Dark Reading

Trojanized, Signed Comm100 Chat Installer Anchors Supply Chain Attack

09/30/2022
Malicious Comm100 files have been found scattered throughout North America, and across sectors including tech, healthcare, manufacturing, telecom, insurance, and others.

Microsoft Confirms Pair of Blindsiding Exchange Zero-Days, No Patch Yet

09/30/2022
The "ProxyNotShell" security vulnerabilities can be chained for remote code execution and total takeover of corporate email platforms.

SolarMarker Attack Leverages Weak WordPress Sites, Fake Chrome Browser Updates

09/30/2022
The SolarMarker group is exploiting a vulnerable WordPress-run website to encourage victims to download fake Chrome browser updates, part of a new tactic in its watering-hole attacks.

With the Software Supply Chain, You Can't Secure What You Don't Measure

09/30/2022
Reports to the National Vulnerability Database jumped in 2022, but we should pay just as much attention to the flaws that are not being reported to NVD, including those affecting the software supply chain.

Onyxia Raises $5M to Help Companies Proactively Manage Cybersecurity Risks Using AI

09/30/2022
Onyxia, an AI-powered cybersecurity strategy and performance platform providing a centralized way for security teams to monitor and manage cybersecurity efforts in real time, has raised $5 million in seed fundraising led by World Trade Ventures with participation by Silvertech Ventures and angel investors.

Cyera Survey Finds One in Three Respondents Want to Minimize Cloud Data Risk

09/29/2022
Multiple providers say 'cloud data sprawl' makes managing cloud data risk a priority initiative within the next 12 months.

Safous Adds Browser Isolation to Its Zero-Trust Network Access Service

09/29/2022
This new function offers secure access to corporate applications and external SaaS through a virtual browser.

Israel Cybersecurity Enterprise (ICE) Teams with CybeReady to Deliver World-Class Security Training

09/29/2022
Security service provider selects cybersecurity training platform to safeguard enterprises in LATAM.

Aunalytics Launches Security Patching Platform as a Service

09/29/2022
Expedited software patching and updating recognized as one of the most important processes to protect against system compromise from cyberattacks.

Veristor Partners with SANS Security Awareness to Deliver Employee Security Awareness Training

09/29/2022
Companies collaborate to strengthen organizations' first line of security defense – end users.

YouMail, Inc. and WMC Global Partner to Deliver Voice and SMS Phishing Disruption Services

09/29/2022
Joint phishing intelligence solution provides 360-degree mobile communication defense.

Organizations Finding the Need for New Approaches on the Cybersecurity Front, CompTIA research reveals

09/29/2022
Settling for 'satisfactory' level of readiness may underestimate growing levels of risk.

Intel Hardens Confidential Computing With Project Amber Updates

09/29/2022
The chip giant has developed new features and services to make it more difficult for malicious hackers and insiders to access sensitive data from applications in the cloud.

KnowBe4 Simplifies Compliance Requirements for Healthcare Privacy

09/29/2022
KnowBe4's Compliance Audit Readiness Assessment (CARA) now addresses select requirements from HIPAA Security Rule.

Pathlock Expands SAP Capabilities with Acquisition of Grey Monarch

09/29/2022
Combination of two companies to help SAP customers streamline audit, compliance and control processes.

Ransomware Attacks Continue Increasing: 20% of All Reported Attacks Occurred in the Last 12 Months - New Survey

09/29/2022
Survey of over 2,000 IT pros revealed that a quarter either don't know or don't think Microsoft 365 data can be affected by ransomware.

Why the US Should Help Secure Mexican Infrastructure — and What It Gets in Return

09/29/2022
Call it cross-border enlightened self-interest: As one of the US's premier trade partners and closest neighbors, what's bad for Mexico is bad for the US.

The Country Where You Live Impacts Password Choices

09/29/2022
Literacy, levels of personal freedom, and other macro-social factors help determine how strong average passwords are in a given locale, researchers have found.

Dangerous New Attack Technique Compromising VMware ESXi Hypervisors

09/29/2022
China-based threat actor used poisoned vSphere Installation Bundles to deliver multiple backdoors on systems, security vendor says.