Dark Reading

FDA: Patch Illumina DNA Sequencing Instruments, Stat

06/03/2022
A critical security bug could lead to remote device control, altered lab results, and more, putting patients in danger, agency warns.

YourCyanide Ransomware Propagates With PasteBin, Discord, Microsoft Links

06/03/2022
The latest iteration of CMD-based ransomware is sophisticated and tricky to detect – and integrates token theft and worming capabilities into its feature set.

Iconium Software Releases DataLenz v1.3 for IBM zSystems

06/03/2022
DataLenz delivers real-time, machine learning-based breach detection with user behavior modeling for IBM zSystems.

Microsoft Disables Iran-Linked Lebanese Hacking Group Polonium

06/03/2022
The attack on Israeli organizations is the latest in a long line of attempts to compromise supply chains, as the APT looks to leverage that access to target a multitude of potential victims.

Actively Exploited Atlassian Zero-Day Bug Allows Full System Takeover

06/03/2022
An remote code execution (RCE) vulnerability in all versions of the popular Confluence collaboration platform can be abused in credential harvesting, cyber espionage, and network backdoor attacks.

Why Network Object Management Is Critical for Managing Multicloud Network Security

06/03/2022
If you want your IT and security administrators to get buried in trivial workloads and productivity bottlenecks, having poor network object management is a great way to accomplish that.

For Ransomware, Speed Matters

06/03/2022
Someone interested in putting together a ransomware campaign has to consider several factors. The LockBit group touts its speed over competing families to attract potential buyers for its ransowmare-as-a-service.

Cerberus Sentinel Completes Acquisition of Creatrix, Inc.

06/02/2022
U.S. cybersecurity services firm expands security and identity management services with woman-owned business.

Research Reveals 75% of CISOs Are Worried Too Many Application Vulnerabilities Leak Into Production, Despite a Multi-Lay

06/02/2022
79% of CISOs say continuous runtime vulnerability management is an essential capability to keep up with the expanding complexity of modern multi-cloud environments.

Intel Chipset Firmware Actively Targeted by Conti Group

06/02/2022
Conti threat actors are betting chipset firmware is updated less frequently than other software — and winning big, analysts say.

Gurucul Launches Cloud-Native SOC Platform Pushing the Boundaries of Next-Gen SIEM and XDR with Identity Threat Detectio

06/02/2022
Gurucul automating threat detection, investigation and response (TDIR) with advanced analytics, comprehensive threat content, and a flexible enterprise risk engine for hybrid and multi-cloud environments.

Phishers Having a Field Day on WhatsApp, Telegraph

06/02/2022
A pair of phishing campaigns against users of WhatsApp and Telegram's Telegraph expose them to extortion, credential harvesting, and even account takeover.

New Cloud Pricing and Products Proof of RSA’s Transformation

06/02/2022
RSA pivots to exclusive focus. Identity is once again the ‘beating heart’ of RSA.

Microsoft Philanthropies Collaborates With WiCyS to Help Close the Cybersecurity Skills Gap

06/02/2022
Microsoft Philanthropies is expanding its cybersecurity skills for jobs campaign to 23 countries and partnering with Women in CyberSecurity (WiCyS) to build a cybersecurity workforce that is not just larger but also more diverse.

US Sanctions Force Evil Corp to Change Tactics

06/02/2022
The threat actor behind the notorious Dridex campaign has switched from using its exclusive credential-harvesting malware to a ransomware-as-a-service model, to make attribution harder.

Neosec Introduces Expert Managed Threat Hunting Service for Detecting and Investigating API Abuse and Vulnerabilities

06/02/2022
Neosec threat hunters from the 'ShadowHunt' team jumpstart the API Security process quickly and help build the knowledge in today's overstretched security teams.

Turbulent Cyber Insurance Market Sees Rising Prices and Sinking Coverage

06/02/2022
As insurers and brokers reckon with unexpected losses, they're charging more for policies and setting higher requirements.

Building America's Cybersecurity Infrastructure

06/02/2022
The government is putting the right skills and expertise in place to fight the rising cyber threat.

'Clipminer' Malware Actors Steal $1.7 Million Using Clipboard Hijacking

06/02/2022
The malware targets Windows users via Trojanized downloads of cracked or pirated software and then starts in on cryptocurrency mining and clipboard hijacking.