8 Strategies for Defending Against Help Desk Attacks
The help desk is under siege from AI-based and other attacks. Next-gen tactics call for in-depth cyber-defense strategies.
Chameleon Android Trojan Offers Biometric Bypass
A more sophisticated version of a "work in progress" malware is impersonating a Google Chrome app to attack a wider swath of mobile users.
https://www.darkreading.com/endpoint-security/chameleon-android-trojan-offers-biometric-bypass
SMS Phishing Messages Target UAE Citizens, Visitors
The text messages threaten fines if the victims don't provide personal and financial details.
How AI Is Shaping the Future of Cybercrime
Cybercriminals are increasingly using AI tools to launch successful attacks, but defenders are battling back.
https://www.darkreading.com/vulnerabilities-threats/how-ai-shaping-future-cybercrime
As Namibians Rush to Register SIMs, Major Telco Hoards Biometric Data
No good deed goes unpunished, as a national push to combat SIM fraud has introduced new logistical and privacy issues for ordinary citizens.
ISAs and the Dawning Hardware Security Revolution
Instruction set architecture extensions are moving the cybersecurity fight from the software to the hardware layer.
https://www.darkreading.com/endpoint-security/isa-dawning-hardware-security-revolution
What's the Best Way to Communicate After a Data Breach?
So you've had a data breach, and now you need to take the next step. Here's a guide for communicators dealing with security incidents from Ashley Sawatsky of Rootly.
https://www.darkreading.com/cybersecurity-operations/best-way-communicate-after-data-breach
Console & Associates, P.C.: ESO Solutions Notifies 2.7M People of Data Breach That Leaked Their SSNs
Black Hat Europe 2023 Closes on Record-Breaking Event in London
Defiant BlackCat Gang Stands Up New Site, Calls for Revenge Attacks
Ransomware group tries to claw back operations following FBI disruption, and lifts a previous ban on attacks against critical infrastructure in retaliation.
https://www.darkreading.com/cybersecurity-operations/blackcat-unseizes-sites-fbi-revenge-attacks
Physical Access Systems Open Cyber Door to IT Networks
Besides unlocking supposedly secure doors, a man-in-the-middle cyberattack on physical access controllers can enable ransomware, data theft, and more.
https://www.darkreading.com/ics-ot-security/physical-access-systems-open-cyber-door-it-networks
Iranian 'Seedworm' Cyber Spies Target African Telcos & ISPs
Seedworm, aka MuddyWater, drops PowerShell-based malware on victims using living-off-the-land techniques.
Attackers Exploit 6-Year-Old Microsoft Office Bug to Spread Spyware
Malicious attachments that exploit an RCE flaw from 2017 are propagating Agent Tesla via socially engineered emails and an evasive infection method.
https://www.darkreading.com/cloud-security/attackers-exploit-microsoft-office-bug-spyware
Targeted F5 Vulnerability 'Update' Delivers Wiper to Israeli Victims
Files purporting to be an F5 vulnerability patch are deleting server contents.
3 Ways to Use Real-Time Intelligence to Defeat Bots
Threat intelligence feedback loops are an increasingly vital tool in the escalating battle against bots.
https://www.darkreading.com/threat-intelligence/3-ways-real-time-intelligence-defeat-bots
5 Essential Insights From the Microsoft Digital Defense Report 2023
By reviewing the latest risks, organizations can better protect themselves against a dynamic threat landscape — and deploy technologies and policies that keep them better defended.
Bugcrowd Announces Vulnerability Ratings for LLMs
The update to the company's Vulnerability Rating Taxonomy offers vulnerability researchers a framework for assessing and prioritizing vulnerabilities in large language models.
https://www.darkreading.com/application-security/bugcrowd-announces-vulnerability-ratings-for-llms
How States Help Municipalities Build Their Cyber Defenses
State CISOs and cybersecurity task forces are grappling with the best ways to use federal grant money to keep their citizens safe online.
Key Building Blocks to Advance American Leadership in AI
AI has tremendous potential to improve efficiency and outcomes in the public and private sectors. A holistic approach to AI and security is critical to achieving the potential of AI while minimizing t...
https://www.darkreading.com/cyber-risk/key-building-blocks-to-advance-american-leadership-in-ai
Console & Associates, P.C.: Comcast Xfinity Reports Data Breach Exposing Confidential Information of 35M Customers