Dark Reading

'Lyceum' Threat Group Broadens Focus to ISPs

11/11/2021
New report suggests attacker is targeting trusted supply chain companies in order to compromise large numbers of downstream customers.

Google Open Sources ClusterFuzzLite

11/11/2021
ClusterFuzzLite is a stripped-down version of continuous fuzzing tool ClusterFuzz that integrates CI tools.

How Do I Know It's Time to Consider a SASE Migration?

11/11/2021
The rapid shift to a hybrid workplace and accelerated adoption of new technologies means it's time to rethink networking security approaches.

SquirrelWaffle Leverages Malspam to Deliver Qakbot, Cobalt Strike

11/10/2021
Threat is spreading widely via spam campaigns, infecting systems with a new malware loader.

SolarWinds Vulnerability Exploited in First Stage of Clop Ransomware Attacks

11/10/2021
Russian cybercrime group known as T505 is targeting SolarWinds Server-U systems that haven't been patched for a remote code execution vulnerability fixed this summer.

Defining the Hierarchy of Value in Cyber Intelligence

11/10/2021
One size won't fit all as we try to reconcile the need to demonstrate expertise and value with keeping clients and researchers safe.

CISA and State and Local Partners Test Emergency Response Plans at Chevron Salt Lake Refinery

11/10/2021
The exercise included several objectives related to response procedures at the refinery, including evacuation and shelter-in-place decision-making; roles and responsibilities during investigations; communication with first responders; and public messaging before and following an incident.

4 Tips to Secure the OT Cybersecurity Budget You Require

11/10/2021
OT security engineers and personnel should approach senior management with an emphasis on risk reduction benefits and with a concrete plan to secure budget and funding before it's too late.

Securing the Public: Who Should Take Charge?

11/10/2021
International policy expert Marietke Schaake explores the intricacies of protecting the public as governments depend on private companies to build and secure digital infrastructure.

Researcher Details Vulnerabilities Found in AWS API Gateway

11/10/2021
AWS fixed the security flaws that left the API service at risk of so-called HTTP header-smuggling attacks, says the researcher who discovered them.

Dark Reading Video News Desk Comes to Black Hat Europe

11/10/2021
While attendees join Black Hat Europe 2021 virtually and live in London, we bring you prerecorded interviews from remote offices around the world.

Microsoft Fixes Exchange Server Zero-Day

11/09/2021
November security update contains patches for 55 bugs — including six zero-days across various products.

Are You Planning for the Quantum, Transhumanist Threat?

11/09/2021
Breaking encryption in a day and hacking without visible devices are two threats that could become a reality in the next decade and beyond, experts say.

What My Optometrist Taught Me About InfoSec Presentations

11/08/2021
A broken pair of eyeglasses brings into focus an important lesson about how to tailor security messages to the right audience.

Arctic Wolf Security Operations Cloud Reaches Massive Scale and a Global Footprint

11/08/2021
Global business momentum and technical advancements position the Arctic Wolf platform as a category-defining Security Operations solution

Kaspersky Finds DDoS Attacks in Q3 Grow by 24%, Become More Sophisticated

11/08/2021
The total number of smart attacks (advanced DDoS attacks that are often targeted) increased by 31% when compared to the same period last year.

Banking Malware Threats Surging as Mobile Banking Increases – Nokia Threat Intelligence Report

11/08/2021
The Nokia 2021 Threat Intelligence Report announced today shows that banking malware threats are sharply increasing as cyber criminals target the rising popularity of mobile banking on smartphones, with plots aimed at stealing personal banking credentials and credit card information.

Valeo Networks Acquires On Time Tech, Accelerating National Growth Strategy

11/08/2021
Through this latest acquisition, the company adds two more California locations.

Could Cyber Diplomacy Be the Ultimate Answer to American Ransomware Woes?

11/08/2021
Incentives for good conduct and deterrents for bad behavior in cyberspace are impossible to effectively establish and enforce without international collaboration and commitment.

3 Ways to Deal With the Trojan Source Attack

11/08/2021
These scripts and commands provide short-term fixes for blocking the Trojan Source attack that abuses Unicode to inject malicious backdoors in source code.