informa
/
Announcements
Event
Using Zero Trust to Protect Remote and Home Workers | Oct 6 Webinar | <REGISTER NOW>
Event
Managing Security In a Hybrid Cloud Environment | Sept 27 Webinar | <REGISTER NOW>
Event
Understanding Cyber Attackers - A Dark Reading November 17 Virtual Event | <GET YOUR PASS>
Report
Black Hat USA 2022 Attendee Report | Supply Chain & Cloud Security Risks Are Top of Mind | <READ IT NOW>
PreviousNext

Threat Intelligence

Breaking news, news analysis, and expert commentary on cybersecurity threat intelligence, including tools & technologies.

App Developers Increasingly Targeted via Slack, DevOps Tools
Slack, Docker, Kubernetes, and other applications that allow developers to collaborate have become the latest vector for software supply chain attacks.
September 23, 2022
Slack, Docker, Kubernetes, and other applications that allow developers to collaborate have become the latest vector for software supply chain attacks.
by Robert Lemos, Contributing Writer, Dark Reading
September 23, 2022
5 MIN READ
Article
Cyberattackers Compromise Microsoft Exchange Servers via Malicious OAuth Apps
Cybercriminals took control of enterprise Exchange Servers to spread large amounts of spam aimed at signing people up for bogus subscriptions.
September 23, 2022
Cybercriminals took control of enterprise Exchange Servers to spread large amounts of spam aimed at signing people up for bogus subscriptions.
by Nathan Eddy, Contributing Writer, Dark Reading
September 23, 2022
2 MIN READ
Article
Researchers Uncover Mysterious 'Metador' Cyber-Espionage Group
Researchers from SentinelLabs laid out what they know about the attackers and implored the researcher community for help in learning more about the shadowy group.
September 23, 2022
Researchers from SentinelLabs laid out what they know about the attackers and implored the researcher community for help in learning more about the shadowy group.
by Fahmida Y. Rashid, Managing Editor, Features, Dark Reading
September 23, 2022
4 MIN READ
Article
Developer Leaks LockBit 3.0 Ransomware-Builder Code
Code could allow other attackers to develop copycat versions of the malware, but it could help researchers understand the threat better as well.
September 22, 2022
Code could allow other attackers to develop copycat versions of the malware, but it could help researchers understand the threat better as well.
by Jai Vijayan, Contributing Writer, Dark Reading
September 22, 2022
4 MIN READ
Article
Feds Sound Alarm on Rising OT/ICS Threats From APT Groups
NSA and CISA release guidance on protecting against cybersecurity threats to operational technology and industrial control systems.
September 22, 2022
NSA and CISA release guidance on protecting against cybersecurity threats to operational technology and industrial control systems.
by Dark Reading Staff, Dark Reading
September 22, 2022
1 MIN READ
Article
Malicious npm Package Poses as Tailwind Tool
Branded as a components library for two popular open source resources, Material Tailwind instead loads a Windows .exe that can run PowerShell scripts.
September 22, 2022
Branded as a components library for two popular open source resources, Material Tailwind instead loads a Windows .exe that can run PowerShell scripts.
by Elizabeth Montalbano, Contributor, Dark Reading
September 22, 2022
5 MIN READ
Article
Threat Actor Abuses LinkedIn's Smart Links Feature to Harvest Credit Cards
The tactic is just one in a constantly expanding bag of tricks that attackers are using to get users to click on links and open malicious documents.
September 21, 2022
The tactic is just one in a constantly expanding bag of tricks that attackers are using to get users to click on links and open malicious documents.
by Jai Vijayan, Contributing Writer, Dark Reading
September 21, 2022
4 MIN READ
Article
Sophisticated Hermit Mobile Spyware Heralds Wave of Government Surveillance
At the SecTor 2022 conference in Toronto next month, researchers from Lookout will take a deep dive into Hermit and the shadowy world of mobile surveillance tools used by repressive regimes.
September 21, 2022
At the SecTor 2022 conference in Toronto next month, researchers from Lookout will take a deep dive into Hermit and the shadowy world of mobile surveillance tools used by repressive regimes.
by Tara Seals, Managing Editor, News, Dark Reading
September 21, 2022
4 MIN READ
Article
ChromeLoader Malware Evolves into Prevalent, More Dangerous Cyber Threat
Microsoft and VMware are warning that the malware, which first surfaced as a browser-hijacking credential stealer, is now being used to drop ransomware, steal data, and crash systems at enterprises.
September 20, 2022
Microsoft and VMware are warning that the malware, which first surfaced as a browser-hijacking credential stealer, is now being used to drop ransomware, steal data, and crash systems at enterprises.
by Jai Vijayan, Contributing Writer, Dark Reading
September 20, 2022
4 MIN READ
Article
Beware of Phish: American Airlines, Revolut Data Breaches Expose Customer Info
The airline and the fintech giant both fell to successful phishing attacks against employees.
September 20, 2022
The airline and the fintech giant both fell to successful phishing attacks against employees.
by Tara Seals, Managing Editor, News, Dark Reading
September 20, 2022
2 MIN READ
Article
Spell-Checking in Google Chrome, Microsoft Edge Browsers Leaks Passwords
It's called "spell-jacking": Both browsers have spell-check features that send data to Microsoft and Google when users fill out forms for websites or Web services.
September 20, 2022
It's called "spell-jacking": Both browsers have spell-check features that send data to Microsoft and Google when users fill out forms for websites or Web services.
by Elizabeth Montalbano, Contributor, Dark Reading
September 20, 2022
5 MIN READ
Article
Uber: Lapsus$ Targeted External Contractor With MFA Bombing Attack
The ride-sharing giant says a member of the notorious Lapsus$ hacking group started the attack by compromising an external contractor's credentials, as researchers parse the incident for takeaways.
September 19, 2022
The ride-sharing giant says a member of the notorious Lapsus$ hacking group started the attack by compromising an external contractor's credentials, as researchers parse the incident for takeaways.
by Jai Vijayan, Contributing Writer, Dark Reading
September 19, 2022
5 MIN READ
Article
Attacker Apparently Didn't Have to Breach a Single System to Pwn Uber
Alleged teen hacker claims he found an admin password in a network share inside Uber that allowed complete access to ride-sharing giant's AWS, Windows, Google Cloud, VMware, and other environments.
September 16, 2022
Alleged teen hacker claims he found an admin password in a network share inside Uber that allowed complete access to ride-sharing giant's AWS, Windows, Google Cloud, VMware, and other environments.
by Jai Vijayan, Contributing Writer, Dark Reading
September 16, 2022
5 MIN READ
Article
Real Estate Phish Swallows 1,000s of Microsoft 365 Credentials
The attacks showcase broader security concerns as phishing grows in volume and sophistication, especially given that Windows Defender's Safe Links feature for identifying malicious links in emails completely failed in the campaign.
September 16, 2022
The attacks showcase broader security concerns as phishing grows in volume and sophistication, especially given that Windows Defender's Safe Links feature for identifying malicious links in emails completely failed in the campaign.
by Tara Seals, Managing Editor, News, Dark Reading
September 16, 2022
8 MIN READ
Article
DDoS Attack Against Eastern Europe Target Sets New Record
The target has been under relentless DDoS attack, which ultimately set a new packets-per-second record for Europe.
September 16, 2022
The target has been under relentless DDoS attack, which ultimately set a new packets-per-second record for Europe.
by Dark Reading Staff, Dark Reading
September 16, 2022
1 MIN READ
Article