'Commando Cat' Is Second Campaign of the Year Targeting Docker
The threat actor behind the campaign is still unknown, but it shares some similarities with other cyptojacking groups.
Delinea Research Reveals that Ransomware Is Back on the Rise As Cybercriminals' Motivation Shifts to Data Exfiltration
Feds Confirm Remote Killing of Volt Typhoon's SOHO Botnet
The China-backed APT was using the botnet, made up of mostly end-of-life, patchless routers from Cisco and Netgear, to set up shop inside US critical infrastructure.
https://www.darkreading.com/endpoint-security/feds-confirm-remote-killing-volt-typhoon-soho-botnet
China Infiltrates US Critical Infrastructure in Ramp-up to Conflict
Threat actors linked to the People's Republic of China, such as Volt Typhoon, continue to "pre-position" themselves in the critical infrastructure of the United States, according to military and law e...
Ukraine Military Targeted With Russian APT PowerShell Attack
The attack, associated with Shuckworm, employs TTPs observed in prior campaigns against the Ukrainian military, predominantly using PowerShell.
FritzFrog Botnet Exploits Log4Shell on Overlooked Internal Hosts
Everyone knows to patch vulnerabilities for Internet-facing assets, but what about internal ones? One botnet is counting on your complacency.
The Imperative for Robust Security Design in the Health Industry
It is imperative that healthcare and health-tech companies move beyond reactive measures and adopt a proactive stance in safeguarding sensitive patient information.
Saudi Arabia Debuts 'Generative AI for All' Program
The initiative is aimed at promoting policy, ethics, and expansion of AI in the country.
https://www.darkreading.com/application-security/saudi-arabia-debuts-generative-ai-for-all-program
CMMC Is the Starting Line, Not the Finish
Cybersecurity Maturity Model Certification (CMMC) and a harden, detect, and respond mindset are key to protecting defense and critical infrastructure companies.
https://www.darkreading.com/cyberattacks-data-breaches/cmmc-starting-line-not-finish
3 ISIS Members Slapped With Sanctions From US Treasury
Evidently, even terrorists need cybersecurity training. New sanctions aim to disrupt their cyber and financial operations.
https://www.darkreading.com/cybersecurity-operations/three-isis-members-slapped-sanctions-treasury
Incognia Secures $31M to Meet Demand for Proactive Approach to Fraud Prevention
Kasperskys ICS CERT Predictions for 2024: Ransomware Rampage, Cosmopolitical Hacktivism, and Beyond
Aim Security Raises $10M to Secure Generative AI Enterprise Adoption
Managing Identity Across Clouds Critical to Enterprise Security
Privileged access management (PAM) is notoriously difficult to deploy and companies' increasing use of cloud has made it even more complex.
Ransomware Groups Gain Clout With False Attack Claims
Technica? Europcar? Cybercriminals are increasingly bluffing about ransomware attacks, and the cybersecurity community is helping by spreading their lies.
https://www.darkreading.com/threat-intelligence/ransomware-groups-gain-clout-fake-attack-claims
Microsoft Threat Report: How Russia’s War on Ukraine Is Impacting the Global Cybersecurity Community
The Russians are engaged in widespread influence operations designed to erode trust, increase polarization, and threaten democratic processes around the globe.
Fulton County Suffers Power Outages as Cyberattack Continues
County services have come to a halt and are not expected to resume until next week; no threat actor has yet been identified.
'Leaky Vessels' Cloud Bugs Allow Container Escapes Globally
The four security vulnerabilities are found in Docker and beyond, and one affecting runC affects essentially every cloud-native developer worldwide.
https://www.darkreading.com/cloud-security/leaky-vessel-cloud-bugs-container-escapes-globally
Johnson Controls Ransomware Cleanup Costs Top $27M and Counting
JCI's latest SEC filing notes that its smart-factory installations weren't compromised, allaying physical security fears.
https://www.darkreading.com/ics-ot-security/johnson-controls-ransomware-cleanup-costs-27m
More Ivanti VPN Zero-Days Fuel Attack Frenzy as Patches Finally Roll
Both China-backed APTs and ordinary cyberattackers have seized on a pair of Ivanti VPN bugs for global exploitation.