Dark Reading

IoT-Specific Malware Infections Jumped 700% Amid Pandemic

New telemetry from Zscaler on Internet of Things (IoT) devices demonstrates a dramatic increase in attacks on those devices during the work-from-home phase of the COVID-19 pandemic.

Researchers Learn From Nation-State Attackers' OpSec Mistakes

In their investigation of the Charming Kitten group, IBM X-Force researchers investigated attackers' operational security errors to reveal the inner details of how they function and launch attacks.

Attackers Already Unleashing Malware for Apple macOS M1 Chip

Most macOS malware traditionally has been repurposed from Windows malware variants. But the pandemic's pivot to WFH has more provided more lucrative targets for attackers going after businesses.

Protect The Business

A survey by Armis found that over 21% of respondents have not heard about the cyberattack on Colonial Pipeline, and 24% believe the hack won't have long-lasting effects on the nation's fuel industry.

CISA Publishes Catalog of Poor Security Practices

The CISA will be publishing a list of bad security practices that increase risks for critical infrastructure organizations designated as National Critical Functions (NCFs).

Microsoft Tracks New BazaCall Malware Campaign

In this attack, Microsoft saw attackers using Cobalt Strike and report they stole credentials — including the Active Directory database — and exfiltrated data using rclone.

VMs Help Ransomware Attackers Evade Detection, but It's Uncommon

While effective in hiding ransomware activity, the tactic of using virtual machines is more complex than a traditional ransomware attack and may hamper the attackers' efforts.

Researchers Discover New DNS Name Server Hijack Attack That Exposes Businesses, Government Agencies

Researchers found a novel class of DNS vulnerabilities in AWS Route53 and other DNS-as-a-service offerings that leak sensitive information on corporate and government customers.

Majority of Web Apps in 11 Industries Are Vulnerable All the Time

Two-thirds of the applications deployed by the utility sector and 63% of those deployed by public administration organizations have a serious vulnerability, according to a report by WhiteHat Security.

NSA Funds Development & Release of D3FEND Framework

The National Security Agency today announced it is funding the development and release of D3FEND, a framework for security pros to tailor their defenses against specific security threats.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags