3 Strategies to Defend Against Resurging Infostealers
Infostealer incidents have more than doubled recently, making it critical to bolster your defenses to mitigate this growing threat.
Thoma Bravo's 'Practical' Decision to Merge ForgeRock into Ping Identity
The private equity from has invested billions of dollars in identity and access management (IAM) but now it’s on Ping founder and CEO Andre Durand and his team to rationalize overlapping product lines...
Software Supply Chain Strategies to Parry Dependency Confusion Attacks
Bad actors practice to deceive package managers with a tangled web of methods. Here's how to hoist them by their own petard.
Security for Multicloud and Hybrid Cloud Environments
In multicloud environments, security challenges are most common at the connecting points between different clouds. Internal cloud security skill sets and cloud-native security tools are also key.
Microsoft ID Security Gaps That Let Threat Actor Steal Signing Key
China's Storm-0558 accessed user emails at some 25 enterprise organizations earlier this year using forged tokens.
Apple Hit By 2 No-Click Zero-Days in Blastpass Exploit Chain
Researchers at Citizen Lab recommend immediately updating any iPhones and iPads to the latest OSes.
North Korean Hackers Target Security Researchers — Again
This time, they're creating elaborate impostor profiles and using a fresh zero-day and a fake Windows tool to lure in the suspecting.
Rwanda Launches Smart City Investment Program
The ambitious move by the nation also comes with cybersecurity risks.
https://www.darkreading.com/dr-global/rwanda-launches-smart-city-investment-program
NFL Security Chief: Generative AI Threats a Concern as New Season Kicks Off
Deepfake videos and audio of NFL players and phishing communications via ChatGPT-like tools are a worry, the NFL's CISO says.
Weaponized Windows Installers Target Graphic Designers in Crypto Heist
Attackers use legitimate Windows installer to hide malicious scripts that install a backdoor and miners that leverage victims' graphics processing power.
How New SEC Rules Can Benefit Cybersecurity Teams
Securities and Exchange Commission rules elevate cybersecurity to a critical strategic concern and compel businesses to prioritize cyber resilience.
https://www.darkreading.com/risk/how-new-sec-rules-can-benefit-cybersecurity-teams
Peril vs. Promise: Companies, Developers Worry Over Generative AI Risk
Executives and developers believe AI can help businesses thrive, but worry that reliance on generative AI brings significant risks.
Does Generative AI Comply With Asimov's 3 Laws of Robotics?
Putting the top 10 generative AI tools to the ethical test reveals more about humanity than artificial intelligence.
CybeReady Provides Cybersecurity Awareness Month Kits As CISOs Defend Against AI Driven Attacks
Cybersecurity Builds Trust in Critical Infrastructure
Improving an energy company's resistance to cyberattack does more than protect vital resources — it enhances trust from customers and investors.
https://www.darkreading.com/edge-articles/cybersecurity-builds-trust-in-critical-infrastructure
Coding Tips to Sidestep JavaScript Vulnerabilities
This Tech Tip focuses on best security practices to write secure JavaScript code.
https://www.darkreading.com/dr-tech/coding-tips-to-sidestep-javascript-vulnerabilities
IBM Expands Cloud Security and Compliance Center
https://www.darkreading.com/cloud/ibm-expands-cloud-security-and-compliance-center
IBM Addresses Data Incident for Janssen CarePath Database
W3LL Gang Compromises Thousands of Microsoft 365 Accounts
A secretive phishing cabal boasts a sophisticated affiliate network and a modular, custom toolset that's claiming victims on three continents.
https://www.darkreading.com/endpoint/w3ll-gang-compromises-thousands-of-microsoft-365-accounts
AtlasVPN Linux Zero-Day Disconnects Users, Reveals IP Addresses
All it takes is a simple copy-paste to undo a VPN service used by millions worldwide.