darkreading
The Open Source Initiative Announces Open Source AI Definition
3 weeks 2 days ago
Business Email Compromise (BEC) Impersonation: The Weapon of Choice of Cybercriminals
3 weeks 2 days ago
Casap Secures $8.5M in Funding
3 weeks 2 days ago
Cybersecurity Training Resources Often Limited to Developers
3 weeks 2 days ago
With a lack of cybersecurity awareness training resources for all employees, organizations are more susceptible to being breached or falling short when it comes to preventing threats.
Dark Reading Staff
Vishing, Mishing Go Next-Level With FakeCall Android Malware
3 weeks 2 days ago
A new variant of the sophisticated attacker tool gives cybercriminals even more control over victim devices to conduct various malicious activities, including fraud and cyber espionage.
Elizabeth Montalbano, Contributing Writer
When Cybersecurity Tools Backfire
3 weeks 2 days ago
Outages are inevitable. Our focus should be on minimizing their scope, addressing underlying causes, and understanding that protecting systems is about keeping bad actors out while maintaining stability and reliability.
Yvonne Dickinson
'CrossBarking' Attack Targeted Secret APIs, Exposing Opera Browser Users
3 weeks 2 days ago
Using a malicious Chrome extension, researchers showed how an attacker could use a now-fixed bug to inject custom code into a victim's Opera browser to exploit special and powerful APIs, used by developers and typically saved for only the most trusted sites.
Nate Nelson, Contributing Writer
Recurring Windows Flaw Could Expose User Credentials
3 weeks 3 days ago
Now a zero-day, the vulnerability enables NTLM hash theft, an issue that Microsoft has already fixed twice before.
Jai Vijayan, Contributing Writer
China's 'Evasive Panda' APT Debuts High-End Cloud Hijacking
3 weeks 3 days ago
A professional-grade tool set, appropriately dubbed "CloudScout," is infiltrating cloud apps like Microsoft Outlook and Google Drive, targeting sensitive info for exfiltration.
Tara Seals, Managing Editor, News, Dark Reading
French ISP Confirms Cyberattack, Data Breach Affecting 19M
3 weeks 3 days ago
In the latest attack against ISPs, second-largest French provider Free fell victim to unknown cyberattackers who attempted to sell the compromised data it stole from the company on an underground cybercrime forum.
Dark Reading Staff
FBI, Partners Disrupt RedLine, Meta Stealer Operations
3 weeks 3 days ago
A collaboration with the FBI and law-enforcement agencies in Europe, the UK, and Australia, Operation Magnus has seized servers and source code related to the two malware families, which have stolen data from millions of victims worldwide.
Elizabeth Montalbano, Contributing Writer
How to Find the Right CISO
3 weeks 3 days ago
Great CISOs are in short supply, so choose wisely. Here are five ways to make sure you've made the right pick.
Martha Heller
Sophos-SecureWorks Deal Focuses on Building Advanced MDR, XDR Platform
3 weeks 4 days ago
Sophos CEO Joe Levy says the $859 million deal to acquire SecureWorks from majority owner Dell Technologies will put the Taegis platform — with network detection and response, vulnerability detection and response, and identity threat detection and response capabilities — at the core.
Jeffrey Schwartz, Contributing Writer
Windows 'Downdate' Attack Reverts Patched PCs to a Vulnerable State
3 weeks 4 days ago
Windows 11 machines remain open to downgrade attacks, where attackers can abuse the Windows Update process to revive a patched driver signature enforcement (DSE) bypass.
Jai Vijayan, Contributing Writer
China's Elite Cyber Corps Hone Skills on Virtual Battlefields
3 weeks 4 days ago
The nation leads in the number of capture-the-flag tournaments sponsored by government and industry — a strategy from which Western nations could learn.
Robert Lemos, Contributing Writer
Delta Launches $500M Lawsuit Against CrowdStrike
3 weeks 4 days ago
Delta argues that it lost hundreds of million of dollars in downtime and other costs in the aftermath of the incident, while CrowdStrike says it isn't liable for more than $10 million.
Kristina Beek, Associate Editor, Dark Reading
Russia Kneecaps Ukraine Army Recruitment With Spoofed 'Civil Defense' App
3 weeks 4 days ago
Posing as an application used to locate Ukrainian military recruiters, a Kremlin-backed hacking initiative delivers malware, along with disinformation designed to undermine sign-ups for soldiers in the war against Russia.
Becky Bracken, Senior Editor, Dark Reading
Mozilla: ChatGPT Can Be Manipulated Using Hex Code
3 weeks 4 days ago
LLMs tend to miss the forest for the trees, understanding specific instructions but not their broader context. Bad actors can take advantage of this myopia to get them to do malicious things, with a new prompt-injection technique.
Nate Nelson, Contributing Writer
Put End-of-Life Software to Rest
3 weeks 4 days ago
Relying on EOL software leaves critical systems exposed — making it a problem no business can afford to ignore.
Jason Meller
Checked
6 hours 18 minutes ago
Public RSS feed
darkreading feed