Dark Reading

7 Ways to Bring AI to Cybersecurity

06/15/2022
Academic researchers are developing projects to apply AI to detect and stop cyberattacks and keep critical infrastructure secure, thanks to grants from C3.ai Digital Transformation Institute.

'Hertzbleed' Side-Channel Attack Threatens Cryptographic Keys for Servers

06/15/2022
A novel timing attack allows remote attackers with low privileges to infer sensitive information by observing power-throttling changes in the CPU.

Veterans Explain How Military Service Prepared Them for Cybersecurity Careers

06/15/2022
The ability to handle intense pressure is just one of the skills that veterans bring to corporate cybersecurity work.

Critical Citrix Bugs Impact All ADM Servers, Agents

06/15/2022
Citrix ADM vulnerabilities could lead to admin password reset and disruption of ADM license service, company warns.

Two Platforms to Rule Them All: CNAPP and SASE

06/15/2022
As the public cloud matures, enterprises are converging on two platforms that meet their workload protection needs via a strategy based on zero-trust security.

Thousands Arrested in Global Raids on Social-Engineering Scammers

06/15/2022
Interpol says it busted fraudsters who were operating call centers for romance scams, get-rich-quick schemes, and more.

How Information Security Teams Can Help Reduce Stress and Burnout

06/15/2022
Work across the organization and take practical steps to ease user stress — prioritize user productivity by offering the right tools to avoid shadow IT and cultivate a transparent security culture. Remember the security team, too, and automate as many processes as possible.

Cybercriminals Capitalizing on Resurgence in Travel

06/15/2022
Multiple cybercrime groups have been spotted selling stolen credentials and other sensitive personal information pilfered from travel-related websites.

Wormable Panchan Peer-to-Peer Botnet Harvests Linux Server Keys

06/15/2022
The Japanese-language Panchan botnet has been discovered stealing SSH keys from Linux servers across Asia, Europe, and North America, with a focus on telecom and education providers.

Why We Need Security Knowledge and Not Just Threat Intel

06/15/2022
Organizations that can break out of siloed data and apply context can transform intelligence into actionable, relevant security knowledge.

24+ Billion Credentials Circulating on the Dark Web in 2022 — So Far

06/15/2022
Username and password combinations offered for sale on the Dark Web by criminals has increased 65% since 2020.

In Case You Missed RSA Conference 2022: A News Digest

06/14/2022
Here's a rundown of Dark Reading's reporting and commentary from and surrounding the first in-person RSA Conference since the pandemic began in 2020.

Microsoft Patches 'Follina' Zero-Day Flaw in Monthly Security Update

06/14/2022
Here are which Microsoft patches to prioritize among the June Patch Tuesday batch.

DDoS Subscription Service Operator Gets 2 Years in Prison

06/14/2022
The distributed denial-as-a-service websites were behind more than 200K attacks on targets including schools and hospitals.

Quantifying the SaaS Supply Chain and Its Risks

06/14/2022
Organizations do not have good visibility into all the software-as-a-service applications that connect to and access data stored in core business.

Incognia Introduces Location-Based Liveness Spoofing Detection Solution

06/14/2022
Mobile apps that rely on facial recognition for identity proofing can now detect fraudulent attempts to fake liveness.

Google: SBOMs Effective Only if They Map to Known Vulns

06/14/2022
SBOMs should be connected with vulnerability databases to fulfill their promise of reducing risk, Google security team says.

Chinese Threat Actor Employs Fake Removable Devices as Lures in Cyber-Espionage Campaign

06/14/2022
"Aoqin Dragon" has been operating since at least 2013, with targets including government and telecommunications companies in multiple countries.

How Can Security Partnerships Help to Mitigate the Increasing Cyber Threat?

06/14/2022
Martyn Ryder from Morphean explains why forging trusted partnerships is integral to the future of physical security in a world of networks, systems, and the cloud.

Optiv MXDR Enhances Detection Coverage With Expanded Cloud Integration

06/14/2022
Service ingests AWS, GCP and Microsoft Azure data.