Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in March 2021
Page 1 / 3   >   >>
Top 5 Attack Techniques May Be Easier to Detect Than You Think
News  |  3/31/2021  | 
New analysis shows attackers for the most part are continuing to rely on the same techniques and tactics they have been using for years.
Google Updates on Campaign Targeting Security Researchers
Quick Hits  |  3/31/2021  | 
Attackers linked to North Korea began to target security researchers on social media earlier this year.
What's So Great About XDR?
Commentary  |  3/31/2021  | 
XDR is a significant advance in threat detection and response technology, but few enterprises understand why. Omdia identifies four catalysts driving the emergence of XDR.
83% of Businesses Hit With a Firmware Attack in Past Two Years
News  |  3/31/2021  | 
A new Microsoft-commissioned report finds less than 30% of organizations allocate security budget toward preventing firmware attacks.
College Students Targeted in Newest IRS Scam
Quick Hits  |  3/31/2021  | 
The Internal Revenue Service warns of fraudulent emails sent to .edu addresses.
Advice From Security Experts: How to Approach Security in the New Normal
Commentary  |  3/31/2021  | 
Here are the biggest lessons they've learned after a year of work from home, and how they advise their counterparts at organizations to proceed as a result of those lessons.
3 Ways Vendors Can Inspire Customer Trust Amid Breaches
Commentary  |  3/31/2021  | 
As customers rely more on cloud storage and remote workforces, the probability of a breach increases.
Weakness in EDR Tools Lets Attackers Push Malware Past Them
News  |  3/31/2021  | 
A technique called hooking used by most endpoint detection and response products to monitor running processes can be abused, new research shows.
Publicly Available Data Enables Enterprise Cyberattacks
News  |  3/30/2021  | 
Adversaries scour social media platforms and use other tactics to gather information that facilitates targeted enterprise attacks, research shows.
Security on a Shoestring? More Budget Means More Detection
News  |  3/30/2021  | 
Companies that spend the smallest share of their IT budget on security see fewer threats, but that's not good news.
What We Know (and Don't Know) So Far About the 'Supernova' SolarWinds Attack
News  |  3/30/2021  | 
A look at the second elusive attack targeting SolarWinds software that researchers at Secureworks recently cited as the handiwork of Chinese nation-state hackers.
White Ops Renames Company 'Human'
Quick Hits  |  3/30/2021  | 
The company first confirmed plans to change its name in October 2020.
Watch Out for These Cyber-Risks
Commentary  |  3/30/2021  | 
It's difficult to predict what will materialize in the months ahead in terms of cyber-risks, which is why it's wise to review your organization's security posture now.
Ghost Users Haunt Healthcare Firms
Quick Hits  |  3/30/2021  | 
Data security hygiene severely lacking among healthcare firms, new research shows.
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Commentary  |  3/30/2021  | 
The Cyber Kill Chain and MITRE ATT&CK are popular reference frameworks to analyze breaches, but amid the rise of XDR, we may need a new one.
In the Rush to Embrace Hybrid Cloud, Don't Forget About Security
Commentary  |  3/30/2021  | 
Cloud service providers typically only secure the infrastructure itself, while customers are responsible for their data and application security.
Manufacturing Firms Learn Cybersecurity the Hard Way
News  |  3/29/2021  | 
Although 61% of smart factories have experienced a cybersecurity incident, IT groups and operational technology groups still don't collaborate enough on security.
Attackers Target PHP Git Server to Backdoor Source Code
Quick Hits  |  3/29/2021  | 
The PHP maintainers have decided to make GitHub the official source for PHP repositories going forward.
SolarWinds Hackers Accessed DHS Chief's Email
Quick Hits  |  3/29/2021  | 
Several high-level government accounts were also breached in the attack.
4 Open Source Tools to Add to Your Security Arsenal
Commentary  |  3/29/2021  | 
Open source solutions can offer an accessible and powerful way to enhance your security-testing capabilities.
CISA Builds Out Defensive Tools for Security Teams
News  |  3/29/2021  | 
Need a tool to hunt for attacks in your network? The DHS agency bolsters the offerings in its open source toolbox.
SolarWinds Experimenting With New Software Build System in Wake of Breach
News  |  3/26/2021  | 
CISO of SolarWinds now has complete autonomy to stop product releases if security concerns exist, CEO says.
40% of Apps Leaking Information
Quick Hits  |  3/26/2021  | 
Apps in manufacturing most at risk, according to WhiteHat Security.
Apple Patches iOS Zero-Day
Quick Hits  |  3/26/2021  | 
Apple today released iOS 14.4.2 to address a security vulnerability that may have been actively exploited.
Microsoft Shares Exchange Server Post-Compromise Attack Activity
News  |  3/26/2021  | 
Microsoft shares the details of post-exploitation attack activity, including multiple ransomware payloads and a cryptocurrency botnet.
Data Bias in Machine Learning: Implications for Social Justice
Commentary  |  3/26/2021  | 
Take historically biased data, then add AI and ML to compound and exacerbate the problem.
Moving from DevOps to CloudOps: The Four-Box Problem
Commentary  |  3/26/2021  | 
With SOC teams running services on multiple cloud platforms, their big concern is how to roll up configuration of 200+ servers in a comprehensive way.
Exec Order Could Force Software Vendors to Disclose Breaches to Federal Gov't Customers
Quick Hits  |  3/25/2021  | 
A decision on the order, which contains several recommendations, is still forthcoming.
CISA Adds Two Web Shells to Exchange Server Guidance
Quick Hits  |  3/25/2021  | 
Officials update mitigation steps to include two new Malware Analysis Reports identifying Web shells seen in Exchange Server attacks.
Nearly Half of Popular Android Apps Built With High-Risk Components
News  |  3/25/2021  | 
Information leakage and applications asking for too many permissions were also major issues, according to a survey of more than 3,300 popular mobile applications.
Security Operations in the World We Live in Now
Commentary  |  3/25/2021  | 
Despite the challenges of remote work, security operations teams can position themselves well for the future.
The CIO's Shifting Role: Improving Security With Shared Responsibility
Commentary  |  3/25/2021  | 
CIOs must create a culture centered around cybersecurity that is easily visible and manageable.
How Personally Identifiable Information Can Put Your Company at Risk
Commentary  |  3/25/2021  | 
By being more mindful of how and where they share PII, employees will deprive cybercriminals of their most useful tool.
6 Tips for Limiting Damage From Third-Party Attacks
Slideshows  |  3/25/2021  | 
The ability to protect your organization from third-party attacks will become increasingly critical as attackers try to maximize the effectiveness of their malicious campaigns.
Sierra Wireless Website Still Down After Ransomware Attack
Quick Hits  |  3/24/2021  | 
The company believes the attack's impact is limited to its internal IT systems and corporate websites.
California State Controller's Office Suffers Data Breach
Quick Hits  |  3/24/2021  | 
Employee unwittingly gave hacker access to email account for more than a day.
Ransomware Incidents Continue to Dominate Threat Landscape
News  |  3/24/2021  | 
Cisco Talos' IR engagements found attackers relied heavily on malware like Zloader and BazarLoader to distribute ransomware in the past three months.
Facebook Reports China-Linked Cyberattack Targeting Uyghurs
News  |  3/24/2021  | 
Facebook has removed accounts used to send malicious links to Uyghur people with the goal of infecting their devices.
What a Federal Data Privacy Law Would Mean for Consumers
Commentary  |  3/24/2021  | 
With an array of serious proposals from both sides of the political divide, it looks as though the US may finally have a national privacy law.
How to Protect Our Critical Infrastructure From Attack
News  |  3/24/2021  | 
Just how worried should we be about a cyber or physical attack on national infrastructure? Chris Price reports on how the pandemic, the growth of remote working, and IoT are putting assets at risk.
Prioritizing Application & API Security After the COVID Cloud Rush
Commentary  |  3/24/2021  | 
As companies hit the gas to accommodate the rapid shift to work-from-home, security fell behind. Now, it's time to close those gaps.
Anti-Spoofing for Email Gains Adoption, but Enforcement Lags
News  |  3/23/2021  | 
More organizations adopt sender authentication, but strict quarantining or rejection of unauthenticated messages remains uncommon.
Inside the Web Shell Used in the Microsoft Exchange Server Attacks
News  |  3/23/2021  | 
The history and details of China Chopper - a Web shell commonly seen in the widespread Microsoft Exchange Server attacks.
Disgruntled IT Contractor Sentenced in Retaliatory Office 365 Attack
Quick Hits  |  3/23/2021  | 
Former contractor deleted 1,200 user accounts in revenge.
Organizations Making Little Headway in Addressing Human Risk
News  |  3/23/2021  | 
Most enterprise security awareness efforts remain half-hearted, a new SANS survey shows.
Do Cybercriminals Fear Arrest?
Quick Hits  |  3/23/2021  | 
Researchers explore how cybercriminals weigh the possibility of arrest and whether it deters criminal activity.
Disrupting the Cybercriminal Supply Chain
Commentary  |  3/23/2021  | 
It is time to turn the tables on cybercriminals and use their own tactics against them.
Data Protection Is a Group Effort
Commentary  |  3/23/2021  | 
When every employee is well-versed in customer data privacy principles, the DPO knows the enterprise's sensitive data is in good hands.
Researchers Discover Two Dozen Malicious Chrome Extensions
News  |  3/22/2021  | 
Extensions are being used to serve up unwanted adds, steal data, and divert users to malicious sites, Cato Networks says.
Acer Reportedly Hit With $50M Ransomware Attack
Quick Hits  |  3/22/2021  | 
Reports say a ransomware gang has given Acer until March 28 to pay, or it will double the ransom amount.
Page 1 / 3   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Enterprises are Attacking the Cybersecurity Problem
Concerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-16060
PUBLISHED: 2021-10-15
Mitsubishi Electric SmartRTU devices allow remote attackers to obtain sensitive information (directory listing and source code) via a direct request to the /web URI.
CVE-2018-16061
PUBLISHED: 2021-10-15
Mitsubishi Electric SmartRTU devices allow XSS via the username parameter or PATH_INFO to login.php.
CVE-2021-27561
PUBLISHED: 2021-10-15
Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication.
CVE-2020-4951
PUBLISHED: 2021-10-15
IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a local attacker to obtain sensitive information.
CVE-2021-28021
PUBLISHED: 2021-10-15
Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb 2.26 via a crafted JPEG file.