Evaluating New Partners and Vendors From an Identity Security Perspective
Before working with new vendors, it's important to understand the potential risks they may pose to your digital environments.
Microsoft Flushes Out 'Ncurses' Gremlins
The maintainers of the widely used library recently patched multiple memory corruption vulnerabilities that attackers could have abused to, ahem, curse targets with malicious code and escalate privile...
https://www.darkreading.com/application-security/microsoft-flushes-out-ncurses-gremlins
DoD: China's ICS Cyber Onslaught Aimed at Gaining Kinetic Warfare Advantage
Escalating incursions into military base infrastructure, telecom networks, utilities, and more signal that Beijing is laying the groundwork for mass disruption.
Why Shared Fate is a Better Way to Manage Cloud Risk
The shared responsibility model was good enough to cover the first years of the cloud revolution, but the model is showing its limitations. Shared fate is a more mature model for the future of cloud s...
Armis Launches Armis Centrix™, the AI-powered Cyber Exposure Management Platform
CISO Global Deepens Capabilities With Integrated Threat Intelligence Feed
Enea Qosmos Threat Detection SDK Launched to Boost the Performance of Network-Based Cybersecurity
Okta Flaw Involved in MGM Resorts Breach, Attackers Claim
ALPHV/BlackCat ransomware operators have used their leak site to "set the record straight" about the MGM Resorts cyberattack. Meanwhile, more attacks abusing Okta could be likely.
Greater Manchester Police Hack Follows Third-Party Supplier Fumble
This incident bears notable resemblance to an attack that occurred just last month affecting London's Metropolitan Police, raising concerns over UK cybersecurity safeguards for public safety.
https://www.darkreading.com/endpoint/greater-manchester-police-hack-third-party-supplier-fumble
Microsoft: 'Peach Sandstorm' Cyberattacks Target Defense, Pharmaceutical Orgs
For months, the Iran-backed APT has carried out waves of password spray attacks attempting to authenticate to thousands of environments across multiple targets worldwide.
NCSC: Why Cyber Extortion Attacks No Longer Require Ransomware
Ransomware becoming less of a factor as threat actors extort businesses with payment options that are less than regulatory fines.
https://www.darkreading.com/dr-global/ncsc-why-cyber-extortion-attacks-no-longer-require-ransomware
How to Mitigate Cybersecurity Risks From Misguided Trust
Trust is the crucial bridge between security and people, but excessive or misguided trust can pose serious security risks.
Why Identity Management Is the Key to Stopping APT Cyberattacks
Dark Reading News Desk: CrowdStrike's Adam Meyers talks China, Iran, Russia, and more in this expert dive into the current APT threat actor landscape.
https://www.darkreading.com/edge/why-identity-management-key-stopping-apt-cyberattacks
Zero-Click iPhone Exploit Drops Pegasus Spyware on Exiled Russian Journalist
The exploit is one of many that government and intelligence agencies have to infect target devices with the notorious surveillance tool.
Microsoft Teams Hacks Are Back, As Storm-0324 Embraces TeamsPhisher
Collaboration apps are a boost to business productivity, but also a uniquely attractive target for cyberattackers.
https://www.darkreading.com/application-security/microsoft-teams-hacks-storm-0324-teamsphisher
MGM, Caesars File SEC Disclosures on Cybersecurity Incidents
Pursuant to new regulation, both gaming companies reported recent cyber incidents to the SEC.
https://www.darkreading.com/attacks-breaches/mgm-caesars-sec-disclosures-cybersecurity-incidents
Cybercriminals Use Webex Brand to Target Corporate Users
The false advertisement has been left up for days, flying under the radar by managing to adhere to Google Ads' policies.
https://www.darkreading.com/endpoint/cybercriminals-webex-brand-corporate-users
Cuba Ransomware Gang Continues to Evolve With Dangerous Backdoor
The Russian-speaking ransomware gang continues to update its tactics while managing to steal highly sensitive information from its victims.
https://www.darkreading.com/endpoint/cuba-ransomware-gang-evolve-backdoor
Stealer Thugs Behind RedLine & Vidar Pivot to Ransomware
In a notable shift in strategy, the threat actors are abusing code-signing certificates to spread a double whammy of infostealers and ransomware payloads.
https://www.darkreading.com/endpoint/stealer-thugs-behind-redline-vidar-pivot-ransomware
How to Transform Security Awareness Into Security Culture
Leverage the human layer as a crucial cog in building cyber resilience within the organization.