MedSec Launches Cybersecurity Program For Resource-Constrained Hospitals
National Security Agency Announces Dave Luber As Director of Cybersecurity
NSA Updates Zero-Trust Advice to Reduce Attack Surfaces
Agency encourages broader use of encryption, data-loss prevention, as well as data rights management to safeguard data, networks, and users.
Selecting the Right Authentication Protocol for Your Business
Prioritizing security and user experience will help you build a robust and reliable authentication system for your business.
TA547 Uses an LLM-Generated Dropper to Infect German Orgs
It's finally happening: Rather than just for productivity and research, threat actors are using LLMs to write malware. But companies need not worry just yet.
https://www.darkreading.com/threat-intelligence/ta547-uses-llm-generated-dropper-infect-german-orgs
Medusa Gang Strikes Again, Hits Nearly 300 Fort Worth Property Owners
Though a municipal agency assures the public that few are affected, hundreds have their data held ransom for $100,000 by the ransomware gang.
Cagey Phishing Campaign Delivers Multiple RATs to Steal Windows Data
Various anti-detection features, including the use of the ScrubCrypt antivirus-evasion tool, fuel an attack that aims to take over Microsoft Windows machines.
How Nation-State DDoS Attacks Impact Us All
Global organizations and geopolitical entities must adopt new strategies to combat the growing sophistication in attacks that parallel the complexities of our new geopolitical reality.
https://www.darkreading.com/cyberattacks-data-breaches/how-nation-state-ddos-attacks-impact-us-all
Google Gives Gemini a Security Boost
Google integrated Mandiant's security offerings into its AI platform to detect, stop, and remediate cybersecurity attacks as quickly as possible.
https://www.darkreading.com/cloud-security/google-gives-gemini-a-security-boost
Attack on Consumer Electronics Manufacturer boAt Leaks Data on 7.5M Customers
In a cyberattack more reminiscent of the 2010s, a seemingly lone hacker fleeced a major corporation for millions of open customer records.
Top MITRE ATT&CK Techniques and How to Defend Against Them
A cheat sheet for all of the most common techniques hackers use, and general principles for stopping them.
New Jamf Tools Give Enterprise IT Security and Compliance Controls
The device management company introduced a Fleet Hardening Score and Privilege Escalation (the good kind) to its endpoint security platform for Apple devices.
Microsoft Patch Tuesday Tsunami: No Zero-Days, but an Asterisk
Microsoft patched a record number of 147 new CVEs this month, though only three are rated "Critical."
LG Smart TVs at Risk of Attacks, Thanks to 4 OS Vulnerabilities
Scans showed that 91,000 devices are exposed and at risk for unauthorized access and TV set takeover.
ESET Launches a New Solution for Small Office/Home Office Businesses
Veriato Launches Next Generation Insider Risk Management Solution
EV Charging Stations Still Riddled With Cybersecurity Vulnerabilities
As more electric vehicles are sold, the risk to compromised charging stations looms large alongside the potential for major cybersecurity exploits.
Proper DDoS Protection Requires Both Detective and Preventive Controls
DDoS attacks still plague the enterprise, but adding preventive measures can reduce their impact.
Why Liquid Cooling Systems Threaten Data Center Security & Our Water Supply
We are potentially encroaching on a water supply crisis if data center operators, utilities, and the government don't implement preventative measures now.
92K D-Link NAS Devices Open to Critical Command-Injection Bug
The company is asking users to retire several network-attached storage (NAS) models to avoid compromise through a publicly available exploit that results in backdooring.
https://www.darkreading.com/cloud-security/92k-dlink-nas-critical-command-injection-bug