Strengthening Oman's Economic Backbone
Creating a new regulatory framework to better secure Oman's banking system against future attacks.
https://www.darkreading.com/dr-global/strengthening-omans-economic-backbone
Cyberattacks on Kenya Drop in Third Quarter
National response team attributes reduction to a cyber workforce with better training.
https://www.darkreading.com/attacks-breaches/cyber-attacks-on-kenya-drop-in-third-quarter
Israeli-Hamas Conflict Spells Opportunity for Online Scammers
As the conflict in the Middle East rages, malicious actors look to exploit the situation with bogus charity sites encouraging donations.
https://www.darkreading.com/dr-global/israeli-hamas-conflict-spells-opportunity-for-online-scammers
It's Time to Establish the NATO of Cybersecurity
Cybercriminals already operate across borders. Nations must do the same to protect their critical infrastructure, people, and technology from threats foreign and domestic.
https://www.darkreading.com/attacks-breaches/its-time-to-establish-the-nato-of-cybersecurity
Freelance Market Flooded with North Korean IT Actors
Organizations should be careful that the workers they hire on a freelance and temporary basis are not operatives working to funnel money to North Korea's WMD program, US DOJ says.
https://www.darkreading.com/careers-and-people/freelance-market-flooded-with-north-korean-it-actors
'Log in with...' Feature Allows Full Online Account Takeover for Millions
Hundreds of millions of users of Grammarly, Vidio, and the Indonesian e-commerce giant Bukalapak are at risk for financial fraud and credential theft due to OAuth misfires -- and other online services...
https://www.darkreading.com/remote-workforce/oauth-log-in-full-account-takeover-millions
Cyberattackers Alter Implant on 30K Compromised Cisco IOS XE Devices
A seemingly sharp drop in the number of compromised Cisco IOS XE devices visible on the Internet led to a flurry of speculation over the weekend — but it turns out the malicious implants were just hid...
Valve's 2FA Mandate for Game Developers Shows SMS Stickiness
Despite warnings that sending one-time passwords via text messages is a flawed security measure, companies continue to roll out the approach, especially in consumer-facing applications.
https://www.darkreading.com/application-security/valve-2fa-mandate-game-developers-sms-stickiness
Hola Espana: 'Grandoreiro' Trojan Targets Global Banking Customers
Brasileiro cybercrime has been on the rise. Now, one campaign targeting bank customers has reached beyond the Americas, into Europe.
https://www.darkreading.com/threat-intelligence/grandoreiro-trojan-targets-global-banking-customers
Ragnar Locker Ransomware Boss Arrested in Paris
Cops track down ransomware developer and seize Ragnar Locker infrastructure and data-leak site, Europol says.
https://www.darkreading.com/threat-intelligence/ragnar-locker-ransomware-boss-arrested-paris
City of Philadelphia Releases Cyber-Breach Notice
The investigation is ongoing, and the city will contact those who may have potentially been affected by the breach, it said.
https://www.darkreading.com/attacks-breaches/city-of-philadelphia-releases-cyber-breach-notice
How State and Local Governments Can Serve Citizens More Securely
Looking at the top 10 priorities of state CIOs underscores the importance of securing applications and APIs in complex environments.
https://www.darkreading.com/edge/how-state-and-local-governments-can-serve-citizens-more-securely
Malicious Apps Spoof Israeli Attack Detectors: Conflict Goes Mobile
A spoofed version of an Israeli rocket-attack alerting app is targeting Android devices, in a campaign that shows how cyber-espionage attacks are shifting to individual, everyday citizens.
Freelance Market Flooded With North Korean IT Actors
US DoJ: Beware of hiring freelance and temporary workers that could be operatives working to funnel money to North Korea's WMD program.
https://www.darkreading.com/remote-workforce/freelance-market-flooded-with-north-korean-it-actors
Telling Small Businesses to Buy Cyber Insurance Isn't Enough
To protect themselves from threats, companies also need proactive cybersecurity.
https://www.darkreading.com/risk/telling-small-businesses-to-buy-cyber-insurance-isnt-enough
FedRAMP Rev. 5: How Cloud Service Providers Can Prepare
What cloud service providers need to know to prepare for FedRAMP Baselines Rev. 5, as documented in the new Transition Guide.
https://www.darkreading.com/risk/fedramp-rev-5-how-cloud-service-providers-can-prepare
9 Innovative Ways to Boost Security Hygiene for Cyber Awareness Month
If we really want to move the dial on security habits, it's time to think beyond phishing tests. Our panel of CISOs and other security heavy-hitters offer expert tips that go beyond the obvious.
More Okta Customers Hacked
Attackers compromised customer support files containing cookies and session tokens, which could result in malicious impersonation of valid Okta users.
https://www.darkreading.com/application-security/more-okta-customers-hacked-through-support-service
From Snooze to Enthuse: Security Awareness Training That Sticks
Most companies offer some kind of awareness training these days. But how much of those lessons are employees actually retaining?
https://www.darkreading.com/edge/from-snooze-to-enthuse-security-awareness-training-that-sticks
Cisco Finds New Zero Day Bug, Pledges Patches in Days
A patch for the max severity zero-day bug tracked as CVE-2023-20198 is coming soon, but the bug has already led to the compromise of tens of thousands of Cisco devices. And now, there's a new unpatche...
https://www.darkreading.com/application-security/cisco-zero-day-bug-patches-in-days