Group-IB: 'GoldDigger' Banking Trojan Targets Vietnamese Organizations
The malware uses software to evade detection while also making it difficult to analyze.
Unkillable? Qakbot Infections Fly On Even After Its High-Profile Raid
A literal seven-nation (cyber) army wasn't enough to hold back the famous initial access broker (IAB) for long — it's been chugging along, spreading ransomware, despite a massive takedown in August.
https://www.darkreading.com/attacks-breaches/qakbot-infections-continue-even-after-high-profile-raid
Critical Zero-Day Bug in Atlassian Confluence Under Active Exploit
Patch now: The Atlassian security vulnerability appears to be a remotely exploitable privilege-escalation bug that cyberattackers could use to crack collaboration environments wide open.
Could Cybersecurity Breaches Become Harmless in the Future?
With these five steps, organizations can develop stronger security practices and make the inevitable breaches inconsequential.
Insurance Companies Have a Lot to Lose in Cyberattacks
Not only do insurance companies collate sensitive information from their clients, but they also generate their own corporate data to protect.
https://www.darkreading.com/edge/insurance-companies-have-a-lot-to-lose-in-cyberattacks
Nokia Selected by Brazil's K2 Telecom As Partner to Strengthen its Security and Create Revenue Streams
Trend Micro Drives Latest Phase of Channel Prosperity and Engagement
New Malwarebytes Survey: Consumers Lack Trust in New Tech
ForAllSecure Announces First Dynamic Software Bill of Materials for Application Security
Okta Launches Cybersecurity Workforce Development Initiative to Help Close the Tech and Cybersecurity Skills Gap
Mitiga Secures Strategic Investment From Cisco
https://www.darkreading.com/cloud/mitiga-secures-strategic-investment-from-cisco-
37% Intimidated, 39% Frustrated With Online Security Highlighting Digital Anxiety
BeyondID Introduces Identity-First Model for Zero-Trust Maturity
Bing Chat LLM Tricked into Circumventing CAPTCHA Filter
By reframing the narrative of the filter, the large-language model chatbot was more willing to solve the visual puzzle and override its programming.
AWS Plans Multifactor Authentication Mandates for 2024
Amazon will add new MFA requirements for users with the highest privileges, with plans to include other user levels over time.
https://www.darkreading.com/cloud/aws-plans-multifactor-authentication-mandates-for-2024
On the Dark Web, Prices Are Down for Middle Eastern Network Access
A mere $35 can buy you stealth access to corporate networks across the region, according to new research.
'Looney Tunables' Bug Opens Millions of Linux Systems to Root Takeover
The flaw poses a significant risk of unauthorized data access, system alterations, potential data theft, and complete takeover of vulnerable systems, especially in the IoT and embedded computing space...
Breaches Are the Cost of Doing Business, but NIST Is Here to Help
Treating the NIST Cybersecurity Framework as a business requirement is a strong step toward preventing breaches.
Turnkey Rootkit for Amateur Hackers Makes Supply Chain Attacks Easy
It's never been easier to hide malware in plain sight in open source software package repositories, and "DiscordRAT 2.0" now makes it easy to take advantage of those who stumble upon it.
Patch Confusion for Critical Exim Bug Puts Email Servers at Risk--Again
Defenders have been left scrambling after the way patches were released for six flaws in the open source mail server, which is the most popular mail transfer agent on the Internet.
https://www.darkreading.com/cloud/patch-confusion-critical-exim-bug-email-servers-risk