informa

News

Patch Now: Cybercriminals Set Sights on Critical IBM File Transfer Bug
A vulnerability with a 9.8 CVSS rating in IBM's widely deployed Aspera Faspex offering is being actively exploited to compromise enterprises.
March 29, 2023
A vulnerability with a 9.8 CVSS rating in IBM's widely deployed Aspera Faspex offering is being actively exploited to compromise enterprises.
by Nate Nelson, Contributing Writer, Dark Reading
March 29, 2023
3 MIN READ
Article
Cybersecurity Investment Outlook Remains Grim as Funding Activity Sharply Declines
Security analysts expect little improvement until at least the second half of the year.
March 29, 2023
Security analysts expect little improvement until at least the second half of the year.
by Jai Vijayan, Contributing Writer, Dark Reading
March 29, 2023
6 MIN READ
Article
Google: Commercial Spyware Used by Governments Laden With Zero-Day Exploits
Google TAG researchers reveal two campaigns against iOS, Android, and Chrome users that demonstrate how the commercial surveillance market is thriving despite government-imposed limits.
March 29, 2023
Google TAG researchers reveal two campaigns against iOS, Android, and Chrome users that demonstrate how the commercial surveillance market is thriving despite government-imposed limits.
by Elizabeth Montalbano, Contributor, Dark Reading
March 29, 2023
6 MIN READ
Article
Millions of Pen Tests Show Companies' Security Postures Are Getting Worse
A lack of website protections, Sender Policy Framework (SPF) records, and DNSSEC configurations leave companies open to phishing and data exfiltration attacks.
March 28, 2023
A lack of website protections, Sender Policy Framework (SPF) records, and DNSSEC configurations leave companies open to phishing and data exfiltration attacks.
by Robert Lemos, Contributing Writer, Dark Reading
March 28, 2023
4 MIN READ
Article
North Korea's Kimsuky Evolves into Full-Fledged, Prolific APT43
In cyberattacks against the US, South Korea, and Japan, the group (aka APT43 or Thallium) is using advanced social engineering and cryptomining tactics that set it apart from other threat actors.
March 28, 2023
In cyberattacks against the US, South Korea, and Japan, the group (aka APT43 or Thallium) is using advanced social engineering and cryptomining tactics that set it apart from other threat actors.
by Elizabeth Montalbano, Contributor, Dark Reading
March 28, 2023
5 MIN READ
Article
Hey, Siri: Hackers Can Control Smart Devices Using Inaudible Sounds
A technique, dubbed the "Near-Ultrasound Inaudible Trojan" (NUIT), allows an attacker to exploit smartphones and smart speakers over the Internet, using sounds undetectable by humans.
March 28, 2023
A technique, dubbed the "Near-Ultrasound Inaudible Trojan" (NUIT), allows an attacker to exploit smartphones and smart speakers over the Internet, using sounds undetectable by humans.
by Robert Lemos, Contributing Writer, Dark Reading
March 28, 2023
4 MIN READ
Article
Clop Keeps Racking Up Ransomware Victims With GoAnywhere Flaw
After several weeks and more than 130 ransomware victims, GoAnywhere parent company Forta issues a statement.
March 27, 2023
After several weeks and more than 130 ransomware victims, GoAnywhere parent company Forta issues a statement.
by Becky Bracken, Editor, Dark Reading
March 27, 2023
4 MIN READ
Article
Twitter's Source Code Leak on GitHub a Potential Cyber Nightmare
Indicators point to Twitter's source code being publicly available for around three months, offering a developer security object lesson for businesses.
March 27, 2023
Indicators point to Twitter's source code being publicly available for around three months, offering a developer security object lesson for businesses.
by Nate Nelson, Contributing Writer, Dark Reading
March 27, 2023
3 MIN READ
Article
Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest
In two days, ethical researchers from 10 countries have unearthed more than 22 zero-day bugs in a wide range of technologies at the annual hacking contest.
March 24, 2023
In two days, ethical researchers from 10 countries have unearthed more than 22 zero-day bugs in a wide range of technologies at the annual hacking contest.
by Jai Vijayan, Contributing Writer, Dark Reading
March 24, 2023
4 MIN READ
Article
Zoom Zoom: 'Dark Power' Ransomware Extorts 10 Targets in Less Than a Month
A new threat actor is racking up victims and showing unusual agility. Part of its success could spring from the use of the Nim programming language.
March 24, 2023
A new threat actor is racking up victims and showing unusual agility. Part of its success could spring from the use of the Nim programming language.
by Nate Nelson, Contributing Writer, Dark Reading
March 24, 2023
2 MIN READ
Article
Malicious ChatGPT Extensions Add to Google Chrome Woes
The second malicious ChatGPT extension for Chrome has been discovered, giving malicious actors access to users' Facebook accounts through stolen cookies.
March 24, 2023
The second malicious ChatGPT extension for Chrome has been discovered, giving malicious actors access to users' Facebook accounts through stolen cookies.
by Nathan Eddy, Contributing Writer, Dark Reading
March 24, 2023
3 MIN READ
Article
'Nexus' Android Malware Targets Customers of 450 Financial Institutions Worldwide
Nexus, offered in a malware-as-a-service model, is the latest in a vast and growing array of trojans targeting mobile banking and cryptocurrency applications.
March 23, 2023
Nexus, offered in a malware-as-a-service model, is the latest in a vast and growing array of trojans targeting mobile banking and cryptocurrency applications.
by Jai Vijayan, Contributing Writer, Dark Reading
March 23, 2023
4 MIN READ
Article
Bundestag Bungle: Political Microtargeting of Facebook Users Draws Ire
With shades of the Cambridge Analytica scandal, German political parties skirted consumer data privacy regulations during the country's last parliamentary election, a privacy watchdog warns.
March 23, 2023
With shades of the Cambridge Analytica scandal, German political parties skirted consumer data privacy regulations during the country's last parliamentary election, a privacy watchdog warns.
by Nate Nelson, Contributing Writer, Dark Reading
March 23, 2023
4 MIN READ
Article
Epidemic of Insecure Storage, Backup Devices Is a Windfall for Cybercriminals
Enterprise storage devices have 14 security weaknesses on average, putting them at risk of compromise by cyberattackers and especially ransomware attacks.
March 23, 2023
Enterprise storage devices have 14 security weaknesses on average, putting them at risk of compromise by cyberattackers and especially ransomware attacks.
by Robert Lemos, Contributing Writer, Dark Reading
March 23, 2023
4 MIN READ
Article
MITRE Rolls Out Supply Chain Security Prototype
Cloud-based System of Trust application now available for test-driving quantitative risk assessment of suppliers of hardware, software, services.
March 23, 2023
Cloud-based System of Trust application now available for test-driving quantitative risk assessment of suppliers of hardware, software, services.
by Kelly Jackson Higgins, Editor-in-Chief, Dark Reading
March 23, 2023
5 MIN READ
Article