Dark Reading

China's Vulnerability Database Altered to Hide Govt. Influence

03/09/2018
Recorded Future says move designed to hide fact that CNNVD routinely delays publication of high-risk flaws so government can assess them for offensive use.

'Slingshot' Cyber Espionage Campaign Hacks Network Routers

03/09/2018
Advanced hacking group appears to be native English speakers targeting Africa, Middle East.

Tennessee Senate Campaign Sees Possible Hack

03/09/2018
Phil Bredesen's campaign for US senate sees a hacker's hand in email messages

DevSecOps: The Importance of Building Security from the Beginning

03/09/2018
Here are four important areas to tackle in order to master DevSecOps: code, privacy, predictability, and people.

7 University-Connected Cyber Ranges to Know Now

03/09/2018
Universities are beginning to add cyber ranges to the facilities for teaching cyber security to students and professionals.

North Korea Threat Group Targeting Turkish Financial Orgs

03/08/2018
Hidden Cobra appears to be collecting information for a later strike, McAfee says.

Olympic Destroyer's 'False Flag' Changes the Game

03/08/2018
Kaspersky Lab researchers uncover evidence of how the attackers who targeted the Winter Olympic Games impersonated an infamous North Korea hacking team.

CIGslip Lets Attackers Bypass Microsoft Code Integrity Guard

03/08/2018
The new technique would enable attackers to inject malicious content into Microsoft Edge and other protected processes.

Yahoo Agrees to $80 Million Settlement with Investors

03/08/2018
Investors alleged that Yahoo intentionally misled them about its cybersecurity practices.

Gozi Trojan Using Dark Cloud Botnet in New Wave of Attacks

03/08/2018
Gozi IFSB banking Trojan has rolled out new code, a new botnet and a high level of customization in the latest wave of attacks.

McAfee Closes Acquisition of VPN Provider TunnelBear

03/08/2018
This marks McAfee's second acquisition since its spinoff from Intel last year.

Putting the S in SDLC: Do You Know Where Your Data Is?

03/08/2018
Data represents the ultimate attack surface. Avoid major data breaches (and splashy headlines) by keeping track of where your data is.

Cybersecurity Gets Added to the M&A Lexicon

03/08/2018
Threat intelligence data can give a clear picture of an acquisition target that could make or break a deal.

How Guccifer 2.0 Got 'Punk'd' by a Security Researcher

03/08/2018
Security expert and former Illinois state senate candidate John Bambenek details his two months of online interaction with the 'unsupervised cutout' who shared with him more stolen DCCC documents.

Intel SGX Can Be Used to Hide, Execute Malware

03/07/2018
The microprocessor giant's Software Guard Extensions security feature can be abused to implement virtually undetectable malware, Graz University researchers say.

Researchers Defeat Android OEMs' Security Mitigations

03/07/2018
At Black Hat Asia, two security experts will bypass security improvements added to Android by equipment manufacturers.

Group-IB Helps Suspend Ukrainian DDoS Attack Group

03/07/2018
This case marks the first successful prosecution of cybercriminals in Ukraine, the organization reports.

Privilege Abuse Attacks: 4 Common Scenarios

03/07/2018
It doesn't matter if the threat comes from a disgruntled ex-employee or an insider anticipating financial gain, privilege abuse patterns are pretty much the same, and they're easy to avoid.

Memcached DDoS Attack: Kill Switch, New Details Disclosed

03/07/2018
Corero shares a kill switch for the Memcached vulnerability and reports the flaw is more extensive than originally believed.

Why Security-Driven Companies Are More Successful

03/07/2018
Software Security Masters are better at handling application development security and show much higher growth than their peers. Here's how to become one.