darkreading
LockBit Associates Arrested, Evil Corp Bigwig Outed
1 month 3 weeks ago
A global operation cuffed four LockBit suspects and offered more details into the org chart of Russia's infamous Evil Corp cybercrime gang.
Dark Reading Staff
Cyberattackers Use HR Targets to Lay More_Eggs Backdoor
1 month 3 weeks ago
The FIN6 group is the likely culprit behind a spear-phishing campaign that demonstrates a shift in tactics, from targeting job seekers to going after those who hire.
Elizabeth Montalbano, Contributing Writer
Infrastructure vs. Runtime — Where Are Your Priorities?
1 month 3 weeks ago
Amid the noise of new solutions and buzzwords, understanding the balance between securing infrastructure and implementing runtime security is key to crafting an effective cloud strategy.
Han Cho
UAE, Saudi Arabia Become Plum Cyberattack Targets
1 month 3 weeks ago
Hacktivism-related DDoS attacks have risen 70% in the region, most often targeting the public sector, while stolen data and access offers dominate the Dark Web.
Robert Lemos, Contributing Writer
Calif. Gov. Vetoes AI Safety Bill Aimed at Big Tech Players
1 month 3 weeks ago
Critics viewed the bill as seeking protections against nonrealistic "doomsday" fears, but most stakeholders agree that oversight is needed in the GenAI space.
Jai Vijayan, Contributing Writer
Overtaxed State CISOs Struggle With Budgeting, Staffing
1 month 3 weeks ago
CISOs for US states face the same kinds of challenges those at private companies do: lots of work to handle, but not necessarily enough money or people to handle it sufficiently well.
Nate Nelson, Contributing Writer
DoJ Charges 3 Iranian Hackers in Political 'Hack & Leak' Campaign
1 month 3 weeks ago
The cyberattackers allegedly stole information from US campaign officials only to turn around and weaponize it against unfavored candidates.
Kristina Beek, Associate Editor, Dark Reading
FERC Outlines Supply Chain Security Rules for Power Plants
1 month 3 weeks ago
The US Federal Energy Regulatory Commission spells out what electric utilities should do to protect their software supply chains, as well as their network "trust zones."
Edge Editors
Reachability Analysis Pares Down Static Security-Testing Overload
1 month 3 weeks ago
For development teams awash in vulnerability reports, reachability analysis can help tame the chaos and offer another path to prioritize exploitable issues.
Robert Lemos, Contributing Writer
Sloppy Entra ID Credentials Attract Hybrid Cloud Ransomware
1 month 3 weeks ago
Microsoft warns that ransomware group Storm-0501 has shifted from buying initial access to leveraging weak credentials to gain on-premises access before moving laterally to the cloud.
Becky Bracken, Senior Editor, Dark Reading
Elaborate Deepfake Operation Takes a Meeting With US Senator
1 month 3 weeks ago
The threat actors managed to gain access to Sen. Ben Cardin (D-Md.) by posing as a Ukrainian official, before quickly being outed.
Kristina Beek, Associate Editor, Dark Reading
Treat Your Enterprise Data Like a Digital Nomad
1 month 3 weeks ago
By combining agility with compliance, and security with accessibility, businesses will treat their data as a well-prepared traveler, ready for any adventure.
Apu Pavithran
Shadow AI, Data Exposure Plague Workplace Chatbot Use
1 month 3 weeks ago
Productivity has a downside: A shocking number of employees share sensitive or proprietary data with the generational AI platforms they use, without letting their bosses know.
Tara Seals, Managing Editor, News, Dark Reading
Millions of Kia Vehicles Open to Remote Hacks via License Plate
1 month 3 weeks ago
The vulnerability is the latest discovered in connected vehicles in recent years, and it points out the cyber dangers lurking in automotive APIs.
Jai Vijayan, Contributing Writer
How Should CISOs Navigate the SEC Cybersecurity and Disclosure Rules?
1 month 3 weeks ago
Companies that commit to risk management have a strong cybersecurity foundation that makes it easier to comply with the SEC's rules. Here is what you need to know about 8K and 10K filings.
Edge Editors
Novel Exploit Chain Enables Windows UAC Bypass
1 month 3 weeks ago
Adversaries can exploit CVE-2024-6769 to jump from regular to admin access without triggering UAC, but Microsoft says it's not really a vulnerability.
Nate Nelson, Contributing Writer
Top Allies for Executives & Boards to Leverage During a Cyber Crisis
1 month 3 weeks ago
It is imperative for executives and board members to know who their top allies are, and how to best leverage them to successfully navigate a crisis and minimize the harm caused by a breach.
Chris Crummey
Could Security Misconfigurations Become No. 1 in OWASP Top 10?
1 month 3 weeks ago
As Superman has kryptonite, software has weaknesses — with misconfigurations leading the pack.
Mark Troester
Memory-Safe Code Adoption Has Made Android Safer
1 month 4 weeks ago
The number of memory bugs in Android declined sharply after Google began transitioning to Rust for new features in its mobile OS.
Jai Vijayan, Contributing Writer
Checked
1 hour 32 minutes ago
Public RSS feed
darkreading feed