informa
/
Announcements
Event
Building & Maintaining an Effective Remote Access Strategy | August 2 Webinar | <REGISTER NOW>
Event
Building & Maintaining Security at the Network Edge | July 28 Webinar | <REGISTER NOW>
Event
How Ransomware Works - And What You Can Do to Stop It | July 14 Webinar | <REGISTER NOW>
PreviousNext

Attacks/Breaches

Breaking news, news analysis, and expert commentary on cyberattacks and data breaches, as well as the tools, technologies, and practices for defense.

API Security Losses Total Billions, But It's Complicated
A recent analysis of breaches involving application programming interfaces (APIs) arrives at some eye-popping damage figures, but which companies are most affected, and in what ways?
June 30, 2022
A recent analysis of breaches involving application programming interfaces (APIs) arrives at some eye-popping damage figures, but which companies are most affected, and in what ways?
by Robert Lemos, Contributing Writer, Dark Reading
June 30, 2022
5 min read
Article
Exchange Servers Backdoored Globally by SessionManager
Malicious ISS module exploitation is the latest trend among threat actors targeting Exchange servers, analysts say.
June 30, 2022
Malicious ISS module exploitation is the latest trend among threat actors targeting Exchange servers, analysts say.
by Becky Bracken, Editor, Dark Reading
June 30, 2022
2 min read
Article
Study Reveals Traditional Data Security Tools Have a 60% Failure Rate Against Ransomware and Extortion
Titaniam’s ‘State of Data Exfiltration & Extortion Report’ also finds that while over 70% of organizations had heavy investments in prevention, detection, and backup solutions, the majority of victims ended up giving into attackers' demands.
June 30, 2022
Titaniam’s ‘State of Data Exfiltration & Extortion Report’ also finds that while over 70% of organizations had heavy investments in prevention, detection, and backup solutions, the majority of victims ended up giving into attackers' demands.
June 30, 2022
5 min read
Article
Zero-Days Aren't Going Away Anytime Soon & What Leaders Need to Know
There were a record number of zero-day attacks last year, but some basic cyber-hygiene strategies can help keep your organization more safe.
June 30, 2022
There were a record number of zero-day attacks last year, but some basic cyber-hygiene strategies can help keep your organization more safe.
by Dan Schiappa, Chief Product Officer, Arctic Wolf
June 30, 2022
4 min read
Article
ZuoRAT Hijacks SOHO Routers From Cisco, Netgear
The malware has been in circulation since 2020, with sophisticated, advanced malicious actors taking advantage of the vulnerabilities in SOHO routers as the work-from-home population expands rapidly.
June 29, 2022
The malware has been in circulation since 2020, with sophisticated, advanced malicious actors taking advantage of the vulnerabilities in SOHO routers as the work-from-home population expands rapidly.
by Nathan Eddy, Contributing Writer, Dark Reading
June 29, 2022
5 min read
Article
How to Master the Kill Chain Before Your Attackers Do
In the always-changing world of cyberattacks, preparedness is key.
June 29, 2022
In the always-changing world of cyberattacks, preparedness is key.
by J.R. Cunningham, Chief Security Officer, Nuspire
June 29, 2022
5 min read
Article
Facebook Business Pages Targeted via Chatbot in Data-Harvesting Campaign
The clever, interactive phishing campaign is a sign of increasingly complex social-engineering attacks, researchers warn.
June 28, 2022
The clever, interactive phishing campaign is a sign of increasingly complex social-engineering attacks, researchers warn.
by Tara Seals, Managing Editor, News, Dark Reading
June 28, 2022
7 min read
Article
'Raccoon Stealer' Scurries Back on the Scene After Hiatus
Researchers this week said they had observed criminals using a new and improved version of the prolific malware, barely three months after its authors announced they were quitting.
June 28, 2022
Researchers this week said they had observed criminals using a new and improved version of the prolific malware, barely three months after its authors announced they were quitting.
by Jai Vijayan, Contributing Writer, Dark Reading
June 28, 2022
4 min read
Article
China-Backed APT Pwns Building-Automation Systems With ProxyLogon
The previously unknown state-sponsored group is compromising industrial targets with the ShadowPad malware before burrowing deeper into networks.
June 28, 2022
The previously unknown state-sponsored group is compromising industrial targets with the ShadowPad malware before burrowing deeper into networks.
by Tara Seals, Managing Editor, News, Dark Reading
June 28, 2022
6 min read
Article
Atlassian Confluence Exploits Peak at 100K Daily
Swarms of breach attempts against the Atlassian Confluence vulnerability are likely to continue for years, researchers say, averaging 20,000 attempts daily as of this week.
June 28, 2022
Swarms of breach attempts against the Atlassian Confluence vulnerability are likely to continue for years, researchers say, averaging 20,000 attempts daily as of this week.
by Dark Reading Staff, Dark Reading
June 28, 2022
1 min read
Article
A WAF Is Not a Free Lunch: Teaching the Shift-Left Security Mindset
Developers need to think like WAF operators for security. Start with secure coding and think of Web application firewalls not as a prophylactic but as part of the secure coding test process.
June 28, 2022
Developers need to think like WAF operators for security. Start with secure coding and think of Web application firewalls not as a prophylactic but as part of the secure coding test process.
by Yaniv Sazman, Lead Product Manager, F5 NGINX and OSS Security, F5 Networks
June 28, 2022
5 min read
Article
Ransomware Volume Nearly Doubles 2021 Totals in a Single Quarter
Like a hydra, every time one ransomware gang drops out (REvil or Conti), plenty more step up to fill the void (Black Basta).
June 28, 2022
Like a hydra, every time one ransomware gang drops out (REvil or Conti), plenty more step up to fill the void (Black Basta).
by Ericka Chickowski, Contributing Writer, Dark Reading
June 28, 2022
4 min read
Article
How to Find New Attack Primitives in Microsoft Azure
Abuse primitives have a longer shelf life than bugs and zero-days and are cheaper to maintain. They're also much harder for defenders to detect and block.
June 28, 2022
Abuse primitives have a longer shelf life than bugs and zero-days and are cheaper to maintain. They're also much harder for defenders to detect and block.
by Andy Robbins, Technical Architect, SpecterOps
June 28, 2022
5 min read
Article
New Vulnerability Database Catalogs Cloud Security Issues
Researchers have created a new community website for reporting and tracking security issues in cloud platforms and services — plus fixes for them where available.
June 28, 2022
Researchers have created a new community website for reporting and tracking security issues in cloud platforms and services — plus fixes for them where available.
by Jai Vijayan, Contributing Writer, Dark Reading
June 28, 2022
4 min read
Article
It's a Race to Secure the Software Supply Chain — Have You Already Stumbled?
If you haven't properly addressed the issue, you're already behind. But even if you've had a false start, it's never too late to get back up.
June 27, 2022
If you haven't properly addressed the issue, you're already behind. But even if you've had a false start, it's never too late to get back up.
by Kayla Underkoffler, Senior Security Technologist, HackerOne
June 27, 2022
5 min read
Article