Ivanti Pledges Security Overhaul the Day After 4 More Vulns Disclosed

So far this year, Ivanti has disclosed a total of 11 flaws — many of them critical — in its remote access products.

https://www.darkreading.com/remote-workforce/ivanti-ceo-commits-to-security-overhaul-day-after-vendor-discloses-4-more-vulns

Action1 Unveils 'School Defense' Program To Help Small Educational Institutions Thwart Cyberattacks

https://www.darkreading.com/cybersecurity-operations/action1-unveils-school-defense-program-to-help-small-educational-institutions-thwart-cyberattacks

Thousands of Australian Businesses Targeted With 'Reliable' Agent Tesla RAT

Latest campaign underscores wide-ranging functionality and staying power of a decade-old piece of information-stealing malware.

https://www.darkreading.com/remote-workforce/thousands-of-australian-businesses-targeted-with-agent-tesla-rat

Critical Security Flaw Exposes 1 Million WordPress Sites to SQL Injection

A researcher received a $5,500 bug bounty for discovering a vulnerability (CVE-2024-2879) in LayerSlider, a plug-in with more than a million active installations.

https://www.darkreading.com/remote-workforce/critical-security-flaw-wordpress-sql-injection

How CISOs Can Make Cybersecurity a Long-Term Priority for Boards

Cybersecurity is far more than a check-the-box exercise. To create companywide buy-in, CISOs need to secure board support, up their communication game, and offer awareness-training programs to fight s...

https://www.darkreading.com/cyber-risk/how-cisos-can-make-cybersecurity-long-term-priority-for-boards

Cyberattack Shutters Some Operations at Japanese Lens Manufacturer

Tokyo-based eyeglass and medical lens-maker Hoya said the attack has halted production processes in some locations as well as an ordering system for some of its products.

https://www.darkreading.com/cyberattacks-data-breaches/cyberattack-shutters-some-operations-at-japanese-lens-manufacturer

How to Tame SQL injection

As part of its Secure by Design initiative, the Cybersecurity and Infrastructure Security Agency urged companies to redouble efforts to quash SQL injection vulnerabilities. Here's how.

https://www.darkreading.com/application-security/tools-and-techniques-to-tame-sql-injection

AI's Dual Role on SMB Brand Spoofing

Cybercriminals are using AI to impersonate small businesses. Security architects are using it to help small businesses fight back.

https://www.darkreading.com/cybersecurity-analytics/ai-dual-role-smb-brand-spoofing

Singapore Sets High Bar in Cybersecurity Preparedness

While Singaporean organizations have adopted the majority of their government's cybersecurity recommendations, they aren't immune: More than eight in 10 experienced a cybersecurity incident over the c...

https://www.darkreading.com/cybersecurity-analytics/singapore-sets-high-bar-in-cybersecurity-preparedness

LockBit Ransomware Takedown Strikes Deep Into Brand's Viability

Nearly three months after Operation Cronos, it's clear the gang is not bouncing back from the innovative law-enforcement action. RaaS operators are on notice, and businesses should pay attention.

https://www.darkreading.com/threat-intelligence/lockbit-ransomware-takedown-strikes-brand-viability

TAG Report Reveals Endpoint Backup Is Essential to Improving Data Resiliency

https://www.darkreading.com/endpoint-security/tag-report-reveals-endpoint-backup-is-essential-to-improving-data-resiliency

CyberRatings.org Announces Test Results for Cloud Network Firewall

https://www.darkreading.com/cloud-security/cyberratings-org-announces-test-results-for-cloud-network-firewall

More Than Half of Organizations Plan to Adopt AI Solutions in Coming Year, Reports Cloud Security Alliance and Google Cloud

https://www.darkreading.com/cloud-security/more-than-half-of-organizations-plan-to-adopt-ai-solutions-in-coming-year-according-to-cloud-security-alliance-and-google-cloud-report

How Soccer's 2022 World Cup in Qatar Was Nearly Hacked

A China-linked threat actor had access to a router configuration database that could have completely disrupted coverage, a security vendor says.

https://www.darkreading.com/cyber-risk/how-the-2022-qatar-world-cup-soccer-was-nearly-hacked

TruCentive Enhances Privacy With HIPAA Compliant Personal Information De-identification

https://www.darkreading.com/cyber-risk/trucentive-enhances-privacy-with-hipaa-compliant-personal-information-de-identification

Oil & Gas Sector Falls for Fake Car Accident Phishing Emails

Effective Rhadamanthys phishing campaign spoofs nonexistent "Federal Bureau of Transportation" to compromise recipients, analysts discover.

https://www.darkreading.com/cyberattacks-data-breaches/oil-gas-sector-falling-for-fake-vehicle-incident-email-lure

Omni Hotel IT Outage Disrupts Reservations, Digital Key Systems

Guests affected by the companywide disruption vented their frustrations on social media.

https://www.darkreading.com/cybersecurity-operations/omni-hotel-it-outage-causes-operational-disruptions

The Biggest Mistake Security Teams Make When Buying Tools

Security teams often confuse tool purchasing with program management. They should focus on what a security program means to them, and what they are trying to accomplish.

https://www.darkreading.com/cybersecurity-operations/biggest-mistake-security-teams-make-when-buying-tools

Feds to Microsoft: Clean Up Your Cloud Security Act Now

A federal review board demanded that the tech giant prioritize its "inadequate" security posture, putting the blame solely on the company for last year's Microsoft 365 breach that allowed China's Stor...

https://www.darkreading.com/cloud-security/feds-microsoft-clean-up-cloud-security-act

Why Cybersecurity Is a Whole-of-Society Issue

Working together and integrating cybersecurity as part of our corporate and individual thinking can make life harder for hackers and safer for ourselves.

https://www.darkreading.com/cyberattacks-data-breaches/why-cybersecurity-is-whole-of-society-issue