Cybersecurity News


BIOPASS RAT Uses Live Streaming Steal Victims’ Data

BIOPASS RAT Uses Live Streaming Steal Victims’ Data The malware has targeted Chinese gambling sites with fake app installers.
12 July 2021

WordPress File Management Plugin Riddled with Critical Bugs

WordPress File Management Plugin Riddled with Critical Bugs The bugs allow a range of attacks on websites, including deleting blog pages and remote code execution.
12 July 2021

Microsoft Confirms Acquisition of RiskIQ

RiskIQ's technology helps businesses assess their security across the Microsoft cloud, Amazon Web Services, other clouds, and on-premises.
12 July 2021

Critical RCE Vulnerability in ForgeRock OpenAM Under Active Attack

Critical RCE Vulnerability in ForgeRock OpenAM Under Active Attack The attacks are enabled by an unpatched security vulnerability in ForgeRock's Access Management, a popular platform that front-ends web apps and remote-access setups.
12 July 2021

Kaseya Patches Zero-Days Used in REvil Attacks

Kaseya Patches Zero-Days Used in REvil Attacks The security update addresses three VSA vulnerabilities used by the ransomware gang to launch a worldwide supply-chain attack on MSPs and their customers.
12 July 2021

Kaseya Releases Security Patch as Companies Continue to Recover

Estimates indicate the number of affected companies could grow, while Kaseya faces renewed scrutiny as former employees reportedly criticize its lack of focus on security.
12 July 2021

AI and Cybersecurity: Making Sense of the Confusion

Artificial intelligence is a maturing area in cybersecurity, but there are different concerns depending on whether you're a defender or an attacker.
12 July 2021

Navigating Active Directory Security: Dangers and Defenses

Navigating Active Directory Security: Dangers and Defenses Microsoft Active Directory, ubiquitous across enterprises, has long been a primary target for attackers seeking network access and sensitive data.
12 July 2021

Cybercriminals troll Iran's leader, cause railway network 'chaos'

Train services were disrupted and the help desk number given was that of Iran's Supreme Leader.
12 July 2021

Kaseya issues patch for on-premise customers, SaaS rollout underway

Support teams are working with clients to apply critical security fixes.
12 July 2021

Cyber Polygon 2021: Towards Secure Development of Digital Ecosystems

Cyber Polygon 2021: Towards Secure Development of Digital Ecosystems Cybersecurity is one of the most important topics on the global agenda, boosted by the pandemic. As the global digitalisation is further accelerating, the world is becoming ever more interconnected. Digital ecosystems are being created all around us: countries, corporations and individuals are taking advantage of the rapid spread of the Internet and smart devices. In this context, a single vulnerable link is enough to bring down the entire system, just like the domino effect.
10 July 2021

How Dangerous is Malware? New Report Finds It's Tough to Tell

Determining which malware is most damaging, and worthy of immediate attention, has become difficult in environments filled with alerts and noise.
09 July 2021

Spike in “Chain Gang” Destructive Attacks on ATMs

Last summer, financial institutions throughout Texas started reporting a sudden increase in attacks involving well-orchestrated teams that would show up at night, use stolen trucks and heavy chains to rip Automated Teller Machines (ATMs) out of their foundations, and make off with the cash boxes inside. Now it appears the crime -- known variously as "ATM smash-and-grab" and "chain gang" attacks -- is rapidly increasing in other states.
09 July 2021

CISA Analysis Reveals Successful Attack Techniques of FY 2020

The analysis shows potential attack paths and the most effective techniques for each tactic documented in CISA's Risk and Vulnerability Assessments.
09 July 2021

New Framework Aims to Describe & Address Complex Social Engineering Attacks

As attackers use more synthetic media in social engineering campaigns, a new framework is built to describe threats and provide countermeasures.
09 July 2021

Microsoft Office Users Warned on New Malware-Protection Bypass

Microsoft Office Users Warned on New Malware-Protection Bypass Word and Excel documents are enlisted to disable Office macro warnings, so the Zloader banking malware can be downloaded onto systems without security tools flagging it.
09 July 2021

Cisco BPA, WSA Bugs Allow Remote Cyberattacks

Cisco BPA, WSA Bugs Allow Remote Cyberattacks The high-severity security vulnerabilities allow elevation of privileges, leading to data theft and more.
09 July 2021

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry The ElectroRAT Trojan attacker's success highlights the increasingly sophisticated nature of threats to cryptocurrency exchanges, wallets, brokerages, investing, and other services.
09 July 2021

It's in the Game (but It Shouldn't Be)

Five ways that game developers (and others) can avoid falling victim to an attack like the one that hit EA.
09 July 2021

Cartoon Caption Winner: Sight Unseen

Cartoon Caption Winner: Sight Unseen And the winner of Dark Reading's June contest is ...
09 July 2021