Dark Reading

MITRE Engenuity & Cybrary Surpass 25,000 Users in MITRE ATT&CK Defender Certification Program

12/06/2021
The program helps close the skill gap to enable defenders to gain the advantage over cyber adversaries.

Microsoft Seizes Malicious Websites Used by Prolific Chinese APT Group

12/06/2021
The so-called Nikel cyber espionage attack group - aka APT15, Vixen Panda, KE3CHANG, Royal APT, and Playful Dragon - has been in Microsoft's sights since 2016.

US Military Has Acted Against Ransomware Groups: Report

12/06/2021
Gen. Paul Nakasoke, head of US Cyber Command and director of the NSA, said the military has taken offensive action against ransomware groups.

Russian Actors Behind SolarWinds Attack Hit Global Business & Government Targets

12/06/2021
Clusters of activity associated with the attack group behind last year's supply chain breach reveal novel techniques, researchers say.

5 Ways to Keep Fraudsters at Bay Over the Holidays

12/06/2021
Organizations want to focus on customer satisfaction and increased revenues during the holiday shopping season. Here are some smart security and fraud protections to keep in mind.

SEARCH for Hidden Cyber Threats: 6 Steps to Unleash a Hyper-effective Threat Hunting Team

12/06/2021
SEARCH is a carefully-tuned methodology that balances people, process and technology for threat hunters actively searching for, and disrupting, distinctly human threats.

Why the C-Suite Doesn't Need Access to All Corporate Data

12/06/2021
If zero trust is to work properly, then it must apply to everyone.

One-Third of Black Friday Shoppers Were Bots, Fake Users

12/03/2021
Fake traffic observed on Nov. 26 included malicious scrapers, sophisticated botnets, fake accounts, and click farms.

NSO Group Spyware Used to Breach US State Dept. Phones

12/03/2021
At least nine US State Department employee iPhones were targeted with sophisticated spyware developed by the Israeli firm NSO Group.

IGI Cybersecurity Introduces CISO Team-as-a-Service

12/03/2021
Service gives customers access to a CISO-led team of practitioners with a variety of skills and expertise.

How Criminals Are Using Synthetic Identities for Fraud

12/03/2021
Organizations must improve their cybersecurity protocols to detect fraudulent identities and make sure they're safeguarding their consumers’ personal information.

Logiq.ai Tackles Observability Problem With LogFlow

12/03/2021
LogFlow addresses data risks associated with machine data pipelines.

USB Devices the Common Denominator in All Attacks on Air-Gapped Systems

12/03/2021
A new study of 17 malware frameworks shows threat actors always use USB drives to sneak malware into air-gapped environments and then steal data from there.

An Insider's Account of Disclosing Vulnerabilities

12/03/2021
Vendors drag their heels when it comes to identifying software vulnerabilities and are often loath to expedite the fixes.

Ransomware, Carding, and Initial Access Brokers: Group-IB Presents Report on Trending Crimes

12/02/2021
Report explores cybercrime developments from the second half of 2020 through the first half of 2021.

Darktrace Reports 30% More Ransomware Attacks Targeting Organizations During the Holiday Period

12/02/2021
Researchers also observed a 70% average increase in attempted ransomware attacks.

Remote Browser Isolation Stars in Content Protection Role

12/02/2021
The entertainment industry has long had to deal with the challenge of protecting their high-value content and intellectual property. Enter remote browser isolation (RBI).

Top 5 Reasons to Get 'SASE' With Security

12/02/2021
Proactively updating and integrating technology, and ensuring tight collaboration between IT and security … it's simple, right? Well, not always – especially for organizations with limited resources.

Planned Parenthood LA Breach Compromises 400,000 Patients' Data

12/02/2021
The breach, which compromised data such as insurance details and prescription information, took place between Oct. 9 and Oct. 17.

Develop 'Foursight' — Keep Your Post-COVID Transformation on Track

12/02/2021
For IT organizations, the global health crisis didn't make meeting current and future compliance obligations easier. Here are four content protection focus areas that help the enterprise maintain compliance today, and stay on course for future digital transformation.