Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content
Page 1 / 2   >   >>
Supernova Malware Actors Masqueraded as Remote Workers to Access Breached Network
News  |  4/22/2021  | 
China-based Spiral group is believed to be behind year-long attack, which exploited a flaw in SolarWinds Orion technology to drop a Web shell.
New CISA Advisories Warn of ICS Vulnerabilities
Quick Hits  |  4/22/2021  | 
The vulnerabilities exist in Cscape control system application programming software and the Mitsubishi Electric GOT.
Prometei Botnet Adds New Twist to Exchange Server Attacks
Quick Hits  |  4/22/2021  | 
Attackers are using the well-known Microsoft Exchange Server flaw to add machines to a cryptocurrency botnet, researchers say.
Improving the Vulnerability Reporting Process With 5 Steps
Commentary  |  4/22/2021  | 
Follow these tips for an effective and positive experience for both the maintainer and external vulnerability reporter.
University Suspends Project After Researchers Submitted Vulnerable Linux Patches
News  |  4/22/2021  | 
A Linux maintainer pledges to stop taking code submissions from the University of Minnesota after a research team purposely submitted vulnerabilities to show software supply chain weaknesses.
Name That Toon: Greetings, Earthlings
Commentary  |  4/22/2021  | 
Caption time! Come up with something out of this world for Dark Reading's latest contest, and our panel of experts will reward the winner with a $25 Amazon gift card.
10 Free Security Tools at Black Hat Asia 2021
Slideshows  |  4/22/2021  | 
Researchers are set to demonstrate a plethora of tools for conducting pen tests, vulnerability assessments, data forensics, and a wide range of other use cases.
Looking for Greater Security Culture? Ask an 8-Bit Plumber
Commentary  |  4/22/2021  | 
After 40 years of navigating catastrophes, video game character Mario can help us with a more intelligent approach to DevOps and improving security culture.
Nearly Half of All Malware Is Concealed in TLS-Encrypted Communications
News  |  4/22/2021  | 
Forty-six percent of all malware uses the cryptographic protocol to evade detection, communicate with attacker-controlled servers, and to exfiltrate data, new study shows.
Rapid7 Acquires Velociraptor Open Source Project
Quick Hits  |  4/21/2021  | 
The company plans to use Velociraptor's technology and insights to build out its own incident response capabilities.
Justice Dept. Creates Task Force to Stop Ransomware Spread
Quick Hits  |  4/21/2021  | 
One goal of the group is to take down the criminal ecosystem that enables ransomware, officials say.
Zero-Day Flaws in SonicWall Email Security Tool Under Attack
News  |  4/21/2021  | 
Three zero-day vulnerabilities helped an attacker install a backdoor, access files and emails, and move laterally into a target network.
Business Email Compromise Costs Businesses More Than Ransomware
Commentary  |  4/21/2021  | 
Ransomware gets the headlines, but business paid out $1.8 billion last year to resolve BEC issues, according to an FBI report.
How to Attack Yourself Better in 2021
Commentary  |  4/21/2021  | 
Social engineering pen testing is just one step in preventing employees from falling victim to cybercriminals.
Attackers Heavily Targeting VPN Vulnerabilities
News  |  4/21/2021  | 
Threat actors like attacking the technology because they provide a convenient entry point to enterprise networks.
Pulse Secure VPN Flaws Exploited to Target US Defense Sector
News  |  4/20/2021  | 
China-linked attackers have used vulnerabilities in the Pulse Secure VPN appliance to attack US Defense Industrial Base networks.
Foreign Spies Target British Nationals With Fake Social Media Profiles
Quick Hits  |  4/20/2021  | 
British security agency MI5 has launched a new education campaign to warn potential victims of the attacks.
Attackers Compromised Code-Checking Vendor's Tool for Two Months
News  |  4/20/2021  | 
A script used to upload sensitive reportswith access to credentials and datastoreslikely sent information on hundreds, possibly thousands, of companies to attackers.
Dept. of Energy Launches Plan to Protect Electric Grid from Cyberattack
Quick Hits  |  4/20/2021  | 
Over the next 100 days, the DoE will work with electric utilities to improve visibility, detection, and response for industrial control systems.
2020 Changed Identity Forever; What's Next?
Commentary  |  4/20/2021  | 
For all the chaos the pandemic caused, it also sparked awareness of how important an identity-centric approach is to securing today's organizations.
Beware the Bug Bounty
Commentary  |  4/20/2021  | 
In recent months, bug-bounty programs have shifted from mitigating risk to inadvertently creating new liabilities for customers and vendors.
White House Scales Back Response to SolarWinds & Exchange Server Attacks
News  |  4/19/2021  | 
Lessons learned from the Unified Coordination Groups will be used to inform future response efforts, a government official says.
Attackers Test Weak Passwords in Purple Fox Malware Attacks
Quick Hits  |  4/19/2021  | 
Researchers share a list of passwords that Purple Fox attackers commonly brute force when targeting the SMB protocol.
Lazarus Group Uses New Tactic to Evade Detection
Quick Hits  |  4/19/2021  | 
Attackers conceal malicious code within a BMP file to slip past security tools designed to detect embedded objects within images.
SolarWinds: A Catalyst for Change & a Cry for Collaboration
Commentary  |  4/19/2021  | 
Cybersecurity is more than technology or safeguards like zero trust; mostly, it's about collaboration.
Pandemic Drives Greater Need for Endpoint Security
Quick Hits  |  4/16/2021  | 
Endpoint security has changed. Can your security plan keep up?
High-Level Admin of FIN7 Cybercrime Group Sentenced to 10 Years in Prison
Quick Hits  |  4/16/2021  | 
Fedir Hladyr pleaded guilty in 2019 to conspiracy to commit wire fraud and conspiracy to commit computer hacking.
Security Gaps in IoT Access Control Threaten Devices and Users
News  |  4/16/2021  | 
Researchers spot problems in how IoT vendors delegate device access across multiple clouds and users.
How the Biden Administration Can Make Digital Identity a Reality
Commentary  |  4/16/2021  | 
A digital identity framework is the answer to the US government's cybersecurity dilemma.
Software Developer Arrested in Computer Sabotage Case
Quick Hits  |  4/15/2021  | 
Officials say Davis Lu placed malicious code on servers in a denial-of-service attack on his employer.
Google Brings 37 Security Fixes to Chrome 90
Quick Hits  |  4/15/2021  | 
The latest version of Google Chrome also introduces HTTPS as the browser's default protocol.
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
News  |  4/15/2021  | 
Treasury Department slaps sanctions on IT security firms that it says supported Russia's Foreign Intelligence Service carry out the attacks.
Pandemic Pushes Bot Operators to Redirect Efforts
News  |  4/15/2021  | 
As demand for travel, lodging, and concerts plummeted in 2020, bot traffic moved to more popular activities, such as e-commerce, healthcare, and government sites.
6 Tips for Managing Operational Risk in a Downturn
Commentary  |  4/15/2021  | 
Many organizations adjust their risk appetite in an economic downturn, as risk is expanded to include supplier and customer insolvency, not to mention cash-flow changes.
Nation-State Attacks Force a New Paradigm: Patching as Incident Response
Commentary  |  4/15/2021  | 
IT no longer has the luxury of thoroughly testing critical vulnerability patches before rolling them out.
Malicious PowerShell Use, Attacks on Office 365 Accounts Surged in Q4
News  |  4/15/2021  | 
There was also a sharp increase in overall malware volumes in the fourth quarter of 2020, COVID-19 related attack activity, and mobile malware, new data shows.
Thycotic & Centrify Merge to Form Cloud Identity Security Firm
Quick Hits  |  4/14/2021  | 
The combined entity will expand on both companies' privileged access management tools and expects to debut a new brand this year.
CISA Urges Caution for Security Researchers Targeted in Attack Campaign
Quick Hits  |  4/14/2021  | 
The agency urges researchers to take precautions amid an ongoing targeted threat campaign.
FBI Operation Remotely Removes Web Shells From Exchange Servers
News  |  4/14/2021  | 
A court order authorized the FBI to remove malicious Web shells from hundreds of vulnerable machines running on-premises Exchange Server.
Bolstering Our Nation's Defenses Against Cybersecurity Attacks
Commentary  |  4/14/2021  | 
Shawn Henry, former Executive Assistant Director of the FBI and current CrowdStrike president of services and CSO, shares the top three cybersecurity priorities that the Biden administration needs to address.
Dependency Problems Increase for Open Source Components
News  |  4/14/2021  | 
The number of components in the average application rose 77% over two years. No wonder, then, that 84% of codebases have at least one vulnerability.
DNS Vulnerabilities Expose Millions of Internet-Connected Devices to Attack
News  |  4/13/2021  | 
Researchers uncover a fresh set of nine vulnerabilities in four TCP/IP stacks that are widely used in everything from powerful servers and firewalls to consumer IoT products.
NSA Alerted Microsoft to New Exchange Server Vulnerabilities
News  |  4/13/2021  | 
Microsoft today patched 114 CVEs to address the Exchange Server flaws, more than 50 remote code execution vulnerabilities, and one zero-day.
Compromised Microsoft Exchange Server Used to Host Cryptominer
Quick Hits  |  4/13/2021  | 
Researchers say an unknown attacker is targeting vulnerable Exchange Servers with a payload hosted on a compromised Exchange Server.
Global Dwell Time Drops as Ransomware Attacks Accelerate
News  |  4/13/2021  | 
The length of time attackers remain undiscovered in a target network has fallen to 24 days, researchers report, but ransomware plays a role.
Dark Reading to Upgrade Site Design, Performance
Commentary  |  4/13/2021  | 
Improvements will make site content easier to navigate, faster, and more functional.
5 Objectives for Establishing an API-First Security Strategy
Commentary  |  4/13/2021  | 
With APIs predicted to be the most common attack vector by 2022, an API-first security strategy is critical now more than ever.
Clear & Present Danger: Data Hoarding Undermines Better Security
Commentary  |  4/13/2021  | 
Facebook and Google can identify patterns of attack within their own data, but smaller businesses rarely see enough traffic to successfully identify an attack or warn users.
Biden Nominates Former NSA Officials for Top Cybersecurity Roles
News  |  4/12/2021  | 
President Biden has nominated Jen Easterly as the new director of CISA and is expected to nominate Chris Inglis as the first national cyber director.
Microsoft Warns of Malware Delivery via Google URLs
Quick Hits  |  4/12/2021  | 
A new campaign abuses legitimate website contact forms to send URLs that ultimately deliver the IcedID banking Trojan.
Page 1 / 2   >   >>


News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: "Elon, I think our cover's been blown."
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-2296
PUBLISHED: 2021-04-22
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...
CVE-2021-2297
PUBLISHED: 2021-04-22
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...
CVE-2021-2298
PUBLISHED: 2021-04-22
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attac...
CVE-2021-2299
PUBLISHED: 2021-04-22
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful atta...
CVE-2021-2300
PUBLISHED: 2021-04-22
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of...