Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in April 2021
<<   <   Page 2 / 3   >   >>
Pulse Secure VPN Flaws Exploited to Target US Defense Sector
News  |  4/20/2021  | 
China-linked attackers have used vulnerabilities in the Pulse Secure VPN appliance to attack US Defense Industrial Base networks.
Foreign Spies Target British Nationals With Fake Social Media Profiles
Quick Hits  |  4/20/2021  | 
British security agency MI5 has launched a new education campaign to warn potential victims of the attacks.
Attackers Compromised Code-Checking Vendor's Tool for Two Months
News  |  4/20/2021  | 
A script used to upload sensitive reportswith access to credentials and datastoreslikely sent information on hundreds, possibly thousands, of companies to attackers.
Dept. of Energy Launches Plan to Protect Electric Grid from Cyberattack
Quick Hits  |  4/20/2021  | 
Over the next 100 days, the DoE will work with electric utilities to improve visibility, detection, and response for industrial control systems.
2020 Changed Identity Forever; What's Next?
Commentary  |  4/20/2021  | 
For all the chaos the pandemic caused, it also sparked awareness of how important an identity-centric approach is to securing today's organizations.
Beware the Bug Bounty
Commentary  |  4/20/2021  | 
In recent months, bug-bounty programs have shifted from mitigating risk to inadvertently creating new liabilities for customers and vendors.
White House Scales Back Response to SolarWinds & Exchange Server Attacks
News  |  4/19/2021  | 
Lessons learned from the Unified Coordination Groups will be used to inform future response efforts, a government official says.
Attackers Test Weak Passwords in Purple Fox Malware Attacks
Quick Hits  |  4/19/2021  | 
Researchers share a list of passwords that Purple Fox attackers commonly brute force when targeting the SMB protocol.
Lazarus Group Uses New Tactic to Evade Detection
Quick Hits  |  4/19/2021  | 
Attackers conceal malicious code within a BMP file to slip past security tools designed to detect embedded objects within images.
SolarWinds: A Catalyst for Change & a Cry for Collaboration
Commentary  |  4/19/2021  | 
Cybersecurity is more than technology or safeguards like zero trust; mostly, it's about collaboration.
Pandemic Drives Greater Need for Endpoint Security
Quick Hits  |  4/16/2021  | 
Endpoint security has changed. Can your security plan keep up?
High-Level Admin of FIN7 Cybercrime Group Sentenced to 10 Years in Prison
Quick Hits  |  4/16/2021  | 
Fedir Hladyr pleaded guilty in 2019 to conspiracy to commit wire fraud and conspiracy to commit computer hacking.
Security Gaps in IoT Access Control Threaten Devices and Users
News  |  4/16/2021  | 
Researchers spot problems in how IoT vendors delegate device access across multiple clouds and users.
How the Biden Administration Can Make Digital Identity a Reality
Commentary  |  4/16/2021  | 
A digital identity framework is the answer to the US government's cybersecurity dilemma.
Software Developer Arrested in Computer Sabotage Case
Quick Hits  |  4/15/2021  | 
Officials say Davis Lu placed malicious code on servers in a denial-of-service attack on his employer.
Google Brings 37 Security Fixes to Chrome 90
Quick Hits  |  4/15/2021  | 
The latest version of Google Chrome also introduces HTTPS as the browser's default protocol.
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
News  |  4/15/2021  | 
Treasury Department slaps sanctions on IT security firms that it says supported Russia's Foreign Intelligence Service carry out the attacks.
Pandemic Pushes Bot Operators to Redirect Efforts
News  |  4/15/2021  | 
As demand for travel, lodging, and concerts plummeted in 2020, bot traffic moved to more popular activities, such as e-commerce, healthcare, and government sites.
6 Tips for Managing Operational Risk in a Downturn
Commentary  |  4/15/2021  | 
Many organizations adjust their risk appetite in an economic downturn, as risk is expanded to include supplier and customer insolvency, not to mention cash-flow changes.
Nation-State Attacks Force a New Paradigm: Patching as Incident Response
Commentary  |  4/15/2021  | 
IT no longer has the luxury of thoroughly testing critical vulnerability patches before rolling them out.
Malicious PowerShell Use, Attacks on Office 365 Accounts Surged in Q4
News  |  4/15/2021  | 
There was also a sharp increase in overall malware volumes in the fourth quarter of 2020, COVID-19 related attack activity, and mobile malware, new data shows.
Thycotic & Centrify Merge to Form Cloud Identity Security Firm
Quick Hits  |  4/14/2021  | 
The combined entity will expand on both companies' privileged access management tools and expects to debut a new brand this year.
CISA Urges Caution for Security Researchers Targeted in Attack Campaign
Quick Hits  |  4/14/2021  | 
The agency urges researchers to take precautions amid an ongoing targeted threat campaign.
FBI Operation Remotely Removes Web Shells From Exchange Servers
News  |  4/14/2021  | 
A court order authorized the FBI to remove malicious Web shells from hundreds of vulnerable machines running on-premises Exchange Server.
Bolstering Our Nation's Defenses Against Cybersecurity Attacks
Commentary  |  4/14/2021  | 
Shawn Henry, former Executive Assistant Director of the FBI and current CrowdStrike president of services and CSO, shares the top three cybersecurity priorities that the Biden administration needs to address.
Dependency Problems Increase for Open Source Components
News  |  4/14/2021  | 
The number of components in the average application rose 77% over two years. No wonder, then, that 84% of codebases have at least one vulnerability.
DNS Vulnerabilities Expose Millions of Internet-Connected Devices to Attack
News  |  4/13/2021  | 
Researchers uncover a fresh set of nine vulnerabilities in four TCP/IP stacks that are widely used in everything from powerful servers and firewalls to consumer IoT products.
NSA Alerted Microsoft to New Exchange Server Vulnerabilities
News  |  4/13/2021  | 
Microsoft today patched 114 CVEs to address the Exchange Server flaws, more than 50 remote code execution vulnerabilities, and one zero-day.
Compromised Microsoft Exchange Server Used to Host Cryptominer
Quick Hits  |  4/13/2021  | 
Researchers say an unknown attacker is targeting vulnerable Exchange Servers with a payload hosted on a compromised Exchange Server.
Global Dwell Time Drops as Ransomware Attacks Accelerate
News  |  4/13/2021  | 
The length of time attackers remain undiscovered in a target network has fallen to 24 days, researchers report, but ransomware plays a role.
Dark Reading to Upgrade Site Design, Performance
Commentary  |  4/13/2021  | 
Improvements will make site content easier to navigate, faster, and more functional.
5 Objectives for Establishing an API-First Security Strategy
Commentary  |  4/13/2021  | 
With APIs predicted to be the most common attack vector by 2022, an API-first security strategy is critical now more than ever.
Clear & Present Danger: Data Hoarding Undermines Better Security
Commentary  |  4/13/2021  | 
Facebook and Google can identify patterns of attack within their own data, but smaller businesses rarely see enough traffic to successfully identify an attack or warn users.
Biden Nominates Former NSA Officials for Top Cybersecurity Roles
News  |  4/12/2021  | 
President Biden has nominated Jen Easterly as the new director of CISA and is expected to nominate Chris Inglis as the first national cyber director.
Microsoft Warns of Malware Delivery via Google URLs
Quick Hits  |  4/12/2021  | 
A new campaign abuses legitimate website contact forms to send URLs that ultimately deliver the IcedID banking Trojan.
Federal Reserve Chairman Says Cyber-Risk a Top Threat to National Economy
Quick Hits  |  4/12/2021  | 
Jerome Powell tells 60 Minutes that cyberattacks have the potential to do major damage to US financial system.
Microsoft Uses Machine Learning to Predict Attackers' Next Steps
News  |  4/12/2021  | 
Researchers build a model to attribute attacks to specific groups based on tactics, techniques, and procedures, and then figure out their next move.
New Malware Downloader Spotted in Targeted Campaigns
News  |  4/12/2021  | 
Saint Bot is being used to drop stealers on compromised systems but could be used to deliver any malware.
Wake Up and Smell the JavaScript
Commentary  |  4/12/2021  | 
The SolarWinds attack showed the true meaning of a supply chain breach. And it's the canary in the coal mine for sensitive data on the Web.
Omdia Research Spotlight: XDR
Commentary  |  4/12/2021  | 
Few emerging cybersecurity market segments are garnering more attention than XDR. Here, Omdia highlights its recent research on XDR.
CISA Launches New Threat Detection Dashboard
Quick Hits  |  4/9/2021  | 
Aviary is a new dashboard that works with CISA's Sparrow threat detection tool.
Unofficial Android App Store APKPure Infected With Malware
Quick Hits  |  4/9/2021  | 
The APKPure app store was infected with malware that can download Trojans to other Android devices, researchers report.
8 Security & Privacy Apps to Share With Family and Friends
Slideshows  |  4/9/2021  | 
Mobile apps to recommend to the people in your life who want to improve their online security and privacy.
Women Are Facing an Economic Crisis & the Cybersecurity Industry Can Help
Commentary  |  4/9/2021  | 
Investing in women's cybersecurity careers can bring enormous benefits and help undo some of the significant economic damage wrought by the pandemic.
Zoom Joins Microsoft Teams on List of Enterprise Tools Hacked at Pwn2Own
News  |  4/8/2021  | 
White-hat hacking event shows yet again why there's no such thing as foolproof security against modern attacks.
Fraudsters Use HTML Legos to Evade Detection in Phishing Attack
Quick Hits  |  4/8/2021  | 
Criminals stitch pieces of HTML together and hide them in JavaScript files, researchers report.
600K Payment Card Records Leaked After Swarmshop Breach
Quick Hits  |  4/8/2021  | 
A leaked database also contains the nicknames, hashed passwords, contact details, and activity history of Swarmshop admins, sellers, and buyers.
Handcuffs Over AI: Solving Security Challenges With Law Enforcement
Commentary  |  4/8/2021  | 
We've tried everything else ... now it's time to make the prospect of getting caught -- and punished -- a real deterrent to cybercrime.
SecOps and DevOps: From Cooperation to Automation
SecOps and DevOps: From Cooperation to Automation
Dark Reading Videos  |  4/7/2021  | 
Omdia Principal Analyst Eric Parizo discusses the major obstacles SecOps organizations face as they seek to build ties with DevOps teams, and offers a programmatic approach to help create a path toward DevSecOps.
Did 4 Major Ransomware Groups Truly Form a Cartel?
News  |  4/7/2021  | 
An analysis of well-known extortion groups and their cryptocurrency transactions reveals the answer.
<<   <   Page 2 / 3   >   >>


Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-20027
PUBLISHED: 2021-06-14
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls.
CVE-2021-32684
PUBLISHED: 2021-06-14
magento-scripts contains scripts and configuration used by Create Magento App, a zero-configuration tool-chain which allows one to deploy Magento 2. In versions 1.5.1 and 1.5.2, after changing the function from synchronous to asynchronous there wasn't implemented handler in the start, stop, exec, an...
CVE-2021-34693
PUBLISHED: 2021-06-14
net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.
CVE-2021-27887
PUBLISHED: 2021-06-14
Cross-site Scripting (XSS) vulnerability in the main dashboard of Ellipse APM versions allows an authenticated user or integrated application to inject malicious data into the application that can then be executed in a victim&acirc;&euro;&trade;s browser. This issue affects: Hitachi ABB Power Grids ...
CVE-2021-27196
PUBLISHED: 2021-06-14
Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce the...