Dark Reading

Security Awareness Training Must Evolve to Align With Growing E-Commerce Security Threats

09/12/2022
Users must continually be made aware of new threats, including attacks targeting shipping, the supply chain, email, and hybrid workers.

Report Highlights Prevalence of Software Supply Chain Risks

09/12/2022
Multiclient research report shows organizations are significantly increasing efforts to secure their supply chains in response to software supply chain attacks.

Zane Lackey: 'Technology Is the Easy Bit'

09/09/2022
Security Pro File: The DevOps evangelist and angel investor shares his expertise with the next generation of startups. If you're lucky, maybe he'll even share his Lagavulin.

Monti, the New Conti: Ransomware Gang Uses Recycled Code

09/09/2022
A new group, Monti, appears to have used leaked Conti code, TTPs, and infrastructure approaches to launch its own ransomware campaign.

Attackers Exploit Zero-Day WordPress Plug-in Vulnerability in BackupBuddy

09/09/2022
The critical flaw in BackupBuddy is one of thousands of security issues reported in recent years in products that WordPress sites use to extend functionality.

US Sanctions Iran Over APT Cyberattack Activity

09/09/2022
The Treasury Department links the MuddyWater APT and APT39 to Iran's intelligence apparatus, which is now blocked from doing business with US entities.

Microsoft, Cloud Providers Move to Ban Basic Authentication

09/09/2022
Microsoft moves ahead with a plan to sunset basic authentication, and other providers are moving — or have moved — to requiring more secure authentication as well. Is your company ready?

LockBit, ALPHV & Other Ransomware Gang Leak Sites Hit by DDoS Attacks

09/09/2022
A sweeping effort to prevent a raft of targeted cybercrime groups from posting ransomware victims' data publicly is hampering their operations, causing outages.

Why Ports Are at Risk of Cyberattacks

09/09/2022
More docked ships bring a new challenge. The longer a ship is docked, the more vulnerable the port is to a cyberattack.

Darktrace Shares Plunge After Thoma Bravo Acquisition Falls Apart

09/08/2022
No agreement could be reached on terms of a firm offer, the provider of AI-based cybersecurity products says.

A Pragmatic Response to the Quantum Threat

09/08/2022
You certainly don't need to panic, but you do need to form a plan to prepare for the post-quantum reality.

5 Keys to Better Key Management

09/08/2022
From analyzing your company's risk profile to knowing where keys are stored and who can access them, prioritize key clean-up and management. Make compliance an outcome and develop a risk management strategy.

Meta to Appeal $400M GDPR Fine for Mishandling Teen Data in Instagram

09/08/2022
Instagram and Facebook parent company Meta was slapped with the fine for exposing the personal data of minors.

Vulnerability Exploits, Not Phishing, Are the Top Cyberattack Vector for Initial Compromise

09/08/2022
A slew of Microsoft Exchange vulnerabilities (including ProxyLogon) fueled a surge in attacks targeting software flaws in 2021, but the trend has continued this year.

Former Conti Ransomware Members Join Initial Access Broker Group Targeting Ukraine

09/08/2022
The initial access broker (IAB) for ransomware gangs known as UAC-0098 has targeted Ukrainian organizations in five separate phishing campaigns spanning April to August.

Everything You Need To Know About BlackCat (AlphaV)

09/08/2022
A relative newcomer to the ransomware scene, the BlackCat group quickly gained notoriety and may be associated with other APT groups like Conti and DarkSide.

SaaS Alerts Secures $22M Investment from Insight Partners to Scale SaaS Security Monitoring and Response Platform

09/08/2022
Investment to fuel growth and market presence as demand grows for SaaS' next-generation security tools for managed service providers.

Pentesting Evolves for the DevSecOps World

09/07/2022
Penetration testing not only serves to triage and validate other defect discovery activities, it informs risk management activities, such as threat modeling and secure design.

Holiday Inn Owner InterContinental Has a Breach Trend

09/07/2022
After a high-profile 2017 breach and a Holiday Inn ransomware hit earlier this year, IHG confirms that its booking channels and applications have been disrupted in yet another cyberattack.

Fighting Ransomware Takes an Army: Our Public & Private Sector Soldiers Join Forces

09/07/2022
Continued collaboration will help win the fight as cybersecurity remains a national priority. International and public-private cooperation is helping stem the damage from ransomware threats and cyberattacks.