Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Advanced Threats posted in April 2020
The Rise of Deepfakes and What That Means for Identity Fraud
Commentary  |  4/30/2020  | 
Convincing deepfakes are a real concern, but there are ways of fighting back.
7 Fraud Predictions in the Wake of the Coronavirus
Commentary  |  4/29/2020  | 
It's theme and variations in the fraud world, and fraudsters love -- and thrive -- during chaos and confusion
Phishers Start to Exploit Oil Industry Amid COVID-19 Woes
News  |  4/29/2020  | 
While a massive flood of attacks has yet to materialize, cybersecurity experts say this could be the calm before the storm.
4 Ways to Get to Defensive When Faced by an Advanced Attack
Commentary  |  4/29/2020  | 
To hold your own against nation-state-grade attacks, you must think and act differently.
Continued Use of Python 2 Will Heighten Security Risks
News  |  4/28/2020  | 
With support for the programming language no longer available, organizations should port to Python 3, security researches say.
Attackers Target Sophos Firewalls with Zero-Day
News  |  4/27/2020  | 
Remote exploit compromises specific configurations of XG firewalls with the intent of stealing data from the devices.
Cybercrime Group Steals $1.3M from Banks
News  |  4/24/2020  | 
A look at how the so-called Florentine Banker Group lurked for two months in a sophisticated business email compromise attack on Israeli and UK financial companies.
11 Tips for Protecting Active Directory While Working from Home
Commentary  |  4/22/2020  | 
To improve the security of your corporate's network, protect the remote use of AD credentials.
Attackers Aim at Software Supply Chain with Package Typosquatting
News  |  4/21/2020  | 
Attackers seed Ruby Gems repository with more than 760 malicious packages using names just a bit different than the standard code libraries.
7 Steps to Avoid the Top Cloud Access Risks
Commentary  |  4/21/2020  | 
Securing identities and data in the cloud is challenging, but a least-privilege access approach helps.
5 Things Ransomware Taught Me About Responding in a Crisis
Commentary  |  4/16/2020  | 
What happened in Atlanta is worth studying because it was one of the earliest cases of a major city ransomware attacks and because it came out the other side stronger and more resilient.
DHS Issues Alert for New North Korean Cybercrime
Quick Hits  |  4/15/2020  | 
Cyber actors from North Korea's intelligence agencies are launching new attacks on financial targets, including hacks for hire on the open market.
Man-in-the-Middle Attacks: A Growing but Preventable Mobile Threat
Commentary  |  4/15/2020  | 
Hackers are upping their game, especially as they target mobile devices.
You're One Misconfiguration Away from a Cloud-Based Data Breach
Commentary  |  4/14/2020  | 
Don't assume that cyberattacks are all you have to worry about. Misconfigurations should also be a top cause of concern.
7 Ways COVID-19 Has Changed Our Online Lives
Slideshows  |  4/14/2020  | 
The pandemic has driven more of our personal and work lives online and for the bad guys, business is booming. Here's how you can protect yourself.
Cybercrime May Be the World's Third-Largest Economy by 2021
Commentary  |  4/13/2020  | 
The underground economy is undergoing an industrialization wave and booming like never before.
Medical Devices on the IoT Put Lives at Risk
Commentary  |  4/9/2020  | 
Device security must become as important a product design feature as safety and efficacy.
Active Directory Attacks Hit the Mainstream
Commentary  |  4/1/2020  | 
Understanding the limitations of authentication protocols, especially as enterprises link authentication to cloud services to Active Directory, is essential for security teams in the modern federated enterprise.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Incorporating a Prevention Mindset into Threat Detection and Response
Threat detection and response systems, by definition, are reactive because they have to wait for damage to be done before finding the attack. With a prevention-mindset, security teams can proactively anticipate the attacker's next move, rather than reacting to specific threats or trying to detect the latest techniques in real-time. The report covers areas enterprises should focus on: What positive response looks like. Improving security hygiene. Combining preventive actions with red team efforts.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-29376
PUBLISHED: 2022-05-23
Xampp for Windows v8.1.4 and below was discovered to contain insecure permissions for its install directory, allowing attackers to execute arbitrary code via overwriting binaries located in the directory.
CVE-2022-30015
PUBLISHED: 2022-05-23
In Simple Food Website 1.0, a moderation can put the Cross Site Scripting Payload in any of the fields on http://127.0.0.1:1234/food/admin/all_users.php like Full Username, etc .This causes stored xss.
CVE-2022-28999
PUBLISHED: 2022-05-23
Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers to execute arbitrary code via overwriting the binary devcpp.exe.
CVE-2022-29002
PUBLISHED: 2022-05-23
A Cross-Site Request Forgery (CSRF) in XXL-Job v2.3.0 allows attackers to arbitrarily create administrator accounts via the component /gaia-job-admin/user/add.
CVE-2022-31489
PUBLISHED: 2022-05-23
Inout Blockchain AltExchanger 1.2.1 allows index.php/home/about inoutio_language cookie SQL injection.