Pro-Israeli Hacktivists Attack Iranian Gas Stations
Iranian officials blame a software issue for the "disruption" to gasoline pumps.
Adapting to the Post-SolarWinds Era: Supply Chain Security in 2024
Three years after the SolarWinds attack, new revelations show more must be done to help prevent such a drastic security breach from happening again.
Smartphones That Help You Bust Out of the Android/iOS Ecosystem
If you are in the market for a smartphone but want to break away from the Apple-Google duopoly, look no further: these alternative smartphones are based on various Linux variants and custom hardware.
https://www.darkreading.com/endpoint-security/smartphones-avoid-android-ios
Establishing Reward Criteria for Reporting Bugs in AI Products
Bug hunter programs can help organizations foster third-party discovery and reporting of issues and vulnerabilities specific to AI systems.
Meta's AI-Powered Ray-Bans Portend Privacy Issues
AI will make Meta's smart glasses more attractive for consumers. But can the company straddle cutting-edge functionality and responsible data stewardship?
https://www.darkreading.com/cloud-security/metas-ai-ray-bans-portend-privacy-problems
Patch Now: Exploit Activity Mounts for Dangerous Apache Struts 2 Bug
CVE-2023-50164 is harder to exploit than the 2017 Struts bug behind the massive breach at Equifax, but don't underestimate the potential for attackers to use it in targeted attacks.
https://www.darkreading.com/cloud-security/patch-exploit-activity-dangerous-apache-struts-bug
Cybersecurity Startup, Xeol, Raises $3.2M in Seed Round
Xeol's technology secures an organization’s end-of-life software.
Pro-Hamas Cyberattackers Aim 'Pierogi' Malware at Multiple Mideast Targets
Gaza Cybergang has created a new backdoor version stuffed with tools to spy on and attack targets.
Complex 'NKAbuse' Malware Uses Blockchain to Hide on Linux, IoT Machines
The multifaceted malware leverages the NKN blockchain-based peer-to-peer networking protocol, operating as both a sophisticated backdoor and a flooder launching DDoS attacks.
https://www.darkreading.com/cloud-security/nkabuse-malware-blockchain-hide-linux-iot
In Appreciation: ESET Founder Rudolf Hruby Passes Away
Cybersecurity pioneer and soccer fan Rudolf Hruby was a prominent business figure in post-independence Slovakia.
https://www.darkreading.com/endpoint-security/eset-founder-rudolf-hruby-passes-away
UAE to Chair World Bank's Cloud Computing Working Group
The World Bank recognized UAE for its work with the private sector in implementing and securing cloud systems.
https://www.darkreading.com/cloud-security/uae-to-chair-world-banks-cloud-computing-working-group
Omdia: Standalone Security Products Outsell Cybersecurity Platforms
Cybersecurity platform vendors say enterprises want to buy fewer solutions from fewer vendors. Omdia research, however, tells a different, more nuanced story.
Soft Skills Every CISO Needs to Inspire Better Boardroom Relationships
Now more than ever, CISOs have an opportunity to impact business strategy and change the culture of their organization.
Swinfen Charitable Trust, UVA Health, Telemedicine AI, and MITRE Collaborate on Secure Global Health Telemedicine
Health professionals and patients in underserved areas to benefit from free, easy, and safe access to top medical specialists.
New 'GambleForce' Threat Actor Behind String of SQL Injection Attacks
The fresh-faced cybercrime group has been using nothing but publicly available penetration testing tools in its campaign so far.
https://www.darkreading.com/cloud-security/gambleforce-threat-actor-sql-injection-attacks
Volt Typhoon-Linked SOHO Botnet Infects Multiple US Gov't Entities
Chinese threat actors are taking advantage of the poor state of edge security to breach both small and big fish.
https://www.darkreading.com/cloud-security/volt-typhoon-soho-botnet-infects-us-govt-entities
Communicating with Impact: Tips for Discussing Cybersecurity Metrics with Boards
Metrics have a place when it comes to reporting on organizational security and risk management, but effectively communicating their relevance to the board in the context of the overall security story ...
https://www.darkreading.com/cyber-risk/communicating-with-impact-tips-discussing-metrics-with-boards
Iran-Linked 'OilRig' Cyberattackers Target Israel's Critical Infrastructure, Over & Over
The prolific APT repeatedly compromised targets in healthcare, manufacturing, and government with new lightweight downloaders that blend into network traffic for evasion.
Israeli Company Hires Overseas Attackers in 'Hack-Back' Effort
CEO of CyTaka says offensive actions would create a deterrent against cyberattacks.
The Unlikely Romance of Hackers and Government Suitors
Very little modern federal infrastructure is managed by the government — putting a substantial portion of potentially targetable attack surfaces under oversight of federal contractors.
https://www.darkreading.com/cybersecurity-operations/unlikely-romance-hackers-government-suitors