Dark Reading - Privacy

Privacy

• ICYMI: A Microsoft Warning, Follina, Atlassian, and More
• OpenSea NFT Marketplace Faces Insider Hack
• Time Constraints Hamper Security Awareness Programs
• Criminals Use Deepfake Videos to Interview for Remote Work
• DragonForce Malaysia Releases LPE Exploit, Threatens Ransomware
• When It Comes to SBOMs, Do You Know the Ingredients in Your Ingredients?
• Microsoft Going Big on Identity with the Launch of Entra
• Google: Hack-for-Hire Groups Present a Potent Threat
• 18 Zero-Days Exploited So Far in 2022
• API Security Losses Total Billions, But It's Complicated
• Exchange Servers Backdoored Globally by SessionManager
• Study Reveals Traditional Data Security Tools Have a 60% Failure Rate Against Ransomware and Extortion
• A Fintech Horror Story: How One Company Prioritizes Cybersecurity
• NXM Announces Platform That Protects Space Infrastructure and IoT Devices From Cyberattacks
• Critical ManageEngine ADAudit Plus Vulnerability Allows Network Takeover, Mass Data Exfiltration
• Zero-Days Aren't Going Away Anytime Soon & What Leaders Need to Know
• Patch Now: Linux Container-Escape Flaw in Azure Service Fabric
• ZuoRAT Hijacks SOHO Routers From Cisco, Netgear
• Broken Authentication Vuln Threatens Amazon Photos Android App
• How to Master the Kill Chain Before Your Attackers Do
• What's Your AppSec Personality?
• Cyberattacks via Unpatched Systems Cost Orgs More Than Phishing
• Shifting the Cybersecurity Paradigm From Severity-Focused to Risk-Centric
• 5 Surprising Cyberattacks AI Stopped This Year
• Kaspersky Reveals Phishing Emails That Employees Find Most Confusing
• Facebook Business Pages Targeted via Chatbot in Data-Harvesting Campaign
• Google Analytics Continues to Lose SEO Visibility as Bans Continue
• 'Raccoon Stealer' Scurries Back on the Scene After Hiatus
• China-Backed APT Pwns Building-Automation Systems With ProxyLogon
• RSA 2022: Omdia Research Take Aways
• Atlassian Confluence Exploits Peak at 100K Daily
• Can Zero-Knowledge Cryptography Solve Our Password Problems?
• A WAF Is Not a Free Lunch: Teaching the Shift-Left Security Mindset
• Ransomware Volume Nearly Doubles 2021 Totals in a Single Quarter
• How to Find New Attack Primitives in Microsoft Azure
• New Vulnerability Database Catalogs Cloud Security Issues
• NIST Finalizes macOS Security Guidance
• Federal, State Agencies' Aid Programs Face Synthetic Identity Fraud
• LockBit 3.0 Debuts With Ransomware Bug Bounty Program
• Shadow IT Spurs 1 in 3 Cyberattacks
• Thrive Acquires DSM
• It's a Race to Secure the Software Supply Chain — Have You Already Stumbled?
• Threat Intelligence Services Are Universally Valued by IT Staff
• Why We're Getting Vulnerability Management Wrong
• APT Groups Swarming on VMware Servers with Log4Shell
• Only 3% of Open Source Software Bugs Are Actually Attackable, Researchers Say
• 7 Steps to Stronger SaaS Security
• The Cybersecurity Talent Shortage Is a Myth
• Without Conti on the Scene, LockBit 2.0 Leads Ransomware Attacks
• Chinese APT Group Likely Using Ransomware Attacks as Cover for IP Theft
• Johnson Controls Acquires Tempered Networks to Bring Zero Trust Cybersecurity to Connected Buildings
• ShiftLeft: Focus On 'Attackability' To Better Prioritize Vulnerabilities
• Pair of Brand-New Cybersecurity Bills Become Law
• The Rise, Fall, and Rebirth of the Presumption of Compromise
• Reinventing How Farming Equipment Is Remotely Controlled and Tracked
• Cyberattackers Abuse QuickBooks Cloud Service in 'Double-Spear' Campaign
• Palo Alto Networks Bolsters Its Cloud Native Security Offerings With Out-of-Band WAAS
• How APTs Are Achieving Persistence Through IoT, OT, and Network Devices
• 80% of Legacy MSSP Users Planning MDR Upgrade
• MetaMask Crypto-Wallet Theft Skates Past Microsoft 365 Security
• Organizations Battling Phishing Malware, Viruses the Most
• Microsoft 365 Users in US Face Raging Spate of Attacks
• Synopsys Completes Acquisition of WhiteHat Security
• Aqua Security Collaborates With Center for Internet Security to Create Guide for Software Supply Chain Security
• Neustar Security Services Launches Public UltraDNS Health Check Site
• Russia's APT28 Launches Nuke-Themed Follina Exploit Campaign
• Fresh Magecart Skimmer Attack Infrastructure Flagged by Analysts
• Getting a Better Handle on Identity Management in the Cloud
• Tanium Partners With ScreenMeet to Enable Employees to Securely Connect to Their Remote Desktops
• Zscaler and AWS Expand Relationship
• Zscaler Launches Posture Control Solution
• Zscaler Adds New AI/ML Capabilities for the Zscaler Zero Trust Exchange
• Evolving Beyond the Password: Vanquishing the Password
• The Risk of Multichannel Phishing Is on the Horizon
• GitHub's MFA Plans Should Spur Rest of Industry to Raise the Bar
• 80% of Firms Suffered Identity-Related Breaches in Last 12 Months
• Risk Disconnect in the Cloud
• Linux Foundation Announces Open Programmable Infrastructure Project to Drive Open Standards for New Class of Cloud Native Infrastructure
• 7 Ways to Avoid Worst-Case Cyber Scenarios
• VPNs Persist Despite Zero-Trust Fervor
• China-Linked ToddyCat APT Pioneers Novel Spyware
• RIG Exploit Kit Replaces Raccoon Stealer Trojan With Dridex
• Gartner: Regulation, Human Costs Will Create Stormy Cybersecurity Weather Ahead
• Why Financial Institutions Must Double Down on Open Source Investments
• Evolving Beyond the Password: It's Time to Up the Ante
• BRATA Android Malware Evolves Into an APT
• Reducing Risk With Zero Trust
• 56 Vulnerabilities Discovered in OT Products From 10 Different Vendors
• AI Is Not a Security Silver Bullet
• Open Source Software Security Begins to Mature
• Capital One Attacker Exploited Misconfigured AWS Databases
• Feds Take Down Russian 'RSOCKS' Botnet
• Name That Toon: Cuter Than a June Bug
• DDoS Attacks Delay Putin Speech at Russian Economic Forum
• Credential Sharing as a Service: The Hidden Risk of Low-Code/No-Code
• Security Lessons From Protecting Live Events
• The Cybersecurity Diversity Gap: Advice for Organizations Looking to Thrive
• Ransomware and Phishing Remain IT's Biggest Concerns
• WordPress Plug-in Ninja Forms Issues Update for Critical Bug
• DeadBolt Ransomware Actively Targets QNAP NAS Devices — Again