Ambitious Training Initiative Taps Talents of Blind and Visually Impaired

Novacoast's Apex Program prepares individuals with visual impairments for cybersecurity careers.

https://www.darkreading.com/cybersecurity-careers/ambitious-training-initiatve-taps-talents-of-blind-visually-impaired

Frameworks, Guidelines & Bounties Alone Won't Defeat Ransomware

We need more than "do-it-yourself" approaches to threats that clearly rise to the level of national security issues.

https://www.darkreading.com/vulnerabilities-threats/frameworks-guidelines-bounties-alone-wont-defeat-ransomware

Tips for Securing the Software Supply Chain

Industry experts share how to implement comprehensive security strategies necessary to secure the software supply chain in Dark Reading’s latest Tech Insights report.

https://www.darkreading.com/cyber-risk/tips-for-securing-the-software-supply-chain

Vietnamese Cybercrime Group CoralRaider Nets Financial Data

With a complex attack chain and using Telegram for its command and control, CoralRaider targets victims in Asian countries — and appears to have accidentally infected itself as well.

https://www.darkreading.com/vulnerabilities-threats/vietnamese-cybercrime-group-coralraider-nets-financial-data

Software-Defined Vehicle Fleets Face a Twisty Road on Cybersecurity

As manufacturers sprint to add software-defined features for vehicles, the ability for third-party maintenance and repair falls behind, leaving businesses with few choices to manage their cybersecurit...

https://www.darkreading.com/ics-ot-security/software-defined-vehicle-fleets-twisty-road-cybersecurity

Home Depot Hammered by Supply Chain Data Breach

SaaS vendor to blame for exposing employee data that was ultimately leaked on Dark Web forum, according to the home improvement retailer.

https://www.darkreading.com/cyberattacks-data-breaches/home-depot-hammered-by-supply-chain-data-breach

Round 2: Change Healthcare Targeted in Second Ransomware Attack

RansomHub, which is speculated to have some connection to ALPHV, has stolen 4TB of sensitive data from the beleaguered healthcare company.

https://www.darkreading.com/cyberattacks-data-breaches/round-2-change-healthcare-targeted-second-ransomware-attack

StrikeReady Raises $12M for AI Security Command Platform

https://www.darkreading.com/application-security/strikeready-raises-12m-for-ai-security-command-platform-purpose-built-for-modern-soc-teams

Wyden Releases Draft Legislation to End Federal Dependence on Insecure, Proprietary Software

https://www.darkreading.com/application-security/wyden-releases-draft-legislation-to-end-federal-dependence-on-insecure-proprietary-software

The Fight for Cybersecurity Awareness

Investing in cybersecurity skills creates a safer digital world for everyone.

https://www.darkreading.com/cybersecurity-operations/fight-for-cybersecurity-awareness

Solar Spider Spins Up New Malware to Entrap Saudi Arabian Financial Firms

An ongoing cyberattack campaign with apparent ties to China uses a new version of sophisticated JavaScript remote access Trojan JSOutProx and is now targeting banks in the Middle East.

https://www.darkreading.com/threat-intelligence/solar-spider-spins-up-new-malware-to-entrap-saudi-arabian-banks

Critical Bugs Put Hugging Face AI Platform in a 'Pickle'

One issue would have allowed cross-tenant attacks, and another enabled access to a shared registry for container images; exploitation via an insecure Pickle file showcases emerging risks for AI-as-a-s...

https://www.darkreading.com/cloud-security/critical-bugs-hugging-face-ai-platform-pickle

Panera Bread Fuels Ransomware Suspicions With Silence

The restaurant chain hasn't provided any information regarding what led to a widespread IT outage, and customers and employees are asking for answers.

https://www.darkreading.com/cybersecurity-operations/panera-bread-outage-leads-to-frustrated-customers

How Do We Integrate LLMs Security Into Application Development?

Large language models require rethinking how to bake security into the software development process earlier.

https://www.darkreading.com/application-security/how-do-we-integrate-llm-security-into-application-development-

CISO Corner: Ivanti's Mea Culpa; World Cup Hack; CISOs & Cyber Awareness

Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Dealing with a Ramadan cyber spike; funding Int...

https://www.darkreading.com/remote-workforce/ciso-corner-ivanti-mea-culpa-world-cup-hack-cyber-awareness

Magecart Attackers Pioneer Persistent E-Commerce Backdoor

The infamous payment-skimmer cybercrime organization is exploiting CVE-2024-20720 in Magento for a novel approach to stealing card data.

https://www.darkreading.com/cloud-security/magecart-attackers-pioneer-persistent-ecommerce-backdoor

White House's Call for Memory Safety Brings Challenges, Changes & Costs

Improving security in the applications that drive the digital economy is a necessary undertaking, requiring ongoing collaboration between the public and private sectors.

https://www.darkreading.com/vulnerabilities-threats/white-house-call-for-memory-safety-brings-challenges-changes-costs

Reconsider Your CNAPP Strategy Using These 5 Scenarios

Cloud-native application protection platforms (CNAPPs) sidestep siloed security and embed security into the earliest stages of application development.

https://www.darkreading.com/cloud-security/reconsider-your-cnapp-strategy-using-these-5-scenarios

SEXi Ransomware Desires VMware Hypervisors in Ongoing Campaign

A Babuk variant has been involved in at least four attacks on VMware EXSi servers in the last six weeks, in one case demanding $140 million from a Chilean data center company.

https://www.darkreading.com/threat-intelligence/sexi-ransomware-desires-vmware-hypervisors

Malicious Latrodectus Downloader Picks Up Where QBot Left Off

Initial access brokers are using the new downloader malware, which emerged just after QBot's 2023 disruption.

https://www.darkreading.com/threat-intelligence/new-loader-takes-over-where-qbot-left-off