Dark Reading

Cyber-Threat Actor Uses Booby-Trapped VPN App to Deploy Android Spyware

11/02/2022
"SandStrike," the latest example of espionage-aimed Android malware, relies on elaborate social media efforts and back-end infrastructure.

Dropbox Code Repositories Stolen in Cyberattack on GitHub-Based Developers

11/02/2022
An attack campaign using phishing attacks gives threat actors access to internal Dropbox code repositories, the latest in a series of attacks targeting developers through their GitHub accounts.

Chinese Mob Has 100K Slaves Working in Cambodian Cybercrime Mills

11/02/2022
Vulnerable people are lured by Facebook ads promising high-paying jobs, but instead they're held captive and put to work in Cambodia running cyber scams.

Vitali Kremez Found Dead After Apparent Scuba Diving Accident

11/02/2022
The renowned security researcher, ethical hacker, and cybersecurity phenom was found Wednesday by the US Coast Guard.

How to Narrow the Talent Gap in Cybersecurity

11/02/2022
We can bridge that gap by spreading the word about the opportunities, the requirements, and the many tools available to help applicants break into the field.

SMEs Must Plan for Recovery from Cybersecurity Attacks Amid Shifting Threats, Says MIT Technology Review Insights

11/02/2022
A well-crafted — and tested — disaster recovery plan can minimize downtime and is a key component of business continuity plans.

LastPass Research Finds False Sense of Cybersecurity Running Rampant

11/02/2022
Cybersecurity concerns and education have not mitigated the overuse of the same passwords in 2022.

The Art of Calculating the Cost of Risk

11/02/2022
Insurance and legislation affect how enterprises balance between protecting against breaches and recovering from them.

Netskope Threat Research: Next Generation of Phishing Attacks Uses Unexpected Delivery Methods to Steal Data

11/02/2022
Report reveals new top sources of fake login page referrals, rise of fake third-party cloud apps used to trick users.

Musk's Twitter-Verification Payment Tease Spurs Cyberattackers

11/02/2022
A proposed plan to charge users for the platform's coveted blue check mark has, unsurprisingly, inspired attackers to try to dupe people into giving up their credentials.

Global Automotive Cybersecurity Market Report 2022: Expected Mandate for Cybersecurity Protocols to Significantly Boost

11/02/2022
As vehicle security expands to cover cyber threats on the vehicle as well as the vehicle's external network, cross-industry collaboration and market opportunities are expected to increase.

Everything You Need to Know About LockBit

11/02/2022
While the ransomware-for-hire group works to create ever more efficient exploits, companies can protect themselves with structured vulnerability management processes. Prioritize threats based on severity and risk.

Aravo Integration With Black Kite Helps Improve Cybersecurity Defenses

11/02/2022
New Aravo partnership provides organizations with comprehensive, standards-based third-party technical, financial, and compliance intelligence.

PQShield and Riscure Collaborate on Post-Quantum Cryptography SCA Validation

11/02/2022
The project will advance understanding of how quantum-secure algorithms can be secured against side channel analysis through robust validation and countermeasures.

Critical Vulnerability in Microsoft Azure Cosmos DB Opens Up Jupyter Notebooks

11/02/2022
The now-patched RCE flaw in Cosmos DB's Jupyter Notebook feature highlights some of the weaknesses that can arise from emerging tech in the cloud-native and machine learning worlds.

How AI Can Deliver the Next Phase of Scalability

11/01/2022
AI will help enterprises scale cybersecurity defenses to handle the growing complexity of modern networks and increased number of cyberthreats.

The Sky Is Not Falling: Disclosed OpenSSL Bugs Are Serious but Not Critical

11/01/2022
Organizations should update to the latest encryption (version 3.0.7) as soon as possible, but there's no need for Heartbleed-like panic, security experts say.

Bed Bath & Beyond Discloses Data Breach to SEC

11/01/2022
The retailer reported that an employee fell for a phishing scam, allowing malicious actors to access shared drives.

Now That EDR Is Obvious, What Comes Next?

11/01/2022
First in our series addressing the top 10 unanswered questions in security: What's going to replace EDR?