Dark Reading - Authentication

Authentication

• Automatic Updates Deliver Malicious 3CX 'Upgrades' to Enterprises
• BEC Fraudsters Expand to Snatch Real-World Goods in Commodities Twist
• Microsoft Patches 'Dangerous' RCE Flaw in Azure Cloud Service
• Organizations Reassess Cyber Insurance as Self-Insurance Strategies Emerge
• DataDome Closes $42M in Series C Funding to Advance the Fight Against Bot-Driven Cyberattacks and Fraud
• Socura Launches Managed SASE (MSASE) Service
• Stop Blaming the End User for Security Risk
• Spera Takes Aim at Identity Security Posture Management
• Top Tech Talent Warns of AI's Threat to Human Existence in Open Letter
• Trojan-Rigged Tor Browser Bundle Drops Malware
• Patch Now: Cybercriminals Set Sights on Critical IBM File Transfer Bug
• Phishing Emails Up a Whopping 569% in 2022
• Cybersecurity Investment Outlook Remains Grim as Funding Activity Sharply Declines
• Using Observability to Power a Smarter Cybersecurity Strategy
• Google: Commercial Spyware Used by Governments Laden With Zero-Day Exploits
• The CISO Mantra: Get Ready to Do More With Less
• How Does Data Literacy Enhance Data Security?
• Microsoft Security Copilot Uses GPT-4 to Beef Up Security Incident Response
• MacStealer Malware Plucks Bushels of Data From Apple Users
• NullMixer Polymorphic Malware Variant Infects 8K Targets in Just a Month
• Millions of Pen Tests Show Companies' Security Postures Are Getting Worse
• Bitwarden Announces Secrets Management With a Combination of Open Source, End-to-End Encryption, and Ease of Use
• North Korea's Kimsuky Evolves into Full-Fledged, Prolific APT43
• Hey, Siri: Hackers Can Control Smart Devices Using Inaudible Sounds
• Spend on Safety Measures & Call Out Insecure Practices for Safer IoT
• How CISOs Can Reduce the Danger of Using Data Brokers
• CISA Releases Hunt Tool for Microsoft's Cloud Services
• Clop Keeps Racking Up Ransomware Victims With GoAnywhere Flaw
• Twitter's Source Code Leak on GitHub a Potential Cyber Nightmare
• 7 Women Leading the Charge in Cybersecurity Research & Analysis
• Drive to Pervasive Encryption Boosts Key Management
• Cybersecurity vs. Everyone: From Conflict to Collaboration
• CyberSecure Announces Strategic Alliance
• Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest
• GitHub's Private RSA SSH Key Mistakenly Exposed in Public Repository
• Zoom Zoom: 'Dark Power' Ransomware Extorts 10 Targets in Less Than a Month
• Malicious ChatGPT Extensions Add to Google Chrome Woes
• Red Teaming at Scale to Uncover Your Big Unknowns
• Application Security Requires More Investment in Developer Education
• Open Source Vulnerabilities Still Pose a Big Challenge for Security Teams
• 'Nexus' Android Malware Targets Customers of 450 Financial Institutions Worldwide
• Bundestag Bungle: Political Microtargeting of Facebook Users Draws Ire
• The Board of Directors Will See You Now
• Epidemic of Insecure Storage, Backup Devices Is a Windfall for Cybercriminals
• MITRE Rolls Out Supply Chain Security Prototype
• Human Detection and Response: A New Approach to Building a Strong Security Culture
• Okta Post-Exploitation Method Exposes User Passwords
• Just 1% of Nonprofit Domains Have Basic DMARC Email Security Protections
• Are You Talking to a Carbon, Silicon, or Artificial Identity?
• IoT Startup OP[4] Launches With Firmware Security Platform
• Lightspin Launches Remediation Hub to Identify and Fix Cloud Security Threats
• CISA Warns on Unpatched ICS Vulnerabilities Lurking in Critical Infrastructure
• Vectra Unifies AI-Driven Behavior-Based Detection and Signature-Based Detection
• XM Cyber Announces Acquisition of Confluera, Adding Run-Time Protection on Cloud Workloads
• 10 Vulnerability Types to Focus On This Year
• Kaspersky Survey Finds One in Three Users Have Experienced CryptoTheft
• $36M BEC Fraud Attempt Narrowly Thwarted by AI
• Chinese Warships Suspected of Signal-Jamming Passenger Jets
• Pipeline Cybersecurity Rules Show the Need for Public-Private Partnerships
• Attackers Are Probing for Zero-Day Vulns in Edge Infrastructure Products
• BreachForums Shuts Down in Wake of Leader's Arrest
• How to Keep Incident Response Plans Current
• Cyberpion Rebrands As IONIX
• .NET Devs Targeted With Malicious NuGet Packages
• Renowned Researcher Kelly Lum Passes Away
• Research Highlights Cyber Security's Underestimated Role As a Business and Revenue Enabler
• BlackBerry Announces New Patent Sale Transaction With Patent Monetization Company for Up to $900M
• Normalyze Granted Patent for Data Security Posture Management (DSPM)
• Zero-Day Bug Allows Crypto Hackers to Drain $1.6M From Bitcoin ATMs
• BigID's Data Security Posture Management Solution Integrates With SOAR Platforms
• Cybersecurity Skills Shortage, Recession Fears Drive 'Upskilling' Training Trend
• Name That Toon: It's E-Live!
• Custom 'Naplistener' Malware a Nightmare for Network-Based Detection
• Controlling Third-Party Data Risk Should Be a Top Cybersecurity Priority
• IAM Startup Aembit Secures How Workloads Connect to Services
• ChatGPT Gut Check: Cybersecurity Threats Overhyped or Not?
• Mirai Hackers Use Golang to Create a Bigger, Badder DDoS Botnet
• AI Has Your Business Data
• Unpatched Samsung Chipset Vulnerabilities Open Android Users to RCE Attacks
• Cops Nab BreachForums Boss in New York
• Cyberattackers Hoop NBA Fan Data via Third-Party Vendor
• SecurityBridge Introduces The SAP Management Dashboard
• Shouldering the Increasingly Heavy Cloud Shared-Responsibility Model
• How CISOs Can Work With the CFO to Get the Best Security Budget
• Microsoft Azure Warns on Killnet's Growing DDoS Onslaught Against Healthcare
• Prancer Announces Integration With ChatGPT for Enhanced Security Assessments
• Microsoft Outlook Vulnerability Could Be 2023's 'It' Bug
• Technology Firms Delivering Much-Sought Encryption-in-Use
• The Ethics of Network and Security Monitoring
• Low-Budget 'Winter Vivern' APT Awakens After 2-Year Hibernation
• Meta Proposes Revamped Approach to Online Kill Chain Frameworks
• Leveraging Behavioral Analysis to Catch Living-Off-the-Land Attacks
• $3B Crypto-Mixer Money Laundering Operation Seized by Cops
• Change Is Coming to the Network Detection and Response (NDR) Market
• BianLian Ransomware Pivots From Encryption to Pure Data-Theft Extortion
• Rapid7 Acquires Minerva Labs to Extend Leading Managed Detection and Response Service
• 5 Ways to Fight School Ransomware Attacks
• How Do Attackers Hijack Old Domains and Subdomains?
• Hornetsecurity Launches VM Backup V9
• DirectDefense Reports the Top Threats From 2022 and What's Trending for 2023