NRC Issues Recommendations for Better Network, Software Security
The Network Resilience Coalition pushes adoption of standards like SSDF, OpenEoX and CISA's Secure By Design and Default framework.
Bastille Raises $44M Series C Investment Led by Goldman Sachs Asset Management
Wyden Releases Documents Confirming the NSA Buys Americans' Internet Browsing Records
Black Kite Unveils Monthly Ransomware Dashboards
Newly ID'ed Chinese APT Hides Backdoor in Software Updates
The threat actor went more than half a decade before being discovered — thanks to a remarkable backdoor delivered in invisible adversary-in-the-middle attacks.
https://www.darkreading.com/application-security/chinese-apt-hides-backdoor-in-software-updates
Microsoft Shares New Guidance in Wake of 'Midnight Blizzard' Cyberattack
Threat actors created and abused OAuth apps to access Microsoft's corporate email environment and remain there for weeks.
Series of Cyberattacks Hit Ukrainian Critical Infrastructure Organizations
It's unclear if the attacks — which hit oil and gas, postal service, transport safety, and railway organizations in the nation — were related.
Redefining Cybersecurity for a Comprehensive Security Posture
The integration of different disciplines of cybersecurity and fraud management is a necessary evolution in the face of increasingly sophisticated digital threats.
Saudi Arabia Boosts Railway Cybersecurity
Saudi rail provider partners will help Saudi Telecommunication Company (stc) to keep its security on track.
https://www.darkreading.com/ics-ot-security/saudi-arabia-boosts-railway-cybersecurity-partnership
Pegasus Spyware Targets Togolese Journalists' Mobile Devices
An investigation into 2021 intrusions uncovered multiple infections on the phones of journalists in the African country.
https://www.darkreading.com/endpoint-security/pegasus-spyware-togolese-journalists-mobile-devices
CISO Corner: Deep Dive Into SecOps, Insurance, & CISOs' Evolving Role
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps.
ICS Ransomware Danger Rages Despite Fewer Attacks
Refined tactics, increased collaboration between groups, and continued success exploiting zero-days is helping ICS ransomware attackers inflict more damage, researchers find.
https://www.darkreading.com/ics-ot-security/ics-ransomware-rages-fewer-attacks
Panorays Study Finds 94% of CISOs Are Concerned About Third-party Cyber Threats, Yet Only 3% Have Implemented Security Measures
SecurityScorecard Launches MAX
https://www.darkreading.com/cybersecurity-operations/securityscorecard-launches-max
Airline Gets SASE to Modernize Operations
Cathay, a travel lifestyle brand that includes the Cathay Pacific airline, had a growing cybersecurity problem made worse by its aging technology infrastructure. It solved part of the problem by repla...
https://www.darkreading.com/cloud-security/airline-experiments-with-sase-to-improve-overall-security
Pwn2Own 2024: Tesla Hacks, Dozens of Zero-Days in Electrical Vehicles
Hacking teams pick apart electrical vehicles (EVs), exposing them for what they are: safety-critical computers without commensurate security.
https://www.darkreading.com/ics-ot-security/pwn2own-2024-teslas-hacked-dozens-new-zero-days-evs
'Midnight Blizzard' Breached HPE Email Months Before Microsoft Hack
The Russian APT behind the SolarWinds attacks exfiltrated data from HPE email accounts last May.
Abu Dhabi Investment Firm Warns About Scam Efforts
A top financial entity warned that its brand is being used to spread cyber scams, as fraud efforts persist throughout the country.
https://www.darkreading.com/cyberattacks-data-breaches/abu-dhabi-investment-firm-warns-scam-efforts
Critical Cisco Unified Communications RCE Bug Allows Root Access
The vulnerability, tracked as CVE-2024-20253, makes enterprise communications infrastructure and customer service call centers sitting ducks for unauthenticated cyberattackers.
Protecting Children's Data Needs to Be a Priority for All
With rampant K-12 breaches fueling a fraud epidemic, cooperation and resolve are needed for progress.