darkreading
Attackers and Defenders Lean on AI in Identity Fraud Battle
2 months 3 weeks ago
Identity verification, insurance claims, and financial services are all seeing surges in AI-enabled fraud, but organizations are taking advantage of AI systems to fight fire with fire.
Robert Lemos, Contributing Writer
Chinese APT Mustang Panda Debuts 4 New Attack Tools
2 months 3 weeks ago
The notorious nation-state-backed threat actor has added two new keyloggers, a lateral movement tool, and an endpoint detection and response (EDR) evasion driver to its arsenal.
Nate Nelson, Contributing Writer
CISA Weighs In on Alleged Oracle Cloud Breach
2 months 3 weeks ago
The agency is recommending that organizations and individuals implement its recommendations to prevent the misuse of stolen data, though Oracle has yet to publicly do the same for its customers.
Kristina Beek, Associate Editor, Dark Reading
If Boards Don't Fix OT Security, Regulators Will
2 months 3 weeks ago
Around the world, governments are setting higher-bar regulations with clear corporate accountability for breaches on the belief organizations won't drive up security maturity for operational technology unless they're made to.
Warren O'Driscoll
Apple Zero-Days Under 'Sophisticated Attack,' but Details Lacking
2 months 3 weeks ago
The technology giant said two zero-day vulnerabilities were used in attacks on iOS devices against "specific targeted individuals," which suggests spyware or nation-state threat activity.
Rob Wright
Android Phones Pre-Downloaded With Malware Target User Crypto Wallets
2 months 3 weeks ago
The threat actors lace pre-downloaded applications with malware to steal cryptocurrency by covertly swapping users' wallet addresses with their own.
Kristina Beek, Associate Editor, Dark Reading
Dogged by Trump, Chris Krebs Resigns From SentinelOne
2 months 3 weeks ago
The president revoked the former CISA director's security clearance, half a decade after Krebs challenged right-wing election disinformation, prompting his eventual resignation.
Nate Nelson, Contributing Writer
PromptArmor Launches to Help Assess, Monitor Third-Party AI Risks
2 months 3 weeks ago
The AI security startup has already made waves with critical vulnerability discoveries and seeks to address emerging AI concerns with its PromptArmor platform.
Arielle Waldman
CVE Program Cuts Send the Cyber Sector Into Panic Mode
2 months 3 weeks ago
After threatening to slash support for the CVE program, CISA threw MITRE a lifeline at the last minute — extending its government contract for another 11 months. After that, it looks like it's up to the private sector to find the cash to keep it going.
Becky Bracken
Cybersecurity by Design: When Humans Meet Technology
2 months 3 weeks ago
If security tools are challenging to use, people will look for workarounds to get around the restrictions.
Matthew Warner
Middle East, North Africa Security Spending to Top $3B
2 months 3 weeks ago
Gartner projects IT security spending in the MENA region will continue to increase in 2025, with security services accounting for the most growth.
Nate Nelson, Contributing Writer
GPS Spoofing Attacks Spike in Middle East, Southeast Asia
2 months 3 weeks ago
An Indian disaster-relief flight delivering aid is the latest air-traffic incident, as attacks increase in the Middle East and Myanmar and along the India-Pakistan border.
Robert Lemos, Contributing Writer
Multiple Groups Exploit NTLM Flaw in Microsoft Windows
2 months 3 weeks ago
The attacks have been going on since shortly after Microsoft patched the vulnerability in March.
Jai Vijayan, Contributing Writer
China-Linked Hackers Lay Brickstorm Backdoors on Euro Networks
2 months 3 weeks ago
Researchers discovered new variants of the malware, which is tied to a China-nexus threat group, targeting Windows environments of critical infrastructure networks in Europe.
Rob Wright
Ransomware gang 'CrazyHunter' Targets Critical Taiwanese Orgs
2 months 3 weeks ago
Trend Micro researchers detailed an emerging ransomware campaign by a new group known as "CrazyHunter" that is targeting critical sectors in Taiwan.
Alexander Culafi, Senior News Writer, Dark Reading
NIST Updates Privacy Framework With AI and Governance Revisions
2 months 3 weeks ago
Changes aim to tighten integration with the National Institute of Standards and Technology's Cybersecurity Framework and help organizations develop a stronger posture to handle privacy risks.
Arielle Waldman
Patch Now: NVIDIA Flaws Expose AI Models, Critical Infrastructure
2 months 3 weeks ago
A fix for a critical flaw in a tool allowing organizations to run GPU-accelerated containers released last year did not fully mitigate the issue, spurring the need to patch a secondary flaw to protect organizations that rely on NVIDIA processors for AI workloads.
Elizabeth Montalbano, Contributing Writer
Cloud, Cryptography Flaws in Mobile Apps Leak Enterprise Data
2 months 3 weeks ago
Cloud misconfigurations and cryptography flaws plague some of the top apps used in work environments, exposing organizations to risk and intrusion.
Elizabeth Montalbano, Contributing Writer
Active Directory Recovery Can't Be an Afterthought
2 months 3 weeks ago
Active Directory is one of the most vulnerable access points in an organization's IT environment. Companies cannot wait for a real attack to pressure-test their AD recovery strategy.
Dan Conrad
Checked
3 hours 17 minutes ago
Public RSS feed
darkreading feed