Dark Reading
DEF CON 30: Hackers Come Home to Vibrant Community
After 30 years and a brief pandemic hiatus, DEF CON returns with "Hacker Homecoming," an event that put the humans behind cybersecurity first.
Most Q2 Attacks Targeted Old Microsoft Vulnerabilities
The most heavily targeted flaw last quarter was a remote code execution vulnerability in Microsoft Office that was disclosed and patched four years ago.
Transitioning From VPNs to Zero-Trust Access Requires Shoring Up Third-Party Risk Management
ZTNA brings only marginal benefits unless you ensure that the third parties you authorize are not already compromised.
How and Why to Apply OSINT to Protect the Enterprise
Here's how to flip the tide and tap open source intelligence to protect your users.
Cybercriminals Weaponizing Ransomware Data for BEC Attacks
Attacked once, victimized multiple times: Data marketplaces are making it easier for threat actors to find and use data exfiltrated during ransomware attacks in follow-up attacks.
Patch Madness: Vendor Bug Advisories Are Broken, So Broken
Dustin Childs and Brian Gorenc of ZDI take the opportunity at Black Hat USA to break down the many vulnerability disclosure issues making patch prioritization a nightmare scenario for many orgs.
Software Supply Chain Chalks Up a Security Win With New Crypto Effort
GitHub, the owner of the Node Package Manager (npm), proposes cryptographically linking source code and JavaScript packages in an effort to shore up supply chain security.
Novel Ransomware Comes to the Sophisticated SOVA Android Banking Trojan
Unusually, SOVA, which targets US users, now allows lateral movement for deeper data access. Version 5 adds an encryption capability.
How to Clear Security Obstacles and Achieve Cloud Nirvana
Back-end complexity of cloud computing means there's plenty of potential for security problems. Here's how to get a better handle on SaaS application security.
Microsoft: We Don't Want to Zero-Day Our Customers
The head of Microsoft's Security Response Center defends keeping its initial vulnerability disclosures sparse — it is, she says, to protect customers.
Krebs: Taiwan, Geopolitical Headwinds Loom Large
During a keynote at Black Hat 2022, former CISA director Chris Krebs outlined the biggest risk areas for the public and private sectors for the next few years.
After Colonial Pipeline, Critical Infrastructure Operators Remain Blind to Cyber-Risks
In her keynote address at Black Hat USA 2022, Kim Zetter gives a scathing rebuke of Colonial Pipeline for not foreseeing the attack.
Supply Chain Security Startup Phylum Wins the First Black Hat Innovation Spotlight
Up-and-coming companies shoot their shot in a new feature introduced at the 25th annual cybersecurity conference.
Cyber-Insurance Fail: Most Businesses Lack Ransomware Coverage
Even among businesses with cyber insurance, they lack coverage for basic costs of many cyberattacks, according to a BlackBerry survey.
4 Flaws, Other Weaknesses Undermine Cisco ASA Firewalls
More than 1 million instances of firewalls running Cisco Adaptive Security Appliance (ASA) software have four vulnerabilities that undermine its security, a researcher finds.
New Cross-Industry Group Launches Open Cybersecurity Framework
Eighteen companies, led by Amazon and Splunk, announced the OCSF framework to provide a standard way for sharing threat detection telemetry among different monitoring tools and applications.
Cisco Confirms Data Breach, Hacked Files Leaked
Ransomware gang gained access to the company's VPN in May by convincing an employee to accept a multifactor authentication (MFA) push notification.
The Time Is Now for IoT Security Standards
Industry standards would provide predictable and understandable IoT security frameworks.
Dark Reading News Desk: Live at Black Hat USA 2022
TODAY at 10 PT: Dark Reading News Desk returns to Black Hat USA 2022
New Open Source Tools Launched for Adversary Simulation
The new open source tools are designed to help defense, identity and access management, and security operations center teams discover vulnerable network shares.
New HTTP Request Smuggling Attacks Target Web Browsers
Threat actors can abuse weaknesses in HTTP request handling to launch damaging browser-based attacks on website users, researcher says.
Multiple Vulnerabilities Discovered in Device42 Asset Management Appliance
Four serious security issues on the popular appliance could be exploited by hackers with any level of access within the host network, Bitdefender researchers say.
Many ZTNA, MFA Tools Offer Little Protection Against Cookie Session Hijacking Attacks
Many of the technologies and services that organizations are using to isolate Internet traffic from the internal network lack session validation mechanisms, security startup says.
Rethinking Software in the Organizational Hierarchy
Least privilege is a good defense normally applied only to users. What if we limited apps' access to other apps and network resources based on their roles and responsibilities£
Mimecast Announces Mimecast X1™ Platform Providing Customers With Email and Collaboration Security
Platform engineered to let organizations mitigate risk and manage complexities.
OPSWAT Presents New Malware Analysis Capabilities for Operational Technology at Black Hat USA 2022
Product enhancements to offer full IT and OT threat intelligence services for OPSWAT customers.
Bugcrowd Taps Top Hackers for Live Hacking Event with Indeed at 2022 Black Hat Conference
Deepfence ThreatMapper 1.4 Unveils Open Source Threat Graph to Visualize Cloud-Native Threat Landscape
New release also includes enterprise-grade cloud security posture management (CSPM) and YARA-based malware scanning capabilities.
Compliance Certifications: Worth the Effort£
Because demonstrating compliance with industry regulations can be cumbersome and expensive, it's important to ensure they're also absolutely essential.
Zero Trust & XDR: The New Architecture of Defense
Zero trust and XDR are complementary and both are necessary in today's modern IT environment. In this article, we discuss the intersection of zero trust and XDR.
Flow Security Launches Next-Gen Data Security Platform Following $10 Million Seed Round
First-of-its-kind solution discovers and protects both data at rest and in motion.
Looking Back at 25 Years of Black Hat
The Black Hat USA conference's silver jubilee is an opportunity to remember its defining moments, the impact it has made on the security community, and its legacy.
Software Development Pipelines Offer Cybercriminals 'Free-Range' Access to Cloud, On-Prem
A Q&A with NCC Group's Viktor Gazdag ahead of a Black Hat USA session on CI/CD pipeline risks reveals a scary, and expanding, campaign vector for software supply chain attacks and RCE.
Microsoft Patches Zero-Day Actively Exploited in the Wild
The computing giant issued a massive Patch Tuesday update, including a pair of remote execution flaws in the Microsoft Support Diagnostic Tool (MSDT) after attackers used one of the vulnerabilities in a zero-day exploit.
Halo Security Emerges From Stealth With Full Attack Surface Management Platform
The latest startup to enter the space also has a free scanning service to audit the contents of any website.
Cybrary Unveils Next-Generation Interactive, Hands-On Training Experience to Upskill Cybersecurity Professionals
New SOC Analyst Assessment delivers threat-informed training in a live lab environment to help cybersecurity professionals defend their organizations against the latest adversarial tactics and techniques.
Researchers Debut Fresh RCE Vector for Common Google API Tool
The finding exposes the danger of older, unpatched bugs, which plague at least 4.5 million devices.
Abusing Kerberos for Local Privilege Escalation
Upcoming Black Hat USA presentation will examine the implications of Kerberos weaknesses for security on the local machine.
Domino's Takes a Methodical Approach to IoT
The success of Domino's Flex IoT project can be attributed in large part to the security best practices it followed.
Russia-Ukraine Conflict Holds Cyberwar Lessons
Initial attacks used damaging wiper malware and targeted infrastructure, but the most enduring impacts will likely be from disinformation, researchers say. At Black Hat USA, SentinelOne's Juan Andres Guerrero-Saade and Tom Hegel will discuss.
US Oil and Gas Sector at Risk of a Cyberbreach, According to BreachBits Study
Study offers a cyber "state of the industry" analysis from a hacker's perspective to help companies anticipate attacks.
Netscout Arbor Insight Leverages Patented ASI Technology to Enhance Security and Operational Awareness for Network Operators of Any Scale
Extends all aspects of the Arbor Sightline solution with unique, real-time multidimensional DDoS and traffic analytics capabilities.
Lacework Updates Threat Detection To Uncover More Malicious Activity and Speed Investigation at Scale
New time series model and enhanced alerting experience make it easy for organizations to address more threats in the cloud while enabling faster investigations.
Don't Take the Cyber Safety Review Board's Log4j Report at Face Value
Given the lack of reporting requirements, the findings are more like assumptions. Here's what organizations can do to minimize exposure.
Human Threat Hunters Are Essential to Thwarting Zero-Day Attacks
Machine-learning algorithms alone may miss signs of a successful attack on your organization.
10 Malicious Code Packages Slither into PyPI Registry
The discovery adds to the growing list of recent incidents where threat actors have used public code repositories to distribute malware in software supply chain attacks.
Deepfakes Grow in Sophistication, Cyberattacks Rise Following Ukraine War
A rising tide of threats — from API exploits to deepfakes to extortionary ransomware attacks — is threatening to overwhelm IT security teams.
HYAS Infosec Announces General Availability of Cybersecurity Solution for Production Environments
HYAS Confront provides total visibility into your production environment, giving you insight into potential issues like cyber threats before they become problems.
We Have the Tech to Scale Up Open Source Vulnerability Fixes — Now It's Time to Leverage It
Q&A with Jonathan Leitschuh, inaugural HUMAN Dan Kaminsky Fellow, in advance of his upcoming Black Hat USA presentation.
What Adjustable Dumbbells Can Teach Us About Risk Management
A new workout leads to five smart lessons about the importance of converging security and fraud into a unified risk function.
Pipeline Operators Are Headed in the Right Direction, With or Without TSA's Updated Security Directives
A worsening threat landscape, increased digitization, and the long-term positive effects of modern security strategies are pushing critical infrastructure operators to do better.
What Worries Security Teams About the Cloud£
What issues are cybersecurity professionals concerned about in 2022£ You tell us!
Genesis IAB Market Brings Polish to the Dark Web
As the market for initial access brokers matures, services like Genesis — which offers elite access to compromised systems and slick, professional services — are raising the bar in the underground economy.
A Ransomware Explosion Fosters Thriving Dark Web Ecosystem
For the right price, threat actors can get just about anything they want to launch a ransomware attack — even without technical skills or any previous experience.
Stolen Data Gives Attackers Advantage Against Text-Based 2FA
With names, email addresses, and mobile numbers from underground databases, one person in five is at risk of account compromise even with SMS two-factor authentication in place.
Fresh RapperBot Malware Variant Brute-Forces Its Way Into SSH Servers
Over the past few weeks, a Mirai variant appears to have made a pivot from infecting new servers to maintaining remote access.
How to Resolve Permission Issues in CI/CD Pipelines
This Tech Tip outlines how DevOps teams can address security integration issues in their CI/CD pipelines.
A Digital Home Has Many Open Doors
Development of digital gateways to protect the places where we live, work, and converse need to be secure and many doors need to offer restricted access.
Cyberattackers Increasingly Target Cloud IAM as a Weak Link
At Black Hat USA, Igal Gofman plans to address how machine identities in the cloud and the explosion of SaaS apps are creating risks for IAM, amid escalating attention from attackers.
Amazon, IBM Move Swiftly on Post-Quantum Cryptographic Algorithms Selected by NIST
A month after the algorithms were revealed, some companies have already begun incorporating the future standards into their products and services.
Time to Patch VMware Products Against a Critical New Vulnerability
A dangerous VMware authentication-bypass bug could give threat actors administrative access over virtual machines.
Bug in Kaspersky VPN Client Allows Privilege Escalation
The CVE-2022-27535 local privilege-escalation security vulnerability in the security software threatens remote and work-from-home users.
How Email Security Is Evolving
Securing email communication has never been more critical for organizations, and it has never been more challenging to do so. Attack volumes have increased and become more sophisticated.
Massive China-Linked Disinformation Campaign Taps PR Firm for Help
A global network of inauthentic news sites present themselves as independent news outlets, offering content favoring China's government and articles critical of the US.
Phylum Releases a Free Community Edition to Make Software Supply Chain Security More Accessible
Users can identify risks across five domains, work on multiple projects, and take advantage of exclusive community benefits.
The Myth of Protection Online — and What Comes Next
It's a myth that consuming and processing alerts qualifies as security. Today's technology allows better detection and prevention, rather than accepting the low bar for protection set by ingrained incident response reactions.
Deep Instinct Pioneers Deep-Learning Malware Prevention to Protect Mission-Critical Business Applications at Scale
Agentless approach meets the attacker earlier to protect financial services and other large enterprises from an underserved attack vector.
35K Malicious Code Insertions in GitHub: Attack or Bug-Bounty Effort£
In the last month, "Pl0xP" cloned several GitHub repositories, adding malicious code to the forks that would attempt to infect developer systems and steal sensitive files that included software keys.
Ping Identity to Go Private After $2.8B Acquisition
The identity-services company is being acquired by Thoma Bravo software investment for cash, before being delisted.
Startup Footprint Tackles Identity Verification
Early-stage startup Footprint's goal is to provide tools that change how enterprises verify, authentication, authorize, and secure identity.
How IT Teams Can Use 'Harm Reduction' for Better Cybersecurity Outcomes
Copado's Kyle Tobener will discuss a three-pronged plan at Black Hat USA for addressing human weaknesses in cybersecurity with this medical concept — from phishing to shadow IT.
Critical RCE Bug in DrayTek Routers Opens SMBs to Zero-Click Attacks
SMBs should patch CVE-2022-32548 now to avoid a host of horrors, including complete network compromise, ransomware, state-sponsored attacks, and more.
School Kid Uploads Ransomware Scripts to PyPI Repository as 'Fun' Project
The malware packages had names that were common typosquats of a legitimate widely used Python library. One was downloaded hundreds of times.
Cyberattackers Drain Nearly $6M From Solana Crypto Wallets
So far, the ongoing attack has impacted nearly 8,000 Solana hot wallets.
Zero-Day Defense: Tips for Defusing the Threat
Because they leave so little time to patch and defuse, zero-day threats require a proactive, multilayered approach based on zero trust.
ShiftLeft Appoints Prevention-First, Cybersecurity Visionary and AI/ML Pioneer Stuart McClure as CEO
Serial entrepreneur, cybersecurity leader, and industry veteran joins ShiftLeft to drive growth and AI/ML innovation globally.
Druva Introduces the Data Resiliency Guarantee of up to $10 Million
The new program offers robust protection across all five data risk categories: cyber, human, application, operation, and environmental.
CompTIA CEO Outlines Initiative to Create the Pre-eminent Destination to Start, Build and ‘Supercharge’ a Tech Career
Todd Thibodeaux uses ChannelCon 2022 state of the industry remarks to unveil CompTIA’s Project Agora; invites broad industry participation in the effort to fight for tech talent.
Netskope Acquires Infiot, Will Deliver Fully Integrated, Single-Vendor SASE Platform
Converged SASE platform provides AI-driven Zero trust security and simplified, optimized connectivity to any network location or device, including IoT.
5 Ways Chess Can Inspire Strategic Cybersecurity Thinking
Rising interest in chess may feed the next generation of cybersecurity experts.
American Express, Snapchat Open-Redirect Vulnerabilities Exploited in Phishing Scheme
Phishing operators are taking advantage of security bugs in the Amex and Snapchat websites (the latter is unpatched) to steer victims to phishing pages looking to harvest Google and Microsoft logins.
Thousands of Mobile Apps Leaking Twitter API Keys
New finding comes amid report of overall surge in threats targeting mobile and IoT devices over the past year.
Large Language AI Models Have Real Security Benefits
Complex neural networks, including GPT-3, can deliver useful cybersecurity capabilities, such as explaining malware and quickly classifying websites, researchers find.
Massive New Phishing Campaign Targets Microsoft Email Service Users
The campaign uses adversary-in-the-middle techniques to bypass multifactor authentication, evade detection.
From Babuk Source Code to Darkside Custom Listings — Exposing a Thriving Ransomware Marketplace on the Dark Web
Venafi investigation of 35 million Dark Web URLs shows macro-enabled ransomware widely available at bargain prices.
Manufacturing Sector in 2022 Is More Vulnerable to Account Compromise and Supply Chain Attacks in the Cloud than Other Verticals
Netwrix study reveals that manufacturing organizations experienced these types of attacks more often than any other industry surveyed.
Axis Raises the Bar With Modern-Day ZTNA Service that Boasts Hyper-Intelligence, Simplicity, and 350 Global Edges
Launches industry’s first ZTNA migration tool and ZTNA buyback program, setting the stage for migration away from ZTNA 1.0.
T-Mobile Store Owner Made $25M Using Stolen Employee Credentials
Now-convicted phone dealer reset locked and blocked phones on various mobile networks.
Microsoft Intros New Attack Surface Management, Threat Intel Tools
Microsoft says the new tools will give security teams an attacker's-eye view of their systems and supercharge their investigation and remediation efforts.
Capital One Breach Conviction Exposes Scale of Cloud Entitlement Risk
To protect against similar attacks, organizations should focus on bringing cloud entitlements and configurations under control.
VirusTotal: Threat Actors Mimic Legitimate Apps, Use Stolen Certs to Spread Malware
Attackers are turning to stolen credentials and posing as trusted applications to socially engineer victims, according to Google study of malware submitted to VirusTotal.
Incognia Mobile App Study Reveals Low Detection of Location Spoofing in Dating Apps
With over 323 million users of dating apps worldwide, study finds location spoofing is a threat to user trust and safety.
BlackCloak Bolsters Malware Protection With QR Code Scanner and Malicious Calendar Detection Features
In conjunction with Black Hat 2022, pioneer of digital executive protection also announces new security innovations and SOC 2 Type II certification.
Cybrary Lands $25 Million in New Funding Round
Series C investment from BuildGroup and Gula Tech Adventures, along with appointment of Kevin Mandia to the board of directors, will propel a new chapter of company growth.
5 Steps to Becoming Secure by Design in the Face of Evolving Cyber Threats
From adopting zero-trust security models to dynamic environments to operating under an "assumed breach" mentality, here are ways IT departments can reduce vulnerabilities as they move deliberately to become more secure.
CREST Defensible Penetration Test Released
CREST provides commercially defensible scoping, delivery, and sign-off recommendations for penetration tests.
DoJ: Foreign Adversaries Breach US Federal Court Records
A Justice Department official testifies to a House committee that the cyberattack is a "significant concern."
Ransomware Hit on European Pipeline & Energy Supplier Encevo Linked to BlackCat
Customers across several European countries are urged to update credentials in the wake of the attack that affected a gas-pipeline operator and power company.
Credential Canaries Create Minefield for Attackers
Canary tokens — also known as honey tokens — force attackers to second-guess their potential good fortune when they come across user and application secrets.
Chromium Browsers Allow Data Exfiltration via Bookmark Syncing
"Bruggling" emerges as a novel technique for pilfering data out from a compromised environment — or for sneaking in malicious code and attack tools.
Feed Fetched by RSS Dog.