Cisco Warns of Massive Surge in Password-Spraying Attacks on VPNs
Attackers are indiscriminately targeting VPNs from Cisco and several other vendors in what may be a reconnaissance effort, the vendor says.
GPT-4 Can Exploit Most Vulns Just by Reading Threat Advisories
Existing AI technology can allow hackers to automate exploits for public vulnerabilities in minutes flat. Very soon, diligent patching will no longer be optional.
ICS Network Controllers Open to Remote Exploit, No Patches Available
CISA advisory warns of critical ICS device flaws, but a lack of available fixes leaves network administrators on defense to prevent exploits.
Auburn's McCrary Institute and Oak Ridge National Laboratory to Partner on Regional Cybersecurity Center
Russian APT Group Thwarted in Attack on US Automotive Manufacturer
The group gained access to the victim network by duping IT employees with high administrative-access privileges.
Break Security Burnout: Combining Leadership With Neuroscience
Industry leaders aim to solve the threat to both the mental health of workers and security of organizations with solutions that recognize the enormous pressures facing cybersecurity professionals.
Rebalancing NIST: Why 'Recovery' Can't Stand Alone
The missing ingredient in NIST's newest cybersecurity framework? Recovery.
https://www.darkreading.com/vulnerabilities-threats/rebalancing-nist-why-recovery-cant-stand-alone
For Service Accounts, Accountability Is Key to Security
Modern networks teem with machine accounts tasked with simple automated tasks yet given too many privileges and left unmonitored. Resolve that situation and you close an attack vector.
https://www.darkreading.com/cloud-security/for-service-accounts-accountability-is-key-to-security
Countering Voice Fraud in the Age of AI
Caller ID spoofing and AI voice deepfakes are supercharging phone scams. Fortunately, we have tools to help organizations and people protect against the devious combination.
https://www.darkreading.com/vulnerabilities-threats/countering-voice-fraud-in-the-age-of-ai
Open Source Tool Looks for Signals in Noisy AWS Cloud Logs
Permiso Security announced Cloud Console Cartographer during Black Hat Asia to help defenders look inside Amazon Web Services events logs for signs of cyberattacks.
https://www.darkreading.com/cloud-security/open-source-tool-looks-signals-in-noisy-aws-cloud-logs
Sneaky Shellcode: Windows Fibers Offer EDR-Proof Code Execution
Two new code-execution techniques, Poison Fiber and Phantom Thread, take advantage of a little-known Windows OS workhorse to sneak shellcode and other malware onto victim machines.
Nigeria & Romania Ranked Among Top Cybercrime Havens
A survey of cybercrime experts assessing the top cybercrime-producing nations results in some expected leaders — Russia, Ukraine, and China — but also some surprises.
Redgate Launches Enterprise Edition of Redgate Monitor
Dangerous ICS Malware Targets Orgs in Russia and Ukraine
"Kapeka" and "Fuxnext" are the latest examples of malware to emerge from the long-standing conflict between the two countries.
Active Kubernetes RCE Attack Relies on Known OpenMetadata Vulns
Once attackers have control over a workload in the cluster, they can leverage access for lateral movement both inside the cluster and to external resources.
Ivanti Releases Fixes for More Than 2 Dozen Vulnerabilities
Users will need to download the latest version of Ivanti's Avalanche to apply fixes for all of the bugs.
Preparing for Cyber Warfare: 6 Key Lessons From Ukraine
Having a solid disaster recovery plan is the glue that keeps your essential functions together when all hell breaks loose.
https://www.darkreading.com/cyberattacks-data-breaches/cyber-warfare-6-key-lessons-from-ukraine
Various Botnets Pummel Year-Old TP-Link Flaw in IoT Attacks
Moobot, Miori, AGoent, and a Gafgyt variant have joined the infamous Mirai botnet in attacking unpatched versions of vulnerable Wi-Fi routers.
https://www.darkreading.com/ics-ot-security/various-botnets-pummel-tp-link-flaw-iot-attacks
Why a Native-First Approach Is Key to Cloud Security
A native-first approach delivers better protections and a more efficient use of resources than best-of-breed solutions, benefiting cloud service providers and end-user customers alike.
https://www.darkreading.com/cloud-security/why-a-native-first-approach-is-key-to-cloud-security
How Boards Can Prepare for Quantum Computers
Quantum computing on the level that poses a threat to current cybersecurity measures is still years off. Here's what enterprises can do now to avoid future disruptions.
https://www.darkreading.com/cyber-risk/how-boards-prepare-quantum-computers