Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content tagged with Threat Intelligence
Page 1 / 2   >   >>
Ransomware Operators' Strategies Evolve as Attacks Rise
News  |  6/16/2021  | 
Security researchers find ransomware operators rely less on email and more on criminal groups for initial access into target networks.
Biden Tells Putin Critical Infrastructure Sectors 'Off Limits' to Russian Hacking
Quick Hits  |  6/16/2021  | 
President Joe Biden said he and Russian President Vladimir Putin agreed to discuss boundaries in cyber activity.
Security Flaw Discovered In Peloton Equipment
Quick Hits  |  6/16/2021  | 
The vulnerability could give attackers remote root access to the bike's tablet, researchers report.
Microsoft Disrupts Large-Scale BEC Campaign Across Web Services
News  |  6/15/2021  | 
Attackers had used the cloud-based infrastructure to target mailboxes and add forwarding rules to learn about financial transactions.
Andariel Group Targets South Korean Entities in New Campaign
Quick Hits  |  6/15/2021  | 
Andariel, designated as a sub-group of the Lazarus Group APT, has historically targeted South Korean organzations.
Deloitte Buys Terbium Labs to Expand Threat Intel Capabilities
Quick Hits  |  6/15/2021  | 
Terbium Labs' products and services will become part of Deloitte's Detect & Respond lineup, the company confirms.
Name That Toon: Sight Unseen
Commentary  |  6/14/2021  | 
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
Trickbot Investigation Shows Details of Massive Cybercrime Effort
News  |  6/11/2021  | 
Nearly a score of cybercriminals allegedly worked together to create the Trickbot malware and deploy it against more than a million users, an unsealed indictment claims.
McDonald's Data Breach Exposed Business & Customer Data
Quick Hits  |  6/11/2021  | 
An investigation has revealed company data has been breached in the United States, South Korea, and Taiwan.
Many Mobile Apps Intentionally Using Insecure Connections for Sending Data
News  |  6/11/2021  | 
A new analysis of iOS and Android apps released to Apple's and Google's app stores over the past five years found many to be deliberately breaking HTTPS protections.
'Fancy Lazarus' Criminal Group Launches DDoS Extortion Campaign
News  |  6/10/2021  | 
The group has re-emerged after a brief hiatus with a new email campaign threatening a DDoS attack against businesses that don't pay ransom.
Intl. Law Enforcement Operation Disrupts Slilpp Marketplace
Quick Hits  |  6/10/2021  | 
A seizure warrant affidavit unsealed today states Slilpp had sold allegedly stolen login credentials since 2012.
Deepfakes Are on the Rise, but Don't Panic Just Yet
Commentary  |  6/10/2021  | 
Deepfakes will likely give way to deep suspicion, as users try to sort legitimate media from malicious.
Cyber Is the New Cold War & AI Is the Arms Race
Commentary  |  6/10/2021  | 
Continual cyberattacks have pushed us into a new kind of Cold War, with artificial intelligence the basis of this new arms race.
Required MFA Is Not Sufficient for Strong Security: Report
News  |  6/9/2021  | 
Attackers and red teams find multiple ways to bypass poorly deployed MFA in enterprise environments, underscoring how redundancy and good design are still required.
CISA Addresses Rise in Ransomware Threatening OT Assets
Quick Hits  |  6/9/2021  | 
The agency has released guidance in response to a rise of ransomware attacks affecting OT assets and control systems.
Ransomware Is Not the Problem
Commentary  |  6/9/2021  | 
Arbitrarily powerful software -- applications, operating systems -- is a problem, as is preventing it from running on enterprise systems.
Phished Account Credentials Mostly Verified in Hours
News  |  6/8/2021  | 
Almost two-thirds of all phished credentials are verified by attackers within a day and then used in a variety of schemes, including business email compromise and targeting other users with malicious code.
Microsoft Patches 6 Zero-Days Under Active Attack
News  |  6/8/2021  | 
The June 2021 Patch Tuesday fixes 50 vulnerabilities, six of which are under attack and three of which were publicly known at the time of disclosure.
FBI Issued Encrypted Devices to Capture Criminals
Quick Hits  |  6/8/2021  | 
A sting operation delivered devices into the hands of global criminals and used the intelligence gathered to stop drug crimes.
Microsoft CISO Shares Remote Work Obstacles & Lessons Learned
News  |  6/8/2021  | 
Bret Arsenault explains changes he implemented along the way as Microsoft's workforce went from 20% to 97% remote.
First Known Malware Surfaces Targeting Windows Containers
News  |  6/7/2021  | 
Siloscape is designed to create a backdoor in Kubernetes clusters to run malicious containers.
DoJ Seizes $2.3M in Bitcoin Paid to Colonial Pipeline Attackers
Quick Hits  |  6/7/2021  | 
The amount allegedly represents a May 8 payment to the DarkSide ransomware group.
Latvian Woman Charged for Role In Crafting Trickbot Malware
Quick Hits  |  6/7/2021  | 
Alla Witte and her associates are accused of using Trickbot to infect tens of millions of computers around the world, the Justice Department reports.
CISA Warns Criminals Seek to Exploit Critical VMware Bug
Quick Hits  |  6/7/2021  | 
Organizations running vCenter Server and VMware Cloud Foundation are urged to apply fixes deployed on May 25.
Cartoon Caption Winner: Road Trip
Commentary  |  6/7/2021  | 
And the winner of Dark Reading's cartoon caption contest is ...
Cyber Athletes Compete to Form US Cyber Team
Commentary  |  6/7/2021  | 
Here's how security pros can showcase value to future employers: a field of friendly strife to measure their aptitude against competitors.
NortonLifeLock Criticized for New Cryptomining Feature
News  |  6/7/2021  | 
While the crypto crowd applauds the move, critics worry about the environmental impact, supporting a currency used for ransomware, and mining further slowing down systems.
Proposed Sale Casts Cloud Over Future of FireEye's Products
News  |  6/3/2021  | 
Symphony Technology Group, which is buying FireEye, already owns multiple security companies "with redundancies in numerous areas."
Google Experts Explore Open Source Security Challenges & Fixes
News  |  6/3/2021  | 
An open source security event brought discussions of supply chain security and managing flaws in open source projects.
REvil Behind JBS Ransomware Attack: FBI
Quick Hits  |  6/3/2021  | 
Officials attribute the attack to REvil/Sodinokibi and say they are working to bring the threat actors to justice.
FireEye Sells Products Business to Symphony Group for $1.2B
Quick Hits  |  6/2/2021  | 
The transaction will include the FireEye brand name; the business that remains will be called Mandiant Solutions.
Microsoft Buys ReFirm Labs to Drive IoT Security Efforts
News  |  6/2/2021  | 
The acquisition will bring ReFirm's firmware analysis capabilities alongside Microsoft's Azure Defender for IoT to boost device security.
Critical Zero-Day Discovered in Fancy Product Designer WordPress Plug-in
Quick Hits  |  6/2/2021  | 
The plug-in under active attack has been installed on more than 17,000 websites, say researchers.
Is Your Adversary James Bond or Mr. Bean?
Commentary  |  6/2/2021  | 
Especially with nation-state attacks, its critical to assess whether you're up against jet fighter strength or a bumbler who tries to pick locks.
US Seizes Attacker Domains Used in USAID Phishing Campaign
News  |  6/1/2021  | 
The move follows last week's disclosure of an ongoing attack designed to mimic emails from the US Agency for International Development.
New Barebones Ransomware Strain Surfaces
News  |  6/1/2021  | 
The authors of Epsilon Red have offloaded many tasks that are usually integrated into the ransomware -- such as Volume Shadow Copy deletion -- to PowerShell scripts.
Modern SOCs a 'Painful' Challenge Amid Growing Complexity: Report
Quick Hits  |  5/28/2021  | 
A new study examines the tools and technologies driving investment and activities for security operations centers.
SolarWinds Attackers Impersonate USAID in Advanced Email Campaign
News  |  5/28/2021  | 
Microsoft shares the details of a wide-scale malicious email campaign attributed to Nobelium, the group linked to the SolarWinds supply chain attack.
Plug-ins for Code Editors Pose Developer-Security Threat
News  |  5/28/2021  | 
There are two critical vulnerabilities in plug-ins for the popular Visual Studio Code editor, now patched, but security firm Snyk warns that popular plug-ins could put development environments in jeopardy.
'Have I Been Pwned' Code Base Now Open Source
Quick Hits  |  5/27/2021  | 
Founder Troy Hunt also announces the platform will receive compromised passwords the FBI finds in its investigations.
BazaLoader Attackers Create Fake Movie Streaming Site to Trick Victims
Quick Hits  |  5/27/2021  | 
The BazaLoader infection chain includes a live call center and "customer service" from criminals, researchers report.
DHS Orders Pipeline Operators to Report Cyberattacks, Review Security Posture
News  |  5/27/2021  | 
On the heels of the Colonial Pipeline attack, the US Department of Homeland Security aims to force a reticent industry to improve its ability to detect and respond to cybersecurity attacks.
ExtraHop Explains How Advanced Threats Dominate Threat Landscape
Commentary  |  5/27/2021  | 
SPONSORED: WATCH NOW -- How do SOC professionals build a strategy when they lack basic information about how such threats operate? Advanced threats by their very nature create plenty of uncertainty, according to Matt Cauthorn, VP of cloud security for ExtraHop.
Google Discovers New Rowhammer Attack Technique
Quick Hits  |  5/26/2021  | 
Researchers publish the details of a new Rowhammer vulnerability called "Half-Double" that exploits increasingly smaller DRAM chips.
Devo: SIEM Continues to Evolve with Tech Trends and Emerging Threats
Commentary  |  5/26/2021  | 
SPONSORED: WATCH NOW -- Some organizations split the difference with a hybrid of premises- and cloud-based SIEM, says Ted Julian, senior VP of product at Devo. As security data volumes continue to increase, SIEM's evolution will only continue.
New Iranian Threat Actor Using Ransomware, Wipers in Destructive Attacks
News  |  5/26/2021  | 
The Agrius group's focus appears to be Israel and the Middle East.
Cloud Compromise Costs Organizations $6.2M Per Year
News  |  5/25/2021  | 
Organizations reported an average of 19 cloud-based compromises in the past year, but most don't evaluate the security of SaaS apps before deployment.
Rise in Opportunistic Hacks and Info-Sharing Imperil Industrial Networks
News  |  5/25/2021  | 
Security researchers at Mandiant have seen an increasing wave of relatively simplistic attacks involving ICS systems - and attackers sharing their finds with one another - since 2020.
Russia Profiting from Massive Hydra Cybercrime Marketplace
News  |  5/25/2021  | 
An analysis of Bitcoin transactions from the Hydra marketplace show that the operators are locking sellers into Russian exchanges, likely fueling profits for local actors.
Page 1 / 2   >   >>


Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Zero Trust doesn't have to break your budget!
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31476
PUBLISHED: 2021-06-16
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the han...
CVE-2021-31477
PUBLISHED: 2021-06-16
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GE Reason RPV311 14A03. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware and filesystem of the device. The firmware and filesystem contain hard-...
CVE-2021-32690
PUBLISHED: 2021-06-16
Helm is a tool for managing Charts (packages of pre-configured Kubernetes resources). In versions of helm prior to 3.6.1, a vulnerability exists where the username and password credentials associated with a Helm repository could be passed on to another domain referenced by that Helm repository. This...
CVE-2021-32691
PUBLISHED: 2021-06-16
Apollos Apps is an open source platform for launching church-related apps. In Apollos Apps versions prior to 2.20.0, new user registrations are able to access anyone's account by only knowing their basic profile information (name, birthday, gender, etc). This includes all app functionality within th...
CVE-2021-32243
PUBLISHED: 2021-06-16
FOGProject v1.5.9 is affected by a File Upload RCE (Authenticated).