Beware Weaponized YouTube Channels Spreading Lumma Stealer
Videos promoting how to crack popular software circumvent Web filters by using GitHub and MediaFire to propagate the malware.
Bangladesh Election App Crashes Amid Suspected Cyberattack
The country's election commission pointed the blame at traffic coming from Ukraine and Germany.
It's Time to Close the Curtain on Security Theater
A shift of focus to cyberattack prevention strategies will more effectively mitigate risk.
https://www.darkreading.com/cyberattacks-data-breaches/time-to-close-curtain-on-security-theater
TitanHQ Launches PhishTitan to Combat Advanced Phishing Attacks
Chertoff Group Affiliate Completes Trustwave Acquisition
The deal will allow Trustwave to expand its global reach.
https://www.darkreading.com/cloud-security/chertoff-group-affiliate-completes-trustwave-acquisition
Executing Zero Trust in the Cloud Takes Strategy
Zero trust architecture is a pivotal enabler of cloud cybersecurity, but proper implementation entails specialized planning.
https://www.darkreading.com/cloud-security/executing-zero-trust-in-the-cloud-takes-strategy
Cacti Monitoring Tool Spiked by Critical SQL Injection Vulnerability
Attackers can exploit the issue to access all data in Cacti database; and, it enables RCE when chained with a previous vulnerability.
Turkish APT 'Sea Turtle' Resurfaces to Spy on Kurdish Opposition
An old state-aligned threat actor is back on the radar, thanks to recent EMEA espionage campaigns against a minority ethnic group.
https://www.darkreading.com/threat-intelligence/turkish-apt-sea-turtle-spy-kurdish-opposition
US, Israel Used Dutch Spy to Launch Stuxnet Malware Against Iran
Report says US and Israel spent $1 billion to develop the infamous Stuxnet virus, built to sabotage Iran's nuclear program in 2008.
https://www.darkreading.com/ics-ot-security/us-israel-dutch-spy-stuxnet-malware-against-iran
Beirut Airport Cyberattack Targets Hezbollah
In addition to posting messages criticizing the group, the cyberattackers disrupted flight information and baggage handling systems.
https://www.darkreading.com/cyberattacks-data-breaches/beirut-airport-cyberattack-targets-hezbollah
'Swatting' Becomes Latest Extortion Tactic in Ransomware Attacks
Threat actors leave medical centers with the difficult choice of paying the ransom or witnessing patients suffer the consequences.
Protecting Critical Infrastructure Means Getting Back to Basics
Critical infrastructure organizations need to recognize that the technology and cybersecurity landscapes have changed.
Iranian Crypto Exchange Misstep Exposes User Details
Iranian citizens' personal details were left visible online due to a misconfigured storage system.
Fire Sale: Zeppelin Ransomware Source Code Sells for $500 on Dark Web
The buyer could use the code to restart the up to now all-but defunct Zeppelin ransomware-as-a-service operation.
23andMe: 'Negligent' Users at Fault for Breach of 6.9M Records
When it comes to bad passwords, how much responsibility should a service provider share with its customers?
North Korea Debuts 'SpectralBlur' Malware Amid macOS Onslaught
The post-exploitation backdoor is the latest in a string of custom tools aimed at spying on Apple users.
Cyber-Focused FBI Agents Deploy to Embassies Globally
The bureau is adding six new positions placed in locations that include New Delhi and Rome.
Syrian Threat Group Peddles Destructive SilverRAT
The Middle Eastern developers claim to be building a new version of the antivirus-bypassing remote access Trojan (RAT) attack tool.
Dubai-US Deal Aims to Secure Medical, IoT Devices in the Middle East
IoT surge across the Middle East spawns demand for more secure devices in business, healthcare, and energy.
Why Red Teams Can't Answer Defenders' Most Important Questions
Red-team assessments aren't very good at validating that defenses are working, so defenders don't have a realistic sense of how strong their defenses are.