Dark Reading

1,000+ Attacks in 2 Years: How the SideWinder APT Sheds Its Skin

05/05/2022
Researcher to reveal fresh details at Black Hat Asia on a tenacious cyber-espionage group attacking specific military, law enforcement, aviation, and other entities in Central and South Asia.

Docker Under Siege: Cybercriminals Compromise Honeypots to Ramp Up Attacks

05/05/2022
Cloud containers are increasingly part of the cybercrime playbook, with researchers flagging ongoing scanning for Docker weaknesses along with rapid exploitation to infect systems with coin-miners, denial-of-service tools, and ransomware.

Why Security Matters Even More in Online Gaming

05/05/2022
As the gaming sector booms, game publishers and gaming networks have been heavily targeted with distributed denial-of-service (DDoS) attacks in the last year.

GitHub to Developers: Turn on 2FA or Lose Access

05/04/2022
All active GitHub users who contribute code will be required to enable at least one form of two-factor authentication by the end of 2023.

China-Backed Winnti APT Siphons Reams of US Trade Secrets in Sprawling Cyber-Espionage Attack

05/04/2022
Operation CuckooBees uncovered the state-sponsored group's sophisticated new tactics in a years-long campaign that hit more than 30 tech and manufacturing companies.

Microsoft Releases Defender for SMBs

05/04/2022
Microsoft's stand-alone version of Defender for SMBs promises to help SecOps teams automate detection, response, and recovery.

Q&A: How China Is Exporting Tech-Based Authoritarianism Across the World

05/04/2022
The US has to adapt its own policies to counter the push, warns former DocuSign CEO and Under Secretary of State Keith Krach.

New Ransomware Variant Linked to North Korean Cyber Army

05/04/2022
Researchers use code, Bitcoin transactions to link ransomware attacks on banks to DPRK-sponsored actors.

Security Stuff Happens: What Will the Public Hear When You Say You've Been Breached?

05/04/2022
A company's response to a breach is more important than almost anything else. But what constitutes a "good" response following a security incident? (Part 2 of a series.)

AI for Cybersecurity Shimmers With Promise, But Challenges Abound

05/04/2022
Companies see AI-powered cybersecurity tools and systems as the future, but at present nearly 90% of them say they face significant hurdles in making use of them.

What Stars Wars Teaches Us About Threats

05/04/2022
The venerable film franchise shows us how to take threats in STRIDE.

AutoRABIT Secures $26M in Series B Investment from Full In Partners to Expand DevSecOps Platform

05/04/2022
AutoRABIT intends to direct the funding toward growth initiatives and product development.

Uptycs Announces New Cloud Identity and Entitlement Management (CIEM) Capabilities

05/04/2022
Also adds support for Google Cloud Platform (GCP) and Microsoft Azure, and PCI compliance coverage.

SAC Health System Impacted By Security Incident

05/04/2022
Six boxes of paper documents were removed from the facility without authorization in early March.

Aryaka, Carnegie Mellon’s CyLab to Research New Threat Mitigation Techniques

05/03/2022
The security research partnership will focus on developing new techniques and releasing them as open source.

What Should I Know About Defending IoT Attack Surfaces?

05/03/2022
The Internet of Things needs to be part of the overall corporate information security policy to prevent adversaries from using these devices as an entry point.

API Security Company Traceable AI Lands $60 Million Series B

05/03/2022
Latest round led by IVP values the company at $450 million.

SolarWinds Attackers Gear Up for Typosquatting Attacks

05/03/2022
The same infrastructure traced back to Russian-speaking threat group Nobelium is being used to set up misspelled domain names, presaging impersonation attacks bent on credential harvesting, analysts say.

Unpatched DNS-Poisoning Bug Affects Millions of Devices, Stumps Researchers

05/03/2022
The security vulnerability puts wide swaths of industrial networks and IoT devices at risk of compromise, researchers warn.

REvil Revival: Are Ransomware Gangs Ever Really Gone?

05/03/2022
The infamous ransomware group appears to be back from the dead — maybe — and using the old brand, but experts question whether a reconstituted gang will have much success.