransomware epidemic is no accident. The cybercriminals responsible for its spread have systematically exploited weaknesses in enterprise defenses that must be addressed.

9 Modern-Day Best Practices for Log Management

04/06/2021
Log management is nothing new. But doing so smartly, correctly, and concisely in today's data-driven world is another story.

LinkedIn Phishing Ramps Up With More-Targeted Attacks

04/05/2021
Seeking to take advantage of out-of-work users, malware groups continue to use LinkedIn and business services to offer fictional jobs and deliver infections instead.

Kaspersky Uncovers New APAC Cyberespionage Campaign

04/05/2021
A group related to Chinese-speaking threat group Cycldek is targeting government and military organizations in Vietnam.

Data from 553 Million Facebook Accounts Leaked Online

04/05/2021
Personal information belonging to more than 533 million Facebook users was found available on a cybercrime forum.