Dark Reading

How Can I Protect My SaaS Apps Amid Employee Turnover?

09/07/2022
A SaaS-specific security solution can help security teams make sure apps and usage are both secure, reducing the chances of a breach.

Next-Gen Linux Malware Takes Over Devices With Unique Tool Set

09/07/2022
The Shikitega malware takes over IoT and endpoint devices, exploits vulnerabilities, uses advanced encoding, abuses cloud services for C2, installs a cryptominer, and allows full remote control.

Iran-Linked APT Cozies Up to 'Enemies' in Trust-Based Spy Game

09/07/2022
APT42 is posing as a friend to people considered threats to the government, using a raft of different tools to steal relevant info and perform surveillance.

Some Employees Aren't Just Leaving Companies — They're Defrauding Them

09/07/2022
Here are a few measures your organization can implement to minimize fraudulent behavior and losses.

Mysterious 'Worok' Group Launches Spy Effort With Obfuscated Code, Private Tools

09/06/2022
The threat actor — whose techniques and procedures do not match known groups — has created custom attack tools, including a program that hides scripts in .PNG images.

TeslaGun Primed to Blast a New Wave of Backdoor Cyberattacks

09/06/2022
What under-the-hood details of newly discovered attack control panel tells us about how the Evil Corp threat group manages its ServHelper backdoor malware campaigns.

As LA Unified Battles Ransomware, CISA Warns About Back-to-School Attacks

09/06/2022
Hours after Los Angeles Unified School District hit with ransomware attack, CISA issued an alert that threat actors are actively targeting the education sector.

Name That Edge Toon: Mime's the Word

09/06/2022
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.

Internet Security & Encryption Pioneer Peter Eckersley Passes at 43

09/06/2022
The founder of Let's Encrypt and an EFF technologist, Eckersley devoted his life's work to making the Internet safer and more secure.

Critical QNAP NAS Zero-Day Bug Exploited to Deliver DeadBolt Ransomware

09/06/2022
This is the fourth DeadBolt campaign this year against QNAP customers, but it differs from previous attacks in exploiting an unpatched bug instead of a known vulnerability.

The 3 Fundamentals of Building an Effective IoMT Security Strategy

09/06/2022
The high stakes and unique priorities for Internet of Medical Things devices require specialized cybersecurity strategies.

Cymulate Raises $70M Series D Funding for Continuous Security Posture Testing

09/06/2022
Investor participation from prior round demonstrates confidence in the company's current and future performance.

Botnets in the Age of Remote Work

09/06/2022
Here are some strategies for protecting the business against botnets poised to take advantage of remote-work vulnerabilities.

EvilProxy Commodifies Reverse-Proxy Tactic for Phishing, Bypassing 2FA

09/06/2022
The phishing-as-a-service offering targets accounts from tech giants, and also has connections to PyPI phishing and the Twilio supply chain attack.

Defenders Be Prepared: Cyberattacks Surge Against Linux Amid Cloud Migration

09/06/2022
Ransomware in particular poses a major threat, but security vendors say there has been an increase in Linux-targeted cryptojacking, malware, and vulnerability exploits as well, and defenders need to be ready.

3 Critical Steps for Reducing Cloud Risk

09/05/2022
Having a better understanding of how clouds are built, connected, and managed helps organizations mitigate risks and reduce attack surfaces.

Feds, npm Issue Supply Chain Security Guidance to Avert Another SolarWinds

09/02/2022
The US government and the Open Source Security Foundation have released guidance to shore up software supply chain security, and now it's up to developers to act.

Researchers Spot Snowballing BianLian Ransomware Gang Activity

09/02/2022
The operators of the emerging cross-platform ransomware BianLian increased their command and control infrastructure this month, indicating an acceleration in their operational pace.

4 Scenarios for the Digital World of 2040

09/02/2022
Our digital future depends on the choices we make today. We need to invest in cybersecurity technologies and skills so that humanity can control its future.

Raspberry Robin Malware Connected to Russian Evil Corp Gang

09/02/2022
Infections attributed to the USB-based worm have taken off, and now evidence links the malware to Dridex and the sanctioned Russian cybercriminal group Evil Corp.