| Dark Reading: |
|---|
| Microsoft Uses Machine Learning to Predict Attackers' Next Steps |
| Researchers build a model to attribute attacks to specific groups based on tactics, techniques and procedures, and then figure out their next move. |
| New Malware Downloader Spotted in Targeted Campaigns |
| Saint Bot is being used to drop stealers on compromised systems but could be used to deliver any malware. |
| Wake Up and Smell the JavaScript |
| The SolarWinds attack showed the true meaning of a supply chain breach. And it's the canary in the coal mine for sensitive data on the Web. |
| Omdia Research Spotlight: XDR |
| Few emerging cybersecurity market segments are garnering more attention than XDR. Here, Omdia highlights its recent research on XDR. |
| Unofficial Android App Store APKPure Infected With Malware |
| The APKPure app store was infected with malware that can download Trojans to other Android devices, researchers report. |
| CISA Launches New Threat Detection Dashboard |
| Aviary is a new dashboard that works with CISA's Sparrow threat detection tool. |
| Battle for the Endpoint |
| How to build a new cyber strategy for 2021 and beyond. |
| 8 Security & Privacy Apps to Share With Family and Friends |
| Mobile apps to recommend to the people in your life who want to improve their online security and privacy. |
| Women Are Facing an Economic Crisis & the Cybersecurity Industry Can Help |
| Investing in women's cybersecurity careers can bring enormous benefits and help undo some of the significant economic damage wrought by the pandemic. |
| Zoom Joins Microsoft Teams on List of Enterprise Tools Hacked at Pwn2Own |
| White-hat hacking event shows yet again why there's no such thing as foolproof security against modern attacks. |
| Fraudsters Use HTML Legos to Evade Detection in Phishing Attack |
| Criminals stitch pieces of HTML together and hide them in JavaScript files, researchers report. |
| 600K Payment Card Records Leaked After Swarmshop Breach |
| A leaked database also contains the nicknames, hashed passwords, contact details, and activity history of Swarmshop admins, sellers, and buyers. |
| Handcuffs Over AI: Solving Security Challenges With Law Enforcement |
| We've tried everything else ... now it's time to make the prospect of getting caught -- and punished -- a real deterrent to cybercrime. |
| SecOps and DevOps: From Cooperation to Automation |
| Omdia Principal Analyst Eric Parizo discusses the major obstacles SecOps organizations face as they seek to build ties with DevOps teams, and offers a programmatic approach to help create a path toward DevSecOps. |
| Did 4 Major Ransomware Groups Truly Form a Cartel£ |
| An analysis of well-known extortion groups and their cryptocurrency transactions reveals the answer. |
| Voice-Changing Software Found on APT Attackers' Server |
| Security researchers believe the presence of Morph Vox Pro could indicate APT-C-23 has new plans for their phishing campaigns. |
| Cring Ransomware Used in Attacks on European Industrial Firms |
| Attackers exploited a vulnerability in Fortigate VPN servers to gain access to target networks, researchers report. |
| Fortune 500 Security Shows Progress and Pitfalls |
| Fortune 500 companies have improved on email security and vulnerability disclosure programs but struggle in asset management and high-risk services. |
| Rethinking Cyberattack Response: Prevention & Preparedness |
| The SolarWinds incident is the starkest reminder yet that complacency can exact a terrible price. |
| 5 Ways to Transform Your Phishing Defenses Right Now |
| By transforming how you approach phishing, you can break the phishing kill chain and meaningfully reduce your business risk. |