Longer Support Periods Raise the Bar for Mobile Security
With Google's announcement of seven years of support, other smartphone makers risk falling behind.
https://www.darkreading.com/omdia/longer-support-periods-raise-bar-mobile-security
Nigerian Cybercrime Hub Shut Down With 6 Arrests
The cybercrime recruitment and mentoring hub conducted a variety of cybercrimes including business email compromise.
https://www.darkreading.com/dr-global/nigerian-cybercrime-hub-shut-down-with-6-arrests
What Would a Government Shutdown Mean for Cybersecurity?
Companies are advised to act now to protect networks while federal employee paychecks are still forthcoming. Public agencies are updating contingency plans before the November extension ends, while cy...
Complex Spy Platform StripedFly Bites 1M Victims
Sophisticated Windows and Linux malware for stealing data and conducting cyber espionage has flown under the radar, disguised as a cryptominer.
BHI Energy Releases Details of Akira Ransomware Attack
The threat actor exfiltrated 690 gigabytes of uncompressed data, or 767,035 files.
https://www.darkreading.com/attacks-breaches/bhi-energy-releases-details-of-akira-ransomware-attack
As Citrix Urges Its Clients to Patch, Researchers Release an Exploit
In the race over Citrix's latest vulnerability, the bad guys have a huge head start, with broad implications for businesses and critical infrastructure providers worldwide.
Virtual Alarm: VMware Issues Major Security Advisory
VMWare vCenter Servers need immediate patch against critical RCE bug as race against threat actors begins.
https://www.darkreading.com/vulnerabilities-threats/vmware-issues-alarming-security-advisory
Why Do CVE Scores Need Real-World Context to Prioritize?
Without the proper context, organizations waste time mitigating software flaws that won't likely affect their systems.
Kazakh Attackers, Disguised as Azerbaijanis, Hit Former Soviet States
The YoroTrooper group claims to be from Azerbaijan and even routes its phishing traffic through the former Soviet republic.
Cybersecurity Awareness Doesn't Cut It; It's Time to Focus on Behavior
We have too much cybersecurity awareness. It's time to implement repeatable, real-world practice that ingrains positive habits and security behaviors.
Winter Vivern APT Blasts Webmail Zero-Day Bug With One-Click Exploit
A campaign targeting European governmental organizations and a think tank shows consistency from the low-profile threat group, which has ties to Belarus and Russia.
https://www.darkreading.com/endpoint/winter-vivern-blasts-webmail-0day-one-click-exploit
A Cybersecurity Framework for Mitigating Risks to Satellite Systems
Cyber threats on satellite technology will persist and evolve. We need a comprehensive cybersecurity framework to protect them from attackers.
https://www.darkreading.com/risk/cybersecurity-framework-mitigating-risks-satellite-systems
2023 Ransomware Attacks Up More Than 95% Over 2022, According to Corvus Insurance Q3 Report
Tines Report Finds More than Half of Security Professionals Likely To Switch Jobs Next Year
This Cybersecurity Awareness Month, Don't Lose Sight of Human Risk
Organizations should focus on four key areas to advance employee education and "cyber smartness."
Accenture Expands Cybersecurity Services Capabilities in Latin America With Acquisition of MNEMO Mexico
Former NSA Employee Faces Life in Prison After Espionage Attempt
The ex-employee claimed that he believed the shared information would benefit Russia and harm the US.
https://www.darkreading.com/risk/former-nsa-employee-faces-life-in-prison-after-espionage-attempt
Meet Rhysida, a New Ransomware Strain That Deletes Itself
Emerging RaaS operation uses Rhysida ransomware paired with a wicked infostealer called Lumar, researchers warn.
1Password Becomes Latest Victim of Okta Customer Service Breach
Okta's IAM platform finds itself in cyberattackers' sights once again, as threat actors mount a supply chain attack targeting Okta customer support engagements.
https://www.darkreading.com/remote-workforce/1password-latest-victim-okta-customer-service-breach
Do Small Companies Need Fractional AppSec Teams Akin to vCISOs?
Zatik takes a fractional approach to AppSec leadership to help small firms access the expertise they need to build secure-by-design software.