Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

News & Commentary
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing WriterNews
While access to compromised systems has become an increasingly common service, some cybercriminals are going straight to the source: buying code bases and then updating the application with malicious code.
By Robert Lemos Contributing Writer, 2/26/2021
Comment0 comments  |  Read  |  Post a Comment
Microsoft Releases Free Tool for Hunting SolarWinds Malware
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Meanwhile, researchers at SecurityScorecard say the "fileless" malware loader in the attack - Teardrop - actually dates back to 2017.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/25/2021
Comment0 comments  |  Read  |  Post a Comment
North Korea's Lazarus Group Expands to Stealing Defense Secrets
Jai Vijayan, Contributing WriterNews
Several gigabytes of sensitive data stolen from one restricted network, with organizations in more than 12 countries impacted, Kaspersky says.
By Jai Vijayan Contributing Writer, 2/25/2021
Comment0 comments  |  Read  |  Post a Comment
Ransomware, Phishing Will Remain Primary Risks in 2021
Robert Lemos, Contributing WriterNews
Attackers have doubled down on ransomware and phishing -- with some tweaks -- while deepfakes and disinformation will become more major threats in the future, according to a trio of threat reports.
By Robert Lemos Contributing Writer, 2/25/2021
Comment1 Comment  |  Read  |  Post a Comment
Thousands of VMware Servers Exposed to Critical RCE Bug
Dark Reading Staff, Quick Hits
Security experts report scanning activity targeting vulnerable vCenter servers after a researcher published proof-of-concept code.
By Dark Reading Staff , 2/25/2021
Comment0 comments  |  Read  |  Post a Comment
New APT Group Targets Airline Industry & Immigration
Jai Vijayan, Contributing WriterNews
LazyScript bears similarities to some Middle Eastern groups but appears to be a distinct operation of its own, Malwarebytes says.
By Jai Vijayan Contributing Writer, 2/24/2021
Comment0 comments  |  Read  |  Post a Comment
61% of Malware Delivered via Cloud Apps: Report
Dark Reading Staff, Quick Hits
Researchers report the majority of malware is now delivered via cloud applications - a jump from 48% last year.
By Dark Reading Staff , 2/24/2021
Comment0 comments  |  Read  |  Post a Comment
Kaseya Buys Managed SOC Provider
Dark Reading Staff, Quick Hits
Purchase extends offerings for MSP and SMB customers
By Dark Reading Staff , 2/24/2021
Comment0 comments  |  Read  |  Post a Comment
The Realities of Extended Detection and Response (XDR) Technology
Jon Oltsik, Senior Principal Analyst & Fellow, Enterprise Strategy GroupCommentary
While the term XDR has become pervasive, the technology and market remain a work in progress with lots of innovation and market confusion.
By Jon Oltsik Senior Principal Analyst & Fellow, Enterprise Strategy Group, 2/24/2021
Comment0 comments  |  Read  |  Post a Comment
Universities Face Double Threat of Ransomware, Data Breaches
Robert Lemos, Contributing WriterNews
Lack of strong security policies put many schools at risk of compromise, disrupted services, and collateral damage.
By Robert Lemos Contributing Writer, 2/24/2021
Comment0 comments  |  Read  |  Post a Comment
SolarWinds Attackers Lurked for 'Several Months' in FireEye's Network
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Top execs from FireEye, SolarWinds, Microsoft, and CrowdStrike testified before the US Senate Intelligence Committee today on the aftermath - and ongoing investigations - into the epic attacks.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/23/2021
Comment0 comments  |  Read  |  Post a Comment
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark ReadingNews
Also on Krebs' radar: the cyber-response to COVID-19 and intelligence-sharing between private and public sectors.
By Kelly Sheridan Staff Editor, Dark Reading, 2/23/2021
Comment0 comments  |  Read  |  Post a Comment
SonicWall Releases Second Set of February Firmware Patches
Dark Reading Staff, Quick Hits
The latest patches, for its SMA 100 series products, comes less than three weeks after an updates to patch a zero-day vulnerability.
By Dark Reading Staff , 2/23/2021
Comment0 comments  |  Read  |  Post a Comment
10K Targeted in Phishing Attacks Spoofing FedEx, DHL Express
Dark Reading Staff, Quick Hits
The two campaigns aimed to steal victims' business email account credentials by posing as the shipping companies.
By Dark Reading Staff , 2/23/2021
Comment0 comments  |  Read  |  Post a Comment
Augmenting SMB Defense Strategies With MITRE ATT&CK: A Primer
Michael Ohanian, Vice President of Product Management at NetsurionCommentary
Any organization can use MITRE ATT&CK as a force multiplier, but it's especially valuable for small ones.
By Michael Ohanian Vice President of Product Management at Netsurion, 2/23/2021
Comment0 comments  |  Read  |  Post a Comment
Chinese-Affiliated APT31 Cloned & Used NSA Hacking Tool
Kelly Sheridan, Staff Editor, Dark ReadingNews
APT31 cloned and reused a Windows-based hacking tool for years before Microsoft patched the vulnerability, researchers report.
By Kelly Sheridan Staff Editor, Dark Reading, 2/22/2021
Comment0 comments  |  Read  |  Post a Comment
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing WriterNews
Almost four of every five attacks attributed in 2020 were conducted by cybercriminal groups, a significant jump from 2019, with attacks on healthcare or using the pandemic rising fast.
By Robert Lemos Contributing Writer, 2/22/2021
Comment0 comments  |  Read  |  Post a Comment
Researcher Reports Vulnerability in Apple iCloud Domain
Dark Reading Staff, Quick Hits
A stored cross-site scripting vulnerability in the iCloud website reportedly earned a security researcher $5,000.
By Dark Reading Staff , 2/22/2021
Comment0 comments  |  Read  |  Post a Comment
8 Ways Ransomware Operators Target Your Network
Kelly Sheridan, Staff Editor, Dark Reading
Security researchers explore how criminals are expanding their arsenals with new, more subtle, and more effective ransomware attack techniques.
By Kelly Sheridan Staff Editor, Dark Reading, 2/22/2021
Comment0 comments  |  Read  |  Post a Comment
Kia Denies Ransomware Attack as IT Outage Continues
Dark Reading Staff, Quick Hits
Kia Motors America states there is no evidence its recent systems outage was caused by a ransomware attack.
By Dark Reading Staff , 2/19/2021
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21302
PUBLISHED: 2021-02-26
PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.2 there is a CSV Injection vulnerability possible by using shop search keywords via the admin panel. The problem is fixed in 1.7.7.2
CVE-2021-21308
PUBLISHED: 2021-02-26
PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.2 the soft logout system is not complete and an attacker is able to foreign request and executes customer commands. The problem is fixed in 1.7.7.2
CVE-2021-21273
PUBLISHED: 2021-02-26
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, requests to user provided domains were not restricted to external IP addresses when calculating the key va...
CVE-2021-21274
PUBLISHED: 2021-02-26
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead to...
CVE-2021-23345
PUBLISHED: 2021-02-26
All versions of package github.com/thecodingmachine/gotenberg are vulnerable to Server-side Request Forgery (SSRF) via the /convert/html endpoint when the src attribute of an HTML element refers to an internal system file, such as <iframe src='file:///etc/passwd'>.