Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Advanced Threats posted in May 2016
Wekby 'Pisloader' Abuses DNS
News  |  5/31/2016  | 
New malware family 'pisloader' uses DNS requests for command and control.
SWIFT Proposes New Measures For Bolstering Its Security
News  |  5/27/2016  | 
Measures come amid news that up to 12 banks may have fallen victim to attacks attempting to steal millions via the SWIFT network.
DNS Management Provider Hit With Sophisticated, 'Precise' DDoS Attacks
News  |  5/27/2016  | 
NS1 CEO says other DNS providers also have been attacked over the past few months.
Bangladesh Reopens 2013 Cold Case Of Bank Theft Via SWIFT
Quick Hits  |  5/26/2016  | 
Authorities cite similarities in Sonali Bank hack with February's $81 million central bank theft.
TeslaCrypt Ransomware Group Pulls Plug, Releases Decrypt Key
News  |  5/20/2016  | 
But dont be surprised if group revives campaign or launches another one, security researchers say.
Bangladesh Officials Computer Hacked To Carry Out $81 Million Theft
Quick Hits  |  5/20/2016  | 
Bangladeshi diplomat shares FBI report with Philippine inquiry panel on Bangladesh Bank theft.
OPM Breach: Cyber Sprint Response More Like A Marathon
News  |  5/19/2016  | 
Sixty-five percent of federal security execs surveyed in new (ISC)2 report say that government still cant detect ongoing cyber attacks.
'Skimer' Stealing Money, Card Data From ATMs Around Globe
News  |  5/18/2016  | 
Windows-based ATMs are vulnerable to this new variant of ATM malware, Kaspersky Lab says.
Tennessee Man Found Guilty Of Mitt Romney Tax Return Hack Scheme
Quick Hits  |  5/16/2016  | 
Convicted for attempt to blackmail PwC accounting firm with release of former U.S. Presidential candidate's pre-2010 tax returns.
CISO Playbook: Games Of War & Cyber Defenses
Commentary  |  5/16/2016  | 
Limiting incident response planning to hypothetical table-top scenarios is far too risky in todays threat environment. But with cyberwar gaming, you can simulate the experience of a real attack.
Bangladesh Bank Theft: New York Fed Stands By Transfer Procedures
Quick Hits  |  5/16/2016  | 
Bank replies to US lawmaker query whether transfer of funds should have been blocked.
SWIFT Confirms Cyber Heist At Second Bank; Researchers Tie Malware Code to Sony Hack
News  |  5/13/2016  | 
Operator of global secure messaging system for banks warns of highly adaptive campaign
'Pawn Storm' APT Campaign Rolls On With Attacks in Germany, Turkey
News  |  5/13/2016  | 
Offices of German chancellor Angela Merkel among those targeted in recent attacks, Trend Micro says.
US, China Hold Cyber Talks For First Time After September Deal
Quick Hits  |  5/13/2016  | 
Meeting was part of pledge between heads of both nations for joint action on growing cyberspace concerns.
Bangladesh Bank Theft: SWIFT CEO Rejects Theory Of Loopholes In Network
Quick Hits  |  5/13/2016  | 
Leibbrandt says customer fraud is the likely explanation for the $81 Million bank heist.
6 Shocking Intellectual Property Breaches
Slideshows  |  5/12/2016  | 
Not all breaches involve lost customer data. Sometimes the most damaging losses come when intellectual property is pilfered.
What Makes Next-Gen Endpoint Protection Unique?
Slideshows  |  5/10/2016  | 
Here are five critical factors you need to know about today's new breed of endpoint protection technology.
The 10 Worst Vulnerabilities of The Last 10 Years
Slideshows  |  5/6/2016  | 
From the thousands of vulns that software vendors disclosed over the past 10 years, a few stand out for being a lot scarier than the rest.
Stupid Locky Network Breached
News  |  5/5/2016  | 
For the second time in recent months, a white hat hacker appears to have broken into a C&C server for a major malware threat.
Ransomware Spikes, Tries New Tricks
News  |  5/2/2016  | 
Ransomware authors constantly upping their game, techniques, to stay ahead of security researchers.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-37457
PUBLISHED: 2021-07-25
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the SipRule field (stored).
CVE-2021-37458
PUBLISHED: 2021-07-25
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the primary phone field (stored).
CVE-2021-37459
PUBLISHED: 2021-07-25
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the customer name field (stored).
CVE-2021-37460
PUBLISHED: 2021-07-25
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /planprop?id= (reflected).
CVE-2021-37461
PUBLISHED: 2021-07-25
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /extensionsinstruction?id= (reflected).