Top 6 Mistakes in Incident Response Tabletop Exercises
Avoid these errors to get the greatest value from your incident response training sessions.
https://www.darkreading.com/operations/top-6-mistakes-in-incident-response-tabletop-exercises
5 Ways Hospitals Can Help Improve Their IoT Security
HIPAA compliance does not equal security, as continuing attacks on healthcare organizations show. Medical devices need to be secured.
https://www.darkreading.com/dr-tech/5-ways-hospitals-can-help-improve-their-iot-security
Security Must Empower AI Developers Now
Enterprises need to create a secure structure for tracking, assessing, and monitoring their growing stable of AI business apps.
https://www.darkreading.com/edge/security-must-empower-ai-developers-now
Kaspersky Launches Specialized Security Solution for Containerized Environments
Malicious 'Airstrike Alert' App Targets Israelis
A spoofed version of the popular RedAlert app collects sensitive user data on Israeli citizens, including contacts, call logs, SMS account details, and more.
https://www.darkreading.com/application-security/fake-airstrike-alert-app-targets-israelis
Critical, Unpatched Cisco Zero-Day Bug Is Under Active Exploit
No patch or workaround is currently available for the maximum severity flaw, which allows attackers to gain complete administrator privilege on affected devices remotely and without authentication.
'RomCom' Cyber Campaign Targets Women Political Leaders
A threat group known as "Void Rabisu" used a spoofed Women Political Leaders Summit website to target attendees to the actual conference with espionage malware.
https://www.darkreading.com/attacks-breaches/romcom-cybercampaign-targets-women-political-leaders
Name That Toon: Modern Monarchy
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
https://www.darkreading.com/cloud/name-that-toon-modern-monarchy
Pro-Israeli Hacktivist Group Predatory Sparrow Reappears
It's been a year since its last communication and attack on Iran — but the conflict with Hamas appears to have reactivated the group.
https://www.darkreading.com/dr-global/pro-israeli-hacktivist-group-predatory-sparrow-reappears
How Data Changes the Cyber-Insurance Market Outlook
By using data to drive policy underwriting, cyber-insurance companies can offer coverage without a price tag that drives customers away.
https://www.darkreading.com/risk/how-data-changes-the-cyber-insurance-market-outlook
3 Essential Steps to Strengthen SaaS Security
SaaS security is broad, possibly confusing, but undeniably crucial. Make sure you have the basics in place: discovery, risk assessment, and user access management.
https://www.darkreading.com/risk/3-essential-steps-to-strengthen-saas-security
Why Zero Trust Is the Cloud Security Imperative
The security principle of zero trust is the cornerstone of robust cloud security.
https://www.darkreading.com/cloud/why-zero-trust-is-the-cloud-security-imperative
Feds: Beware AvosLocker Ransomware Attacks on Critical Infrastructure
CISA and FBI warn the RaaS provider's affiliates are striking critical industries, with more attacks expected to come from additional ransomware groups in the months ahead.
https://www.darkreading.com/ics-ot/feds-beware-avoslocker-ransomware-attacks-critical-infrastructure
How MOVEit Is Likely to Shift Cyber Insurance Calculus
Progress Software plans to collect millions in cyber insurance policy payouts after the MOVEit breaches, which will make getting coverage more expensive and harder to get for everyone else, experts sa...
https://www.darkreading.com/risk/moveit-shift-cyber-insurance-calculus
Passkeys Are Cool, But They Aren't Enterprise-Ready
The passwordless technology is becoming popular because Apple, Google, and Microsoft have a solution for accounts recovery, but enterprises are slow-walking their passkey adoption plans.
https://www.darkreading.com/dr-tech/passkeys-cool-but-not-ready-for-enterprises
Security Pros Warn that EU's Vulnerability Disclosure Rule is Risky
The European Union's Cyber Resilience Act's requirement to disclose vulnerabilities within 24 hours of exploitation could potentially expose organizations to attacks from adversaries or government sur...
https://www.darkreading.com/edge/security-pros-warn-that-eu-vulnerability-disclosure-rule-is-risky
ShellBot Cracks Linux SSH Servers, Debuts New Evasion Tactic
The botnet — built for DDoS, backdooring, and dropping malware — is evading standard URL signature detections with a novel approach.
https://www.darkreading.com/cloud/shellbot-cracks-linux-ssh-servers-debuts-new-evasion-tactic
Microsoft Debuts AI Bug-Bounty Program, Offers $15K
The goal of the program is to uncover critical or important vulnerabilities within the AI-powered Bing program.
Gaza Conflict Paves Way for Pro-Hamas Information Operations
Mandiant's John Hultquist says to expect anti-Israel influence and espionage campaigns to ramp up as the war grinds on.
https://www.darkreading.com/dr-global/gaza-conflict-paves-way-information-operations-campaigns
What the Hollywood Writers Strike Resolution Means for Cybersecurity
The writers' strike shows that balancing artificial intelligence and human ingenuity is the best possible outcome for creative as well as cybersecurity professionals.