Dark Reading

Crypto Drainers Are Ready to Ransack Investor Wallets

02/06/2023
Cryptocurrency drainers are the latest hot ticket being used in a string of lucrative cyberattacks aimed at virtual currency investors.

Global Ransomware Attack on VMware EXSi Hypervisors Continues to Spread

02/06/2023
The fresh "ESXiArgs" malware is exploiting a 2-year-old RCE security vulnerability (tracked as CVE-2021-21974), resulting in thousands of unpatched servers falling prey to the campaign.

Cybercrime Shows No Signs of Slowing Down

02/06/2023
Look for recent trends in attacks, strategies, and vulnerabilities to continue gaining steam throughout 2023.

Patching & Passwords Lead the Problem Pack for Cyber-Teams

02/06/2023
Despite growing awareness, organizations remain plagued with unpatched vulnerabilities and weaknesses in credential policies.

How Cybercriminals Are Operationalizing Money Laundering and What to Do About It

02/06/2023
It's time to share threat intelligence and prioritize digital literacy and cyber hygiene to stem the rising money laundering tide.

Name That Edge Toon: For the Birds

02/06/2023
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.

What CISOs Can Do About Brand Impersonation Scam Sites

02/03/2023
Apply these nine tips to proactively fight fraudulent websites that use your brand to rip people off.

Iran-Backed Actor Behind 'Holy Souls' Cyberattack on Charlie Hebdo, Microsoft Says

02/03/2023
The January attack was in retaliation for the satirical French magazine's decision to launch a cartoon contest to lampoon Iran's Supreme Leader.

Scores of Redis Servers Infested by Sophisticated Custom-Built Malware

02/03/2023
At least 1,200 Redis servers worldwide have been infected with "HeadCrab" cryptominers since 2021.

How the Cloud Is Shifting CISO Priorities

02/03/2023
The greatly expanding attack surface created by the cloud needs to be protected.

MITRE Releases Tool to Design Cyber-Resilient Systems

02/02/2023
Engineers can use the Cyber Resiliency Engineering Framework Navigator to visuzalize their cyber-resiliency capabilities.

Korelock Launches IOT Smart Lock Technology Company

02/02/2023
Denver-based business secures Series A Funding through partnerships with Iron Gate Capital and Kozo Keikaku Engineering.

Cyberattack on Fintech Firm Disrupts Derivatives Trading Globally

02/02/2023
The Russia-linked LockBit ransomware group claims to be behind the attack that fouled automated transactions for dozens of clients of financial technology firm ION Group.

6 Examples of the Evolution of a Scam Site

02/02/2023
Examining some key examples of recently found fraud sites that target the lucrative retail shoe industry helps us understand how brand impersonation sites evolve.

Rising ‘Firebrick Ostrich’ BEC Group Launches Industrial-Scale Cyberattacks

02/02/2023
The group's wanton attacks demonstrate that business email compromise is everything a hacker can want in one package: low risk, high reward, quick, easy, and low effort.

Patch Critical Bug Now: QNAP NAS Devices Ripe for the Slaughter

02/02/2023
Analysts find that 98% of QNAP NAS are vulnerable to CVE-2022-27596, which allows unauthenticated, remote SQL code injection.

Managing the Governance Model for Software Development in a No-Code Ecosystem

02/02/2023
Forward-leading business and technology leaders are seeing the value of the "do-It-yourself" approach.

AppSec Playbook 2023: Study of 829M Attacks on 1,400 Websites

02/02/2023
The total number of 61,000 open vulnerabilities, including 1,700 critical ones that have been open for 180+ days, exposes businesses to potential attacks.

Cybersecurity Leaders Launch First Attack Matrix for Software Supply Chain Security

02/02/2023
Current and former cybersecurity leaders from Microsoft, Google, GitLab, Check Point, OWASP, Fortinet and others have already joined the open framework initiative, which is being led by OX Security.

Discrepancies Discovered in Vulnerability Severity Ratings

02/02/2023
Differences in how the National Vulnerability Database (NVD) and vendors score bugs can make patch prioritization harder, study says.