Vectra AI Launches Global, 24x7 Open MXDR Service Built to Defend Against Hybrid Attacks
LightEdge Releases Next-Gen Suite of Cloud Security & Managed Services
Demand for 'Secure by Design' Product Growing, Creating Opportunity for Software Security Specialization
iOS, Android Malware Steals Faces to Defeat Biometrics With AI Swaps
Southeast Asia is learning the hard way that biometric scans are nearly as easy to bypass as other kinds of authentication data, thanks to a creative banking Trojan.
https://www.darkreading.com/application-security/ios-malware-steals-faces-defeat-biometrics-ai-swaps
Cobalt's New Report Uncovers a Big Shift in Cybersecurity Strategy
Perforce to Acquire Delphix, Adding Enterprise Data Management Software to its DevOps Portfolio
Microsoft Exchange Server Flaw Exploited as a Zero-Day Bug
Microsoft has observed signs of active exploits targeting CVE-2024-2140.
Critical Software Vulnerabilities Impacting Credit Unions Discovered by LMG Security Researcher
Surge in 'Hunter-Killer' Malware Uncovered by Picus Security
Cyberattack Disrupts German Battery-Production Lines
It's unclear what kind of cyberattack VARTA AG is facing, but it has shut down its systems until it can become operational again.
CISA HBOM Framework Doesn't Go Far Enough
CISA's recently introduced framework for hardware bill of materials is an important step in addressing semiconductor risks. But further tracking beyond manufacturing is critical to its usefulness.
https://www.darkreading.com/cyber-risk/cisa-hbom-framework-doesn-t-go-far-enough
DataDome Expands Bot Bounty Program to the Public, Invites Researchers to Rigorously Test its Solution
DoJ Breaks Russian Military Botnet in Fancy Bear Takedown
The feds disrupted a Russian intelligence SOHO router botnet notable for being built with Moobot malware rather than custom code.
https://www.darkreading.com/cyberattacks-data-breaches/doj-breaks-russian-military-botnet-
Russian APT Turla Wields Novel Backdoor Malware Against Polish NGOs
A spate of recent cyber-espionage attacks showcases Turla's brand-new modular custom malware, and an expansion of the state-sponsored group's scope of targets.
Cybersecurity's Transformative Shift
The industry is evolving from one of conventional threat detection toward a strategy that emphasizes context and preempts user behavior.
https://www.darkreading.com/cybersecurity-operations/cybersecuritys-transformative-shift
AWS SNS Compromises Fuel Cloud Smishing Campaign
Using a custom Python script to send bulk phishing messages with a USPS lure, the cyberattackers are posing a risk to consumer-facing organizations moving workloads to the cloud.
https://www.darkreading.com/cloud-security/aws-sns-compromises-fuel-cloud-smishing-campaign
10 Security Metrics Categories CISOs Should Present to the Board
Boards of directors don't care about the minute technical details of the security program. They want to see how key performance indicators are tracked and utilized.
Microsoft, OpenAI: Nation-States Are Weaponizing AI in Cyberattacks
It's not theoretical anymore: the world's major powers are working with large language models to enhance their offensive cyber operations.
Prudential Files Voluntary Breach Notice With SEC
The finance services giant says it was hacked — and reported the incident proactively before SEC requirements mandated it. It could be an anti-extortion move, or merely a brand protection effort.
https://www.darkreading.com/cybersecurity-operations/prudential-files-voluntary-breach-notice-sec
Ransomware Epidemic at Romanian Hospitals Tied to Healthcare App
Threat actors first infected the Hipocrate Information System with a variant of the Phobos ransomware family — and then it spread across the nation's healthcare organizations.