Dark Reading

Newly Found Authentication Flaws Highlight Dangers of Coding From Scratch

12/08/2021
Two vulnerabilities in a call-center software suite could allow an attacker to take over the application server, researchers found.

How Do I Empower a Remote Workforce Without Compromising Security?

12/08/2021
To transition to a zero-trust architecture, focus on doing the things that offer the most value.

Trickbot-Infected Machines Drop Emotet Samples

12/08/2021
It's reportedly the first time this has happened since the takedown of Emotet in January 2021, say the researchers who made the discovery.

Why Cloud Service Providers Are a Single Point of Failure

12/08/2021
In a matter of days, a large-scale outage of cloud and other online services could cause $15 billion in losses.

5 Tips to Stay on the Offensive and Safeguard Your Attack Surface

12/08/2021
New, global-scale attacks aren't a security problem; they're a big data problem requiring a data-led solution.

Ripple Effects Felt Across the Internet With AWS Outage

12/07/2021
AWS Console was among the many services that were unavailable during the outage at Amazon Web Services.

New Financial Services Industry Report Reveals Major Gaps in Storage and Backup Security

12/07/2021
More than two-Thirds (69%) of respondents believe an attack on their storage & backup environment will have "significant" or "catastrophic" impact.

Google Disrupts Botnet Targeting Windows Machines

12/07/2021
The company has also launched litigation against the Glupteba botnet, marking the first lawsuit against a blockchain-enabled botnet.

Rubrik's New Managed Service Protects Data from Ransomware Attacks

12/07/2021
Rubrik Cloud Vault provides data recovery assurance against ransomware attacks for Microsoft Azure customers, even if they maintain a hybrid environment.

Virtual-Network Vulnerability Found in AWS, Other Clouds

12/07/2021
The privilege-escalation flaws affect Amazon WorkSpaces and more than a dozen services that use a particular implementation of USB over Ethernet.

Cerberus Sentinel Announces Acquisition of Arkavia Networks

12/07/2021
U.S. cybersecurity services firm expands internationally into Latin America.

The Dark Web Has Its Own People's Court

12/07/2021
Many underground forums have processes for arbitrating disputes between cybercriminals.

DigiCert Advances Passwordless Authentication with Support for Windows Hello for Business

12/07/2021
Managing Windows Hello hybrid certificate trust model on DigiCert PKI platform streamlines enterprise passwordless authentication and access, an industry first for public Certification Authorities (CAs).

5 Ways GRC & Security Can Partner to Reduce Insider Risk

12/07/2021
In 2022, data governance, risk, and compliance (GRC) and security need to partner to implement a modern approach to data protection: insider risk management.

Defending Against the Use of Deepfakes for Cyber Exploitation

12/07/2021
Deepfakes are increasingly concerning because they use AI to imitate human activities and can be used to augment social engineering attacks.

Cybersecurity Takes the Wheel as Auto Industry's Top Priority

12/07/2021
Part mainframe, part mobile device, cars will increasingly become targets for cyberattackers.

MITRE Engenuity & Cybrary Surpass 25,000 Users in MITRE ATT&CK Defender Certification Program

12/06/2021
The program helps close the skill gap to enable defenders to gain the advantage over cyber adversaries.

Microsoft Seizes Malicious Websites Used by Prolific Chinese APT Group

12/06/2021
The so-called Nikel cyber espionage attack group - aka APT15, Vixen Panda, KE3CHANG, Royal APT, and Playful Dragon - has been in Microsoft's sights since 2016.

US Military Has Acted Against Ransomware Groups: Report

12/06/2021
Gen. Paul Nakasoke, head of US Cyber Command and director of the NSA, said the military has taken offensive action against ransomware groups.

Russian Actors Behind SolarWinds Attack Hit Global Business & Government Targets

12/06/2021
Clusters of activity associated with the attack group behind last year's supply chain breach reveal novel techniques, researchers say.