Understanding the Differences Between On-Premises and Cloud Cybersecurity
The nature of cloud environments means security and technical teams need a different mindset to understand and manage their new attack surface.
Yubico Goes Public
The Swedish company went public by merging with a special purpose acquisition company ACQ Bure.
Will Generative AI Kill the Nigerian Prince Scam?
A linguist analyzes whether GPT will improve the notoriously agrammatical scam — or finally render it a thing of the past.
https://www.darkreading.com/edge/will-generative-ai-kill-nigerian-prince-scam
GitLab Users Advised to Update Against Critical Flaw Immediately
The bug has a CVSS score of 9.6 and allows unauthorized users to compromise private repositories.
FBI, CISA Issue Joint Warning on 'Snatch' Ransomware-as-a-Service
The group's use of malware that forces Windows computers to reboot into Safe Mode before encrypting files is noteworthy, advisory says.
Fake WinRAR PoC Exploit Conceals VenomRAT Malware
A supposed exploit for a notable RCE vulnerability in the popular Windows file-archiving utility delivers a big sting for unwitting researchers and cybercriminals.
https://www.darkreading.com/application-security/fake-winrar-poc-exploit-conceals-venomrat-malware
Dig Security Enhances DSPM Platform to Secure Enterprise Data in On-Prem, File-Share Environments
83% of IT Security Professionals Say Burnout Causes Data Breaches
Bishop Fox Expands Leadership With First CISO and CTO
https://www.darkreading.com/careers-and-people/bishop-fox-expands-leadership-with-first-ciso-and-cto
OneLayer Expands Its Private Cellular Network Security Solutions to Operations and Asset Management
International Criminal Court Suffers Cyberattack
The ICC did not reveal details on the cyber breach.
How Choosing Authentication Is a Business-Critical Decision
MFA may go a long way in improving password security, but it's not foolproof.
https://www.darkreading.com/endpoint/how-choosing-authentication-is-a-business-critical-decision
How to Interpret the 2023 MITRE ATT&CK Evaluation Results
Unpack MITRE's methodology, understand the results, and learn top takeaways from Cynet's evaluation of MITRE's annual security vendor tests.
https://www.darkreading.com/endpoint/how-to-interpret-the-2023-mitre-att-ck-evaluation-results
'Culturestreak' Malware Lurks Inside GitLab Python Package
The GitLab code hijacks computer resources to mine Dero cryptocurrency as part of a larger cryptomining operation.
https://www.darkreading.com/attacks-breaches/culturestreak-malware-lurks-gitlab-python-package
Changing Role of the CISO: A Holistic Approach Drives the Future
The CISO's role has grown far beyond supervising Patch Tuesday to focus on prevention and response and to cover people, processes, and technology.
https://www.darkreading.com/risk/changing-role-ciso-holistic-approach-drives-the-future
Pro-Iranian Attackers Target Israeli Railroad Network
The group known as "Cyber Avengers" has targeted other Israeli services in the past and often publishes technical details of its hits.
https://www.darkreading.com/dr-global/pro-iranian-attackers-target-israeli-railroad-network
Companies Rely on Multiple Methods to Secure Generative AI Tools
To protect their own and their customers' data, organizations are exploring different approaches to guard against unwanted effects of using AI.
https://www.darkreading.com/tech-talks/companies-rely-multiple-methods-secure-generative-ai
Welcome to the Resilience Revolution, Where Defenders Act More Like Attackers
Dark Reading News Desk interviewed Kelly Shortridge about the role of infrastructure-as-code in helping security teams get more nimble in responding to cyber threats.
https://www.darkreading.com/edge/resilience-revolution-defenders-act-like-attackers
Welcome to the Resilience Revolution, Where Defenders Act More Like Attackers
Dark Reading News Desk interviewed Kelly Shortridge about the role of infrastructure-as-code in helping security teams get more nimble in responding to cyber threats.
https://www.darkreading.com/edge/dark-reading-news-desk-with-kelly-shortridge
China-Linked Actor Taps Linux Backdoor in Forceful Espionage Campaign
"SprySOCKS" melds features from multiple previously known badware and adds to the threat actor's growing malware arsenal, Trend Micro says.