informa

News

ICYMI: A Microsoft Warning, Follina, Atlassian, and More
Dark Reading's digest of the other don't-miss stories of the week, including YouTube account takeovers and a sad commentary on cyber-pro hopelessness.
July 01, 2022
Dark Reading's digest of the other don't-miss stories of the week, including YouTube account takeovers and a sad commentary on cyber-pro hopelessness.
by Tara Seals, Managing Editor, News, Dark Reading
July 01, 2022
6 min read
Article
OpenSea NFT Marketplace Faces Insider Hack
OpenSea warns users that they are likely to be targeted in phishing attacks after a vendor employee accessed and downloaded its email list.
July 01, 2022
OpenSea warns users that they are likely to be targeted in phishing attacks after a vendor employee accessed and downloaded its email list.
by Becky Bracken, Editor, Dark Reading
July 01, 2022
3 min read
Article
Criminals Use Deepfake Videos to Interview for Remote Work
The latest evolution in social engineering could put fraudsters in a position to commit insider threats.
July 01, 2022
The latest evolution in social engineering could put fraudsters in a position to commit insider threats.
by Ericka Chickowski, Contributing Writer, Dark Reading
July 01, 2022
6 min read
Article
DragonForce Malaysia Releases LPE Exploit, Threatens Ransomware
The hacktivist group is ramping up its activities and ready to assault governments and businesses with escalating capabilities.
July 01, 2022
The hacktivist group is ramping up its activities and ready to assault governments and businesses with escalating capabilities.
by Nathan Eddy, Contributing Writer, Dark Reading
July 01, 2022
6 min read
Article
Google: Hack-for-Hire Groups Present a Potent Threat
Cyber mercenaries in countries like India, Russia, and the UAE are carrying out data theft and hacking missions for a wide range of clients across regions, a couple of new reports said.
June 30, 2022
Cyber mercenaries in countries like India, Russia, and the UAE are carrying out data theft and hacking missions for a wide range of clients across regions, a couple of new reports said.
by Jai Vijayan, Contributing Writer, Dark Reading
June 30, 2022
5 min read
Article
API Security Losses Total Billions, But It's Complicated
A recent analysis of breaches involving application programming interfaces (APIs) arrives at some eye-popping damage figures, but which companies are most affected, and in what ways?
June 30, 2022
A recent analysis of breaches involving application programming interfaces (APIs) arrives at some eye-popping damage figures, but which companies are most affected, and in what ways?
by Robert Lemos, Contributing Writer, Dark Reading
June 30, 2022
5 min read
Article
Critical ManageEngine ADAudit Plus Vulnerability Allows Network Takeover, Mass Data Exfiltration
An unauthenticated remote code execution vulnerability found in Zoho’s compliance tool could leave organizations exposed to an information disclosure catastrophe, new analysis shows.
June 30, 2022
An unauthenticated remote code execution vulnerability found in Zoho’s compliance tool could leave organizations exposed to an information disclosure catastrophe, new analysis shows.
by Nathan Eddy, Contributing Writer, Dark Reading
June 30, 2022
4 min read
Article
Patch Now: Linux Container-Escape Flaw in Azure Service Fabric
Microsoft is urging organizations that don't have automatic updates enabled to update to the latest version of Linux Server Fabric to thwart the "FabricScape" cloud bug.
June 29, 2022
Microsoft is urging organizations that don't have automatic updates enabled to update to the latest version of Linux Server Fabric to thwart the "FabricScape" cloud bug.
by Jai Vijayan, Contributing Writer, Dark Reading
June 29, 2022
5 min read
Article
ZuoRAT Hijacks SOHO Routers From Cisco, Netgear
The malware has been in circulation since 2020, with sophisticated, advanced malicious actors taking advantage of the vulnerabilities in SOHO routers as the work-from-home population expands rapidly.
June 29, 2022
The malware has been in circulation since 2020, with sophisticated, advanced malicious actors taking advantage of the vulnerabilities in SOHO routers as the work-from-home population expands rapidly.
by Nathan Eddy, Contributing Writer, Dark Reading
June 29, 2022
5 min read
Article
Cyberattacks via Unpatched Systems Cost Orgs More Than Phishing
External attacks focused on vulnerabilities are still the most common ways that companies are successfully attacked, according to incident data.
June 29, 2022
External attacks focused on vulnerabilities are still the most common ways that companies are successfully attacked, according to incident data.
by Robert Lemos, Contributing Writer, Dark Reading
June 29, 2022
4 min read
Article
Facebook Business Pages Targeted via Chatbot in Data-Harvesting Campaign
The clever, interactive phishing campaign is a sign of increasingly complex social-engineering attacks, researchers warn.
June 28, 2022
The clever, interactive phishing campaign is a sign of increasingly complex social-engineering attacks, researchers warn.
by Tara Seals, Managing Editor, News, Dark Reading
June 28, 2022
7 min read
Article
'Raccoon Stealer' Scurries Back on the Scene After Hiatus
Researchers this week said they had observed criminals using a new and improved version of the prolific malware, barely three months after its authors announced they were quitting.
June 28, 2022
Researchers this week said they had observed criminals using a new and improved version of the prolific malware, barely three months after its authors announced they were quitting.
by Jai Vijayan, Contributing Writer, Dark Reading
June 28, 2022
4 min read
Article
China-Backed APT Pwns Building-Automation Systems With ProxyLogon
The previously unknown state-sponsored group is compromising industrial targets with the ShadowPad malware before burrowing deeper into networks.
June 28, 2022
The previously unknown state-sponsored group is compromising industrial targets with the ShadowPad malware before burrowing deeper into networks.
by Tara Seals, Managing Editor, News, Dark Reading
June 28, 2022
6 min read
Article
Ransomware Volume Nearly Doubles 2021 Totals in a Single Quarter
Like a hydra, every time one ransomware gang drops out (REvil or Conti), plenty more step up to fill the void (Black Basta).
June 28, 2022
Like a hydra, every time one ransomware gang drops out (REvil or Conti), plenty more step up to fill the void (Black Basta).
by Ericka Chickowski, Contributing Writer, Dark Reading
June 28, 2022
4 min read
Article
New Vulnerability Database Catalogs Cloud Security Issues
Researchers have created a new community website for reporting and tracking security issues in cloud platforms and services — plus fixes for them where available.
June 28, 2022
Researchers have created a new community website for reporting and tracking security issues in cloud platforms and services — plus fixes for them where available.
by Jai Vijayan, Contributing Writer, Dark Reading
June 28, 2022
4 min read
Article