Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in February 2021
Page 1 / 3   >   >>
NSA Releases Guidance on Zero-Trust Architecture
Quick Hits  |  2/26/2021  | 
A new document provides guidance for businesses planning to implement a zero-trust system management strategy.
Attackers Turn Struggling Software Projects Into Trojan Horses
News  |  2/26/2021  | 
While access to compromised systems has become an increasingly common service, some cybercriminals are going straight to the source: buying code bases and then updating the application with malicious code.
After a Year of Quantum Advances, the Time to Protect Is Now
Commentary  |  2/26/2021  | 
Innovations in quantum computing mean enterprise and manufacturing organizations need to start planning now to defend against new types of cybersecurity threats.
Inside Strata's Plans to Solve the Cloud Identity Puzzle
News  |  2/25/2021  | 
Strata Identity was founded to change businesses' approach to identity management as multicloud environments become the norm.
Microsoft Releases Free Tool for Hunting SolarWinds Malware
News  |  2/25/2021  | 
Meanwhile, researchers at SecurityScorecard say the "fileless" malware loader in the attack - Teardrop - actually dates back to 2017.
North Korea's Lazarus Group Expands to Stealing Defense Secrets
News  |  2/25/2021  | 
Several gigabytes of sensitive data stolen from one restricted network, with organizations in more than 12 countries impacted, Kaspersky says.
Ransomware, Phishing Will Remain Primary Risks in 2021
News  |  2/25/2021  | 
Attackers have doubled down on ransomware and phishing -- with some tweaks -- while deepfakes and disinformation will become more major threats in the future, according to a trio of threat reports.
Thousands of VMware Servers Exposed to Critical RCE Bug
Quick Hits  |  2/25/2021  | 
Security experts report scanning activity targeting vulnerable vCenter servers after a researcher published proof-of-concept code.
5 Key Steps Schools Can Take to Defend Against Cyber Threats
Commentary  |  2/25/2021  | 
Educational institutions have become prime targets, but there are things they can do to stay safer.
How to Avoid Falling Victim to a SolarWinds-Style Attack
Commentary  |  2/25/2021  | 
A multilayered, zero-trust security posture provides a better chance of fending off sophisticated supply chain attackers before it's too late.
Cybercriminals Target QuickBooks Databases
News  |  2/24/2021  | 
Stolen financial files then get sold on the Dark Web, researchers say.
New APT Group Targets Airline Industry & Immigration
News  |  2/24/2021  | 
LazyScript bears similarities to some Middle Eastern groups but appears to be a distinct operation of its own, Malwarebytes says.
61% of Malware Delivered via Cloud Apps: Report
Quick Hits  |  2/24/2021  | 
Researchers report the majority of malware is now delivered via cloud applications - a jump from 48% last year.
Google Invests in Linux Kernel Developers to Focus on Security
News  |  2/24/2021  | 
Google will fund two full-time Linux kernel developers to maintain and improve Linux security in the long term.
Kaseya Buys Managed SOC Provider
Quick Hits  |  2/24/2021  | 
Purchase extends offerings for MSP and SMB customers
The Realities of Extended Detection and Response (XDR) Technology
Commentary  |  2/24/2021  | 
While the term XDR has become pervasive, the technology and market remain a work in progress with lots of innovation and market confusion.
Universities Face Double Threat of Ransomware, Data Breaches
News  |  2/24/2021  | 
Lack of strong security policies put many schools at risk of compromise, disrupted services, and collateral damage.
3 Security Flaws in Smart Devices & IoT That Need Fixing
Commentary  |  2/24/2021  | 
The scope and danger of unsecured, Internet-connected hardware will only continue to deepen.
Botnet Uses Blockchain to Obfuscate Backup Command & Control Information
News  |  2/24/2021  | 
The tactic makes it much harder for defenders to take down botnets via sinkholing and other standard techniques, Akamai says.
SolarWinds Attackers Lurked for 'Several Months' in FireEye's Network
News  |  2/23/2021  | 
Top execs from FireEye, SolarWinds, Microsoft, and CrowdStrike testified before the US Senate Intelligence Committee today on the aftermath - and ongoing investigations - into the epic attacks.
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
News  |  2/23/2021  | 
Also on Krebs' radar: the cyber-response to COVID-19 and intelligence-sharing between private and public sectors.
SonicWall Releases Second Set of February Firmware Patches
Quick Hits  |  2/23/2021  | 
The latest patches, for its SMA 100 series products, comes less than three weeks after an updates to patch a zero-day vulnerability.
10K Targeted in Phishing Attacks Spoofing FedEx, DHL Express
Quick Hits  |  2/23/2021  | 
The two campaigns aimed to steal victims' business email account credentials by posing as the shipping companies.
Augmenting SMB Defense Strategies With MITRE ATT&CK: A Primer
Commentary  |  2/23/2021  | 
Any organization can use MITRE ATT&CK as a force multiplier, but it's especially valuable for small ones.
CVSS as a Framework, Not a Score
Commentary  |  2/23/2021  | 
The venerable system has served us well but is now outdated. Not that it's time to throw the system away; use it as a framework to measure risk using modern, context-based methods.
Chinese-Affiliated APT31 Cloned & Used NSA Hacking Tool
News  |  2/22/2021  | 
APT31 cloned and reused a Windows-based hacking tool for years before Microsoft patched the vulnerability, researchers report.
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
News  |  2/22/2021  | 
Almost four of every five attacks attributed in 2020 were conducted by cybercriminal groups, a significant jump from 2019, with attacks on healthcare or using the pandemic rising fast.
Accellion Data Breach Resulted in Extortion Attempts Against Multiple Victims
News  |  2/22/2021  | 
FireEye Mandiant says it discovered data stolen via flaw in Accellion FTA had landed on a Dark Web site associated with a known Russia-based threat group.
Researcher Reports Vulnerability in Apple iCloud Domain
Quick Hits  |  2/22/2021  | 
A stored cross-site scripting vulnerability in the iCloud website reportedly earned a security researcher $5,000.
Sequoia Capital Suffers Data Breach
News  |  2/22/2021  | 
The attack began with a successful phishing email.
8 Ways Ransomware Operators Target Your Network
Slideshows  |  2/22/2021  | 
Security researchers explore how criminals are expanding their arsenals with new, more subtle, and more effective ransomware attack techniques.
Cybersecurity Responsibility in a Post-Pandemic World
Cybersecurity Responsibility in a Post-Pandemic World
Dark Reading Videos  |  2/22/2021  | 
In this video, Omdia Cybersecurity Senior Research Director Maxine Holt explains why a more sustainable approach to post-pandemic cybersecurity is necessary.
What Can Your Connected Car Reveal About You?
Commentary  |  2/22/2021  | 
App developers must take responsibility for the security of users' data.
Kia Denies Ransomware Attack as IT Outage Continues
Quick Hits  |  2/19/2021  | 
Kia Motors America states there is no evidence its recent systems outage was caused by a ransomware attack.
Attackers Already Targeting Apple's M1 Chip with Custom Malware
News  |  2/19/2021  | 
A proof-of-concept program infects systems with ARM64-compiled binaries and then reaches out to download additional functionality.
How to Fine-Tune Vendor Risk Management in a Virtual World
Commentary  |  2/19/2021  | 
Without on-site audits, many organizations lack their usual visibility to assess risk factors and validate contracts and SLA with providers.
Microsoft Concludes Internal Investigation into Solorigate Breach
News  |  2/18/2021  | 
The software giant found no evidence that attackers gained extensive access to services or customer data.
CrowdStrike Buys Log Management Startup Humio for $400M
Quick Hits  |  2/18/2021  | 
CrowdStrike plans to use Humio's technology to continue building out its extended detection and response platform.
Apple Offers Closer Look at Its Platform Security Technologies, Features
News  |  2/18/2021  | 
In a nearly 200-page document, company offers a detailed overview of Secure Enclave and multiple other security controls in Apple silicon-based Macs and other platforms.
Microsoft Azure Front Door Gets a Security Upgrade
News  |  2/18/2021  | 
New SKUs in Standard and Premium preview beef up the security of the content delivery network platform.
Hiding in Plain Sight: What the SolarWinds Attack Revealed About Efficacy
Commentary  |  2/18/2021  | 
Multilayered infiltration involved custom malicious tooling, backdoors, and cloaked code, far beyond the skills of script kiddies.
Data Security Accountability in an Age of Regular Breaches
Commentary  |  2/18/2021  | 
As the number of vendors impacted by supply chain breaches grows, one constant question remains: Where exactly does accountability for data security lie, and what part do end users play in their own data breach protection?
How to Run a Successful Penetration Test
Slideshows  |  2/18/2021  | 
These seven tips will help ensure a penetration test improves your organization's overall security posture.
Virginia Takes Different Tack Than California With Data Privacy Law
Commentary  |  2/18/2021  | 
Online businesses targeting Virginia consumers and have personal data of 100,000 consumers in the state must conform to the new statute.
Egregor Arrests a Blow, but Ransomware Will Likely Bounce Back
News  |  2/17/2021  | 
Similar to previous ransomware takedowns, this disruption to the ransomware-as-a-service model will likely be short-lived, security experts say.
US Unseals Indictments Against North Korean Cyberattackers for Thefts Totaling $1.3B
News  |  2/17/2021  | 
FBI, CISA, and Treasury Department also release details about North Korean malware used in cryptocurrency thefts since 2018.
White House Says 100 Private Sector Orgs Hit in SolarWinds Campaign
Quick Hits  |  2/17/2021  | 
Anne Neuberger, a top Biden cybersecurity official, provided an update on the government's investigation into the massive breach.
Kia Faces $20M DoppelPaymer Ransomware Attack
Quick Hits  |  2/17/2021  | 
Kia Motors America this week experienced a nationwide IT outage; now, reports indicate the company was hit with ransomware.
Ransomware? Let's Call It What It Really Is: Extortionware
Commentary  |  2/17/2021  | 
Just as the targets of these attacks have shifted from individuals to corporations, so too has the narrow focus given way to applying force and pressure to pay.
Enterprise Windows Threats Drop as Mac Attacks Rise: Report
News  |  2/17/2021  | 
An analysis of 2020 malware activity indicates businesses should be worried about internal hack tools, ransomware, and spyware in the year ahead.
Page 1 / 3   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-41393
PUBLISHED: 2021-09-18
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery of SSH host certificates in some situations.
CVE-2021-41394
PUBLISHED: 2021-09-18
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows alteration of build artifacts in some situations.
CVE-2021-41395
PUBLISHED: 2021-09-18
Teleport before 6.2.12 and 7.x before 7.1.1 allows attackers to control a database connection string, in some situations, via a crafted database name or username.
CVE-2021-3806
PUBLISHED: 2021-09-18
A path traversal vulnerability on Pardus Software Center's "extractArchive" function could allow anyone on the same network to do a man-in-the-middle and write files on the system.
CVE-2021-41392
PUBLISHED: 2021-09-17
static/main-preload.js in Boost Note through 0.22.0 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which invokes the dangerous openExternal Electron API.