Dark Reading

Chinese APT Group Likely Using Ransomware Attacks as Cover for IP Theft

06/23/2022
Bronze Starlight’s use of multiple ransomware families and its victim-targeting suggest there’s more to the group’s activities than just financial gain, security vendor says.

Johnson Controls Acquires Tempered Networks to Bring Zero Trust Cybersecurity to Connected Buildings

06/23/2022
Johnson Controls will roll out the Tempered Networks platform across deployments of its OpenBlue AI-enabled platform.

ShiftLeft: Focus On 'Attackability' To Better Prioritize Vulnerabilities

06/23/2022
ShiftLeft's Manish Gupta join Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk about looking at vulnerability management through the lens of "attackability."

Pair of Brand-New Cybersecurity Bills Become Law

06/23/2022
Bipartisan legislation allows cybersecurity experts to work across multiple agencies and provides federal support for local governments.

The Rise, Fall, and Rebirth of the Presumption of Compromise

06/23/2022
The concept might make us sharp and realistic, but it's not enough on its own.

Reinventing How Farming Equipment Is Remotely Controlled and Tracked

06/23/2022
Farmers are incorporating high-tech solutions like IoT and drones to address new challenges facing agriculture.

Cyberattackers Abuse QuickBooks Cloud Service in 'Double-Spear' Campaign

06/23/2022
Malicious invoices coming from the accounting software's legitimate domain are used to harvest phone numbers and carry out fraudulent credit-card transactions.

Palo Alto Networks Bolsters Its Cloud Native Security Offerings With Out-of-Band WAAS

06/23/2022
Latest Prisma Cloud platform updates help organizations continuously monitor and secure web applications with maximum flexibility.

How APTs Are Achieving Persistence Through IoT, OT, and Network Devices

06/23/2022
To prevent these attacks, businesses must have complete visibility into, and access and management over, disparate devices.

80% of Legacy MSSP Users Planning MDR Upgrade

06/23/2022
False positives and staff shortages are inspiring a massive managed detection and response (MDR) services migration, research finds.

MetaMask Crypto-Wallet Theft Skates Past Microsoft 365 Security

06/23/2022
The credential-phishing attack leverages social engineering and brand impersonation techniques to lead users to a spoofed MetaMask verification page.

Organizations Battling Phishing Malware, Viruses the Most

06/22/2022
Organizations may not frequently encounter malware targeting cloud systems or networking equipment, but the array of malware they do encounter just occasionally is no less disruptive or damaging. That is where the focus needs to be.

Microsoft 365 Users in US Face Raging Spate of Attacks

06/22/2022
A voicemail-themed phishing campaign is hitting specific industry verticals across the country, bent on scavenging credentials that can be used for a range of nefarious purposes.

Synopsys Completes Acquisition of WhiteHat Security

06/22/2022
Addition of WhiteHat Security provides Synopsys with SaaS capabilities and dynamic application security testing (DAST) technology.

Aqua Security Collaborates With Center for Internet Security to Create Guide for Software Supply Chain Security

06/22/2022
In addition, Aqua Security unveiled a new open source tool, Chain-Bench, for auditing the software supply chain to ensure compliance with the new CIS guidelines.

Neustar Security Services Launches Public UltraDNS Health Check Site

06/22/2022
Open service generates free report detailing potential gaps in compliance, configuration, and security for a user’s multiple domain names.

Russia's APT28 Launches Nuke-Themed Follina Exploit Campaign

06/22/2022
Researchers have spotted the threat group, also known as Fancy Bear and Sofacy, using the Windows MSDT vulnerability to distribute information stealers to users in Ukraine.

Fresh Magecart Skimmer Attack Infrastructure Flagged by Analysts

06/22/2022
Don't sleep on Magecart attacks, which security teams could miss by relying solely on automated crawlers and sandboxes, experts warn.

Getting a Better Handle on Identity Management in the Cloud

06/22/2022
Treat identity management as a first-priority problem, not something to figure out later while you get your business up and running in the cloud.

Tanium Partners With ScreenMeet to Enable Employees to Securely Connect to Their Remote Desktops

06/22/2022
partnership lets users access one-click ScreenMeet sessions from the Tanium platform.