Dark Reading: Attacks/Breaches
Intel Confirms Unauthorized Access of Earnings-Related Data
Fri, 22 Jan 2021 17:40:00 EST
News likely contributed to slide of over 9% in chipmaker's stock at one point Friday.
Why North Korea Excels in Cybercrime
Fri, 22 Jan 2021 10:00:00 EST
North Korea is laser-focused on boosting its cyber capabilities, and it's doing a remarkable job of it.
DreamBus, FreakOut Botnets Pose New Threat to Linux Systems
Thu, 21 Jan 2021 18:40:00 EST
Researchers from Zscaler and Check Point describe botnets as designed for DDoS attacks, cryptocurrency mining, and other malicious purposes.
Breach Data Shows Attackers Switched Gears in 2020
Thu, 21 Jan 2021 17:35:00 EST
Attackers focused more on ransomware, while the consolidation of data into large databases led to fewer reported breaches but more records leaked.
Attackers Leave Stolen Credentials Searchable on Google
Thu, 21 Jan 2021 16:55:00 EST
Operators behind a global phishing campaign inadvertently left thousands of stolen credentials accessible via Google Search.
7 Steps to Secure a WordPress Site
Thu, 21 Jan 2021 12:20:00 EST
Many companies operate under the assumption that their WordPress sites are secure -- and that couldn't be anything further from the truth.
Rethinking IoT Security: It's Not About the Devices
Thu, 21 Jan 2021 10:00:00 EST
Keeping IoT safe in the future will require securing the networks themselves. Focusing on the devices is a never-ending battle that will only become more burdensome.
Microsoft Releases New Info on SolarWinds Attack Chain
Wed, 20 Jan 2021 19:45:00 EST
Threat actors went to elaborate lengths to maintain operational security around second-stage payload activation, company says.
SolarWinds Attack, Cyber Supply Chain Among Priorities for Biden Administration
Wed, 20 Jan 2021 17:00:00 EST
During Senate confirmation hearings, the nominees for Secretary of Homeland Security and Director of National Intelligence pledged to focus on cybersecurity.
Vulnerabilities in Popular DNS Software Allow Poisoning
Tue, 19 Jan 2021 18:05:00 EST
Seven flaws in DNSMasq have limited impact, but in combination they could be chained to create a multistaged attack.
SolarWinds Attack Underscores 'New Dimension' in Cyber-Espionage Tactics
Tue, 19 Jan 2021 17:05:00 EST
Meanwhile, Malwarebytes is the latest victim, Symantec discovers a fourth piece of malware used in the massive attack campaign, and FireEye Mandiant releases a free tool to help spot signs of the attack.
A Security Practitioner's Guide to Encrypted DNS
Tue, 19 Jan 2021 10:00:00 EST
Best practices for a shifting visibility landscape.
Successful Malware Incidents Rise as Attackers Shift Tactics
Fri, 15 Jan 2021 12:05:00 EST
As employees moved to working from home and on mobile devices, attackers followed them and focused on weekend attacks, a security firm says.
Shifting Privacy Landscape, Disruptive Technologies Will Test Businesses
Thu, 14 Jan 2021 18:45:00 EST
A new machine learning tool aims to mine privacy policies on behalf of users.
'Chimera' Threat Group Abuses Microsoft & Google Cloud Services
Thu, 14 Jan 2021 17:40:00 EST
Researchers detail a new threat group targeting cloud services to achieve goals aligning with Chinese interests.
Businesses Struggle with Cloud Availability as Attackers Take Aim
Thu, 14 Jan 2021 17:00:00 EST
Researchers find organizations struggle with availability for cloud applications as government officials warn of cloud-focused cyberattacks.
SolarWinds Attackers May Have Hit Mimecast, Driving New Concerns
Wed, 13 Jan 2021 17:00:00 EST
Mimecast no longer uses the SolarWinds Orion network management software that served as an attack vector for thousands of organizations.
More SolarWinds Attack Details Emerge
Tue, 12 Jan 2021 18:00:00 EST
A third piece of malware is uncovered, but there are still plenty of unknowns about the epic attacks purportedly out of Russia.
Over-Sharer or Troublemaker? How to Identify Insider-Risk Personas
Tue, 12 Jan 2021 10:00:00 EST
It's past time to begin charting insider risk indicators that identify risky behavior and stop it in its tracks.
Intel's New vPro Processors Aim to Help Defend Against Ransomware
Mon, 11 Jan 2021 18:30:00 EST
The newest Intel Core vPro mobile platform gives PC hardware a direct role in detecting ransomware attacks.