Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Advanced Threats posted in June 2016
The Attribution Question: Does It Matter Who Attacked You?
News  |  6/29/2016  | 
Everyone will ask whodunnit, but how can an organization put that information to practical use during disaster recovery and planning for the future?
Over 25,000 IoT CCTV Cameras Used In DDoS Attack
Quick Hits  |  6/29/2016  | 
Probe uncovers attacks generated from 105 global locations and delivering 50,000 HTTP requests per second.
Hackers Pilfer $10 Million From Ukraine Bank
Quick Hits  |  6/29/2016  | 
Reports allege criminals used SWIFT to transfer money, have compromised several Ukraine, Russia banks.
Attackers Wrapping New Tools In Old Malware To Target Medical Devices
News  |  6/28/2016  | 
Hospital equipment running old operating systems providing safe harbor for data theft, TrapX says.
Google Accounts Of US Military, Journalists Targeted By Russian Attack Group
News  |  6/27/2016  | 
The Threat Group 4127 that hit the Democratic National Committee also went after 1,800 other targets with info interesting to Russian government, says SecureWorks.
Large Botnet Comes Back To Life -- With More Malware
News  |  6/23/2016  | 
The Necurs botnet associated with Dridex and Locky is back after three-week haitus.
Crypto Ransomware Officially Eclipses Screen-Blocker Ransomware
News  |  6/22/2016  | 
Encryption malware represented 54 percent of all ransomware in April compared to barely 10 percent a year ago, Kaspersky Lab found.
Bug Poachers: A New Breed of Cybercriminal
Commentary  |  6/22/2016  | 
As if security researchers don't have enough to worry about, we now have to contend with extortionists who take advantage of the well-established fact that applications are a ripe target for exploitation.
Guccifer 2.0: Red Herring Or Third DNC Hacker?
News  |  6/21/2016  | 
CrowdStrike and Fidelis say all evidence for intrusions at DNC points to Russian-backed groups.
NATO Officially Declares Cyberspace A Domain For War
Quick Hits  |  6/17/2016  | 
Cyberattack on a NATO ally will now trigger a collective response.
Lone Hacker Taking Credit For DNC Breach Is Likely Russian, Says Researcher
Quick Hits  |  6/17/2016  | 
'Guccifer 2.0' claimed responsibility for the breach at the Democratic National Committee, then leaked stolen documents about Donald Trump to prove it.
Ransomware, SCADA Access As a Service Emerging Threats For ICS Operators, Report Says
News  |  6/17/2016  | 
With attacks against industrial control networks increasing so too have the challenges, Booz Allen Hamilton says.
For $6, Buy Access To Hacked Government Server, On Underground Market
Quick Hits  |  6/16/2016  | 
Kaspersky uncovers marketplace where criminals buy entry into 70,000 servers from 173 countries to launch cyberattacks.
US, China Agree To Set Up A Cyber Hotline
Quick Hits  |  6/16/2016  | 
Cooperative efforts between US, China on cybersecurity are moving slowly, with set-up of temporary email addresses listed as a key achievement.
FBI: BEC Scam Attempts Amount to $3 Billion
Quick Hits  |  6/15/2016  | 
FBI warns of rise in business email compromise frauds, says it should be reported immediately.
Trump Data Theft Stirs Concerns Of Cyberattacks On Presidential Campaigns
News  |  6/15/2016  | 
Two Russian cybergroups stole a DNC database containing opposition research on Trump in two unrelated campaigns over past year, Crowdstrike says
Russian Hackers Breach Democrats To Steal Data On Trump
Quick Hits  |  6/14/2016  | 
Washington Post: Government-sponsored group hacked Democratic National Committee to access email, chat traffic, and all 'opposition research' on GOP candidate Donald Trump.
Ransomware Now Comes With Live Chat Support
News  |  6/10/2016  | 
Victims of a new version of Jigsaw now have access to live chat operators to help them through the ransom payment process, Trend Micro says.
US-CERT Warns Of Resurgence In Macro Attacks
News  |  6/9/2016  | 
Organizations and individuals urged to be proactive in protecting against threat from the 90s.
University Pays $20K To Ransomware Attackers
Quick Hits  |  6/9/2016  | 
Cybercriminals infect University of Calgary network with virus, demand ransom to unlock data.
Zcrypt Ransomware: Old Wine In A New Bottle
News  |  6/8/2016  | 
Malware authors have combined old and new approaches to try and sneak Zcrypt past defenses, Check Point says.
Top Security To-Dos For The Entertainment Industry
News  |  6/6/2016  | 
'The biz' has unique security needs. And it isn't only about preventing 'the next Sony.'
More Evidence Of Link Between Bank Attacks And North Korean Group
News  |  6/1/2016  | 
Anomali says it has found five new pieces of malware tying the two attack groups together.


Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Take me to your BISO 
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27242
PUBLISHED: 2021-05-11
An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoLocation parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. A...
CVE-2020-27243
PUBLISHED: 2021-05-11
An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoService parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. An...
CVE-2020-27244
PUBLISHED: 2021-05-11
An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoCode parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. An at...
CVE-2020-27245
PUBLISHED: 2021-05-11
An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoBuyer parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. An a...
CVE-2020-27246
PUBLISHED: 2021-05-11
An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoComment parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. An...