Dark Reading

Ground Labs Research Reveals 71% of American Consumers are Unaware of Data Protection Laws

12/14/2021
Google Survey of 1,000 U.S. consumers uncovers data privacy disconnect, a call to action for businesses.

Attackers Target Log4J to Drop Ransomware, Web Shells, Backdoors

12/14/2021
Amid the increase in Log4J attack activity, at least one Iranian state-backed threat group is preparing to target the vulnerability, experts say.

Propane Gas Distributor Hit With Ransomware

12/14/2021
North America-based Superior Plus "temporarily disabled" some of its systems in the wake of the attack.

Ransomware Hits Virginia Legislative Agencies

12/14/2021
The attack forced a shutdown of computer systems and websites for Virginia legislative agencies and commissions, reports state.

Tool Overload & Attack Surface Expansion Plague SOCs

12/14/2021
Security professionals are burning out from handling too many tools and facing a growing number of threats, and more than 40% see lack of leadership as the main problem.

Microsoft Patches Zero-Day Spreading Emotet Malware

12/14/2021
The December rollout includes 67 security patches and addresses one zero-day and five more publicly known vulnerabilities.

Source Code Leaks: The Real Problem Nobody Is Paying Attention To

12/14/2021
Source code is a corporate asset like any other, which makes it an attractive target for hackers.

Combat Misinformation by Getting Back to Security Basics

12/14/2021
One volley of fake news may land, but properly trained AI can shut down similar attempts at their sources.

XDR: What It Is, What It Isn't

12/13/2021
The three must-haves in eXtended Detection and Response are: making data accessible, facilitating real-time threat detection, and providing remediation strategies.

Tales from the Dark Web: Fingerprinting Access Brokers on Criminal Forums

12/13/2021
Every high-profile breach leaves a trail of bread crumbs, and defenders who monitor access brokers can connect the dots and detect attacks as they unfold.

Why Classifying Ransomware as a National Security Threat Matters

12/13/2021
Government actions help starve attack groups of the resources - money, ability to recruit, and time.

How Do I Find My Servers With the Log4j Vulnerability?

12/13/2021
This Tech Tip outlines how enterprises can use Canarytokens to find servers in their organization vulnerable to CVE-2021-44228.

Volvo Confirms R&D Data Stolen in Breach

12/13/2021
The company confirmed last week that one of its file repositories was accessed by a third party.

Kronos Suffers Ransomware Attack, Expects Full Restoration to Take 'Weeks'

12/13/2021
Customers advised to adopt alternative internal processes to support the affected human resources services.

40% of Corporate Networks Targeted by Attackers Seeking to Exploit Log4j

12/13/2021
More than 60 variants of the original exploit were introduced over the last day alone.

Bug-Bounty Programs Shift Focus to Most Critical Flaws

12/13/2021
The number of bug bounty programs jumped by a third, the median payout for a critical vulnerability report rose to $3,000, but rewards for easier-to-find lower-severity flaws stagnated in 2021.

Name That Toon: Modern-Day Frosty

12/13/2021
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Darktrace Reports Information Technology and Communications Sector Most Targeted by Cyberattackers in 2021

12/13/2021
Most targeted industry shifts from the financial and insurance sector in 2020.

Kaspersky Opens Doors to New Transparency Center in North America

12/13/2021
The opening marks the fifth center opened globally, fulfilling a key milestone within the Global Transparency Initiative.

2 Website Threats to Address for the Holiday Shopping Rush

12/13/2021
Some tips for effectively combating Web supply chain attacks and customer hijacking via browser extensions.