Dark Reading: Attacks/Breaches
US Treasury Sanctions Russian Institution Linked to Triton Malware
Fri, 23 Oct 2020 17:05:00 EDT
Triton, also known as TRISIS and HatMan, was developed to target and manipulate industrial control systems, the US Treasury reports.
Flurry of Warnings Highlight Cyber Threats to US Elections
Fri, 23 Oct 2020 16:30:00 EDT
FBI and intelligence officials issue fresh warnings about election interference attempts by Iranian and Russian threat actors.
Botnet Infects Hundreds of Thousands of Websites
Thu, 22 Oct 2020 18:35:00 EDT
KashmirBlack has been targeting popular content management systems, such as WordPress, Joomla, and Drupal, and using Dropbox and GitHub for communication to hide its presence.
Credential-Stuffing Attacks Plague Loyalty Programs
Thu, 22 Oct 2020 17:10:00 EDT
But that's not the only type of web attack cybercriminals have been profiting from.
To Err Is Human: Misconfigurations & Employee Neglect Are a Fact of Life
Thu, 22 Oct 2020 14:00:00 EDT
The cyber kill chain is only as strong as its weakest link, so organizations should reinforce that link with a properly equipped dedicated security team.
Implementing Proactive Cyber Controls in OT: Myths vs. Reality
Thu, 22 Oct 2020 10:00:00 EDT
Debunking the myths surrounding the implementation of proactive cyber controls in operational technology.
Dealing With Insider Threats in the Age of COVID
Wed, 21 Oct 2020 14:00:00 EDT
Dangerous gray areas like new BYOD policies and shadow IT devices have increased, thanks to the rapid shift to remote working.
Iranian Cyberattack Group Deploys New PowGoop Downloader Against Mideast Targets
Wed, 21 Oct 2020 12:00:00 EDT
Seedworm Group, aka MuddyWater, is also deploying commodity ransomware as part of espionage attacks on companies and government agencies in the Middle East region.
Are You One COVID-19 Test Away From a Cybersecurity Disaster?
Wed, 21 Oct 2020 12:00:00 EDT
One cybersecurity failure can result in a successful ransomware attack or data breach that could cause tremendous damage. There's no need to panic, but neither is there time to ignore the issue.
Modern Day Insider Threat: Network Bugs That Are Stealing Your Data
Wed, 21 Oct 2020 10:00:00 EDT
Attacks involving an unmanaged device and no malware expose gaps in cybersecurity that must be addressed.
Ransomware Attacks Show Little Sign of Slowing in 2021
Tue, 20 Oct 2020 18:15:00 EDT
With businesses paying increasingly larger ransoms, attackers remain motivated, say security experts who foresee a rise in attacks.
NSA Reveals the Top 25 Vulnerabilities Exploited by Chinese Nation-State Hackers
Tue, 20 Oct 2020 14:50:00 EDT
Officials urge organizations to patch the vulnerabilities most commonly scanned for, and exploited by, Chinese attackers.
Trickbot Tenacity Shows Infrastructure Resistant to Takedowns
Tue, 20 Oct 2020 08:15:00 EDT
Both the US Cyber Command and a Microsoft-led private-industry group have attacked the infrastructure used by attackers to manage Trickbot -- but with only a short-term impact.
GravityRAT Spyware Targets Android & MacOS in India
Mon, 19 Oct 2020 17:25:00 EDT
The Trojan once used in attacks against Windows systems has been transformed into a multiplatform tool targeting macOS and Android.
Microsoft Tops Q3 List of Most-Impersonated Brands
Mon, 19 Oct 2020 17:00:00 EDT
The technology sector was also the most likely targeted industry for brand phishing attacks, according to Check Point's latest report on brand phishing.
Trickbot, Phishing, Ransomware & Elections
Mon, 19 Oct 2020 14:00:00 EDT
The botnet has taken some hits lately, but that doesn't mean the threat is over. Here are some steps you can take to keep it from your door.
7 Tips for Choosing Security Metrics That Matter
Mon, 19 Oct 2020 12:45:00 EDT
Experts weigh in on picking metrics that demonstrate how the security team is handling operational efficiency and reducing risk.
A New Risk Vector: The Enterprise of Things
Mon, 19 Oct 2020 10:00:00 EDT
Billions of devices -- including security cameras, smart TVs, and manufacturing equipment -- are largely unmanaged and increase an organization's risk.
Massive New Phishing Campaigns Target Microsoft, Google Cloud Users
Fri, 16 Oct 2020 17:45:00 EDT
At least three campaigns are now underway.
US Counterintelligence Director & Fmr. Europol Leader Talk Election Security
Fri, 16 Oct 2020 15:35:00 EDT
The US counterintelligence lead joins a former Europol cyber chief to discuss modern election threats and the benefits of public-private collaboration.