Dark Reading

'Russian Hackers' Help Fraudsters Hijack JFK Airport's Taxi Dispatch

12/21/2022
DoJ charges allege they hacked into the taxi dispatch system for profit, selling the ability for cab drivers to skip the line for picking up a fare at JFK terminals.

Understanding the 3 Classes of Kubernetes Risk

12/21/2022
The first step toward securing Kubernetes environments is understanding the risks they pose and identifying the ways in which those risks can be mitigated.

How to Run Kubernetes More Securely

12/21/2022
The open source container tool is quite popular among developers — and threat actors. Here are a few ways DevOps teams can take control.

Godfather Banking Trojan Masquerades as Legitimate Google Play App

12/21/2022
The malware has resurfaced, using an icon and name similar to the legitimate Google Play app MYT Music, a popular app with more than 10 million downloads.

Why Security Teams Shouldn't Snooze on MFA Fatigue

12/21/2022
Employee education, biometric and adaptive authentication, and zero trust can go a long way in strengthening security.

Give Yourself the Gift of Secure Holiday Ecommerce

12/20/2022
Automating your defenses can bring good tidings of great joy.

Paying Ransom: Why Manufacturers Shell Out to Cybercriminals

12/20/2022
Lower cybersecurity awareness coupled with vulnerable OT gear makes manufacturers tempting targets, but zero trust can blunt attackers’ advantages.

Bfore.Ai Releases 'The King, The Knight & The Snowball' - Cybersecurity Book for Children

12/20/2022
This unique fairytale is available for free just before Christmas to enjoy with the entire family.

Microsoft Warns on 'Achilles' macOS Gatekeeper Bypass

12/20/2022
The latest bypass for Apple's application-safety feature could allow malicious takeover of Macs.

Raspberry Robin Worm Targets Telcos & Governments

12/20/2022
With 10 layers of obfuscation and fake payloads, the Raspberry Robin worm is nesting its way deep into organizations.

NATO-Member Oil Refinery Targeted in Russian APT Blitz Against Ukraine

12/20/2022
Security Service-backed Trident Ursa APT group shakes up tactics in its relentless cyberattacks against Ukraine.

Searchlight Security Changes Name to Searchlight Cyber and Launches New Brand

12/20/2022
Searchlight Cyber announces rebrand that reflects its status as a fast-growing cybersecurity business.

How AI/ML Can Thwart DDoS Attacks

12/20/2022
When properly designed and trained, artificial intelligence and machine learning can help improve the accuracy of DDoS detection and mitigation.

Coming to a SOC Near You: New Browsers, 'Posture' Management, Virtual Assistants

12/20/2022
Startups are coalescing around effective data loss prevention, reducing data attack surfaces, and viable AI automation.

Cybersecurity Company VMRay Extends Series B Investment to a Total of $34M USD to Drive Growth into New Markets

12/20/2022
VMRay announces the closing of a Series B led by global alternative asset manager Tikehau Capital, which will fuel further expansion of the product portfolio to target a broader set of market segments.

'Blindside' Attack Subverts EDR Platforms From Windows Kernel

12/20/2022
The technique loads a nonmonitored and unhooked DLL, and leverages debug techniques that could allow for running arbitrary code.

Protecting Hospital Networks From 'Code Dark' Scenarios

12/20/2022
Asset inventory, behavioral baselining, and automated response are all key to keeping patients healthy and safe.  

AWS Elastic IP Transfer Feature Gives Cyberattackers Free Range

12/20/2022
Threat actors can take over victims' cloud accounts to steal data, or use them for command-and-control for phishing attacks, denial of service, or other cyberattacks.

Are 100% Security Guarantees Possible?

12/19/2022
Large vendors are commoditizing capabilities that claim to provide absolute security guarantees backed up by formal verification. How significant are these promises?

Sophisticated DarkTortilla Malware Serves Imposter Cisco, Grammarly Pages

12/19/2022
Sites spoofing Grammarly and a Cisco webpage are spreading the DarkTortilla threat, which is filled with follow-on malware attacks.