Dark Reading

Unofficial Android App Store APKPure Infected With Malware

04/09/2021
The APKPure app store was infected with malware that can download Trojans to other Android devices, researchers report.

CISA Launches New Threat Detection Dashboard

04/09/2021
Aviary is a new dashboard that works with CISA's Sparrow threat detection tool.

Battle for the Endpoint

04/09/2021
How to build a new cyber strategy for 2021 and beyond.

8 Security & Privacy Apps to Share With Family and Friends

04/09/2021
Mobile apps to recommend to the people in your life who want to improve their online security and privacy.

Women Are Facing an Economic Crisis & the Cybersecurity Industry Can Help

04/09/2021
Investing in women's cybersecurity careers can bring enormous benefits and help undo some of the significant economic damage wrought by the pandemic.

Zoom Joins Microsoft Teams on List of Enterprise Tools Hacked at Pwn2Own

04/08/2021
White-hat hacking event shows yet again why there's no such thing as foolproof security against modern attacks.

Fraudsters Use HTML Legos to Evade Detection in Phishing Attack

04/08/2021
Criminals stitch pieces of HTML together and hide them in JavaScript files, researchers report.

600K Payment Card Records Leaked After Swarmshop Breach

04/08/2021
A leaked database also contains the nicknames, hashed passwords, contact details, and activity history of Swarmshop admins, sellers, and buyers.

Handcuffs Over AI: Solving Security Challenges With Law Enforcement

04/08/2021
We've tried everything else ... now it's time to make the prospect of getting caught -- and punished -- a real deterrent to cybercrime.

SecOps and DevOps: From Cooperation to Automation

04/07/2021
Omdia Principal Analyst Eric Parizo discusses the major obstacles SecOps organizations face as they seek to build ties with DevOps teams, and offers a programmatic approach to help create a path toward DevSecOps.

Did 4 Major Ransomware Groups Truly Form a Cartel?

04/07/2021
An analysis of well-known extortion groups and their cryptocurrency transactions reveals the answer.

Voice-Changing Software Found on APT Attackers' Server

04/07/2021
Security researchers believe the presence of Morph Vox Pro could indicate APT-C-23 has new plans for their phishing campaigns.

Cring Ransomware Used in Attacks on European Industrial Firms

04/07/2021
Attackers exploited a vulnerability in Fortigate VPN servers to gain access to target networks, researchers report.

Fortune 500 Security Shows Progress and Pitfalls

04/07/2021
Fortune 500 companies have improved on email security and vulnerability disclosure programs but struggle in asset management and high-risk services.

Rethinking Cyberattack Response: Prevention & Preparedness

04/07/2021
The SolarWinds incident is the starkest reminder yet that complacency can exact a terrible price.

5 Ways to Transform Your Phishing Defenses Right Now

04/07/2021
By transforming how you approach phishing, you can break the phishing kill chain and meaningfully reduce your business risk.

Attackers Actively Seeking, Exploiting Vulnerable SAP Applications

04/07/2021
Analysis of threat activity in mission-critical environments prompts CISA advisory urging SAP customers to apply necessary security patches and updates.

Cartoon Caption Winner: Something Seems Afoul

04/07/2021
And the winner of Dark Readings's March cartoon caption contest is ...

Microsoft Teams, Exchange Server, Windows 10 Hacked in Pwn2Own 2021

04/06/2021
The 2021 Pwn2Own is among the largest in its history, with 23 separate entries targeting 10 products.

Security Falls Short in Rapid COVID Cloud Migration

04/06/2021
The quick pivot to the cloud for remote support also ushered in risks.