News

News

• August 30, 2022 30 Aug'22

  VMware aims to improve security visibility with new services

  Unveiled at VMware Explore, the company's new security services include Project Trinidad, Project Watch and Project Northstar. All three offer customer visibility enhancements.

• August 26, 2022 26 Aug'22

  LastPass discloses data breach

  LastPass CEO Karim Toubba said no customer data or password details were compromised, and the company does not recommend an immediate course of action to users.

• August 25, 2022 25 Aug'22

  Ransomware defies seasonal trends with increase

  The return and rebranding of major crews saw the volume of ransomware attacks in July jump 47%, defying seasonal trends, according to researchers at NCC Group.

• August 25, 2022 25 Aug'22

  Mitiga: Attackers evade Microsoft MFA to lurk inside M365

  During an incident response investigation, Mitiga discovered attackers were able to create a second authenticator with no multifactor authentication requirements.

• August 25, 2022 25 Aug'22

  Twitter whistleblower report holds security lessons

  The whistleblower report from Twitter's former security lead should provide companies and boards with lessons on how not to handle internal security concerns.

• Sponsored News

  • Riding the Wave to Enterprise AI at Scale: The Transformation of Client Solutions

    Sponsored by Dell Technologies - While it’s true that AI is moving rapidly toward universal adoption, it is in the enterprise where AI is having its greatest impact. Enterprise AI certainly is an area of massive resource investment: Research pegs the size of the 2025 global enterprise AI market at $97 billion, growing to an astonishing $229 billion by 2030. All forms of AI—agentic AI, generative AI, machine learning, and predictive AI, to name a few—are transforming how, when, where, and why work is done. See More

  • The “Personal Touch” of AI is Undeniable, Thanks for Impressive Advances in Client Solutions

    Sponsored by Dell Technologies - The trend toward personal—and personalized—artificial intelligence (AI) has swiftly moved from interesting idea to undeniable market transformational catalyst. Research points out that 61% of U.S. adults have used AI in the past six months, with a growing number of those using it daily. This not only is an expected byproduct of widespread AI use in businesses and other enterprises, but the rapidly accelerating number of consumer-oriented use cases. See More

  • The Deepening Impact of “AI Everywhere” is Revolutionizing Client Solutions

    Sponsored by Dell Technologies - Artificial intelligence (AI) has rapidly become the technical development with the most profound impact on how we work, play, live, and interact. Although AI has been around for decades, earlier generations of expert systems, knowledge systems, and decision-support systems pale in comparison to the capabilities of the AI of today…and tomorrow. See More

  View All Sponsored News
• August 24, 2022 24 Aug'22

  Risk & Repeat: Whistleblower spells trouble for Twitter

  A new whistleblower report unveiled troubling accusations against Twitter from the social media company's former head of security, Peiter 'Mudge' Zatko.

• August 22, 2022 22 Aug'22

  CEO of spyware vendor NSO Group steps down

  Current NSO Group COO Yaron Shohat will replace outgoing CEO Shalev Hulio as part of a reorganization for the vendor, which has come under fire from the U.S. government.

• August 18, 2022 18 Aug'22

  Shunned researcher Hadnagy sues DEF CON over ban

  Researcher Christopher Hadnagy is seeking damages from DEF CON and founder Jeff Moss over their decision to ban him citing multiple claims of conduct violations.

• August 18, 2022 18 Aug'22

  Russian cyber attacks on Ukraine driven by government groups

  Researchers with Trustwave say the cyber attacks against Ukraine are not the work of enlisted private hacking groups but Russian government intelligence agencies.

• August 17, 2022 17 Aug'22

  Google patches yet another Chrome zero-day vulnerability

  Google issued an update Wednesday to address a potentially serious security vulnerability in its Chrome browser, and the company urged users to patch their browsers immediately.

• August 17, 2022 17 Aug'22

  Risk & Repeat: Black Hat 2022 recap

  This Risk & Repeat podcast episode discusses the Black Hat 2022 conference in Las Vegas and the notable sessions, major themes and hot topics from the show.

• August 17, 2022 17 Aug'22

  CISA: Threat actors exploiting multiple Zimbra flaws

  Cybersecurity vendor Volexity found earlier this month that one flaw, CVE-2022-27925, had compromised more than 1,000 Zimbra Collaboration Suite instances.

• August 16, 2022 16 Aug'22

  Mailchimp suffers second breach in 4 months

  While the source of the breach has not been confirmed, an attacker got into Mailchimp and gained access to the customer account of cloud hosting provider DigitalOcean.

• August 16, 2022 16 Aug'22

  For cyber insurance, some technology leads to higher premiums

  Though cyber insurance demand is exceeding supply and companies might receive less coverage with higher premiums, experts say there are ways enterprises can reduce risk.

• August 16, 2022 16 Aug'22

  Zero Day Initiative seeing an increase in failed patches

  In a Q&A with TechTarget Editorial, Trend Micro Zero Day Initiative's Brian Gorenc and Dustin Childs discuss incomplete patches and the value of personal researcher relations.

• August 12, 2022 12 Aug'22

  Eclypsium calls out Microsoft over bootloader security woes

  At DEF CON 30, Eclypsium researchers detailed three new vulnerabilities in third-party Windows bootloaders that were signed with Microsoft's UEFI certificates.

• August 11, 2022 11 Aug'22

  Rapid7: Cisco ASA and ASDM flaws went unpatched for months

  While several of the vulnerabilities were reported to Cisco in February, they remained unpatched until Thursday when Rapid7's Jake Baines discussed the flaws at Black Hat USA 2022.

• August 11, 2022 11 Aug'22

  Researchers reveal Kubernetes security holes, prevention

  Researchers with Palo Alto Networks took the stage at Black Hat to explain how configurations and system privileges in Kubernetes clusters can allow container escape and takeover.

• August 11, 2022 11 Aug'22

  Cisco hacked by access broker with Lapsus$ ties

  No Cisco employee or customer personal information was stolen in the hack, though some data did make it onto the dark web.

• August 11, 2022 11 Aug'22

  SentinelOne discusses the rise of data-wiping malware

  During a Black Hat 2022 session, researchers showed how expectations of cyber war may differ from the reality.

• August 11, 2022 11 Aug'22

  Zero Day Initiative launches new bug disclosure timelines

  The Trend Micro Zero Day Initiative's vulnerability disclosure policy will now mandate shorter disclosure windows for flaws believed to result from bypassed security patches.

• August 11, 2022 11 Aug'22

  How CI/CD pipelines are putting enterprise networks at risk

  At Black Hat USA 2022, NCC Group researchers demonstrated how threat actors can compromise CI/CD pipelines and break out into enterprise networks and cloud environments.

• August 11, 2022 11 Aug'22

  Google researchers dissect Android spyware, zero days

  Researchers with Google's Threat Analysis Group say the ecosystem of surveillance vendors is far larger than just NSO Group, and some vendors are sharing or trading exploits.

• August 10, 2022 10 Aug'22

  Ermetic addresses IAM weaknesses in multi-cloud environments

  Researchers at the cloud security vendor discussed the importance of understanding the different identity and access management features among the major cloud providers.

• August 10, 2022 10 Aug'22

  Chris Krebs: It's still too hard to work with the government

  Former CISA Director Chris Krebs offered multiple areas of improvement to the U.S. government's cyber readiness during a Black Hat 2022 keynote.

• August 10, 2022 10 Aug'22

  Industroyer2: How Ukraine avoided another blackout attack

  A Black Hat 2022 session explained how the latest attack on Ukraine's energy grid was thwarted this spring, thanks to quick responses and timely sharing of threat data.

• August 08, 2022 08 Aug'22

  U.S. sanctions another cryptocurrency mixer in Tornado Cash

  The U.S. Treasury Department issued sanctions against Tornado Cash, a cryptocurrency mixer accused of helping North Korea's Lazarus Group launder stolen funds.

• August 08, 2022 08 Aug'22

  VMware: The threat of lateral movement is growing

  The majority of incident response professionals surveyed for VMware's 'Global Incident Response Threat Report' observed lateral movement in at least some attacks in the past year.

• August 04, 2022 04 Aug'22

  Amazon CSO Steve Schmidt talks prescriptive security for AWS

  In part two of this Q&A, Amazon CSO Steve Schmidt discusses why AWS has taken a more prescriptive approach to customer security and how it influences areas like incident response.

• August 03, 2022 03 Aug'22

  Amazon CSO Steve Schmidt preaches fungible resources, MFA

  In a Q&A with SearchSecurity, Amazon CSO Steve Schmidt discusses his time as head of AWS security and shifts the cloud provider made to improve its posture, as well as customers'.

• August 03, 2022 03 Aug'22

  Thoma Bravo to acquire Ping Identity for $2.8B

  Thoma Bravo's bid is expected to close in the fourth quarter of 2022. Ping Identity's purchase price represents a 63% premium over the vendor's closing price Tuesday.

• August 02, 2022 02 Aug'22

  New Microsoft tools aim to protect expanding attack surface

  New security concerns have arisen around initial attack vectors and visibility into a broader attack surface as companies have moved to the cloud, according to Microsoft.

• August 02, 2022 02 Aug'22

  July another down month in ransomware attack disclosures

  July saw a similar number of ransomware attack disclosures as June, previously the sparsest month for disclosures this year, according to SearchSecurity's data.

• July 29, 2022 29 Jul'22

  Coveware: Median ransom payments dropped 51% in Q2

  Coveware hypothesized that large enterprises are making themselves more expensive targets for ransomware gangs and refusing to give into high demands.

• July 28, 2022 28 Jul'22

  Microsoft: Austrian company DSIRF selling Subzero malware

  Microsoft said Austrian penetration testing firm DSIRF exploited multiple zero-day vulnerabilities, including the recently patched CVE-2022-22047.

• July 28, 2022 28 Jul'22

  AWS adds anti-malware and PII visibility to storage

  New tools unveiled by AWS at re:Inforce 2022 add new anti-malware capabilities to AWS block storage and a way to find personally identifiable information with S3 object storage.

• July 26, 2022 26 Jul'22

  AWS issues MFA call to action at re:Inforce 2022

  To reduce growing attack surfaces in the cloud, AWS executives emphasized the importance of implementing MFA to protect accounts and blocking public access to cloud resources.

• July 26, 2022 26 Jul'22

  CrowdStrike launches cloud threat hunting service

  Launched at AWS re:Inforce 2022, CrowdStrike's Falcon OverWatch Cloud Threat Hunting is a standalone threat hunting service built to stop advanced threats from within the cloud.

• July 21, 2022 21 Jul'22

  NCC Group observes a drop in ransomware attacks -- for now

  Changes in top ransomware-as-a-service groups like LockBit 2.0 and Conti accounted for the decline in activity, though NCC Group anticipates attacks will ramp back up.

• July 21, 2022 21 Jul'22

  Atlassian Confluence plugin contains hardcoded password

  A flaw in Questions for Confluence, a first-party application in Atlassian Confluence, contains a hardcoded password enabling access into any vulnerable instance.

• July 21, 2022 21 Jul'22

  SynSaber: Only 41% of ICS vulnerabilities require attention

  The industrial cybersecurity vendor analyzed 681 ICS vulnerabilities that were disclosed this year and found many had a low probability of exploitation.

• July 20, 2022 20 Jul'22

  DOJ report warns of escalating cybercrime, 'blended' threats

  The Department of Justice's cyber review report warned that the lines between conventional cybercriminal activity and national security threats have all but disappeared.

• July 20, 2022 20 Jul'22

  Sophos launches cross-operational task force X-Ops

  The Sophos X-Ops team aims to create an AI-assisted security operations center using the cybersecurity vendor's research and threat response teams.

• July 15, 2022 15 Jul'22

  Cryptocurrency mixer activity reaches new heights in 2022

  Chainalysis observed a stark uptick in April that led to a steady decline in May and June, but illicit addresses and DeFi platforms have kept mixers busy so far this year.

• July 15, 2022 15 Jul'22

  Risk & Repeat: Ransomware in 2022 so far

  This podcast episode discusses ransomware in 2022, including an apparent decrease in attacks, the evolution of cybercrime operations and the lack of visibility into the threat.

• July 14, 2022 14 Jul'22

  Cryptocurrency crash triggers crisis for dark web exchanges

  Cybersixgill says dark web exchanges that help cybercriminals launder their funds are facing a crisis as users are cashing out amid a cryptocurrency price crash.

• July 13, 2022 13 Jul'22

  Researcher develops Hive ransomware decryption tool

  Despite being only a year old, Hive ransomware has grown into a prominent ransomware-as-a-service operator. The decryptor tackles Hive's newer, better-encrypted version.

• July 13, 2022 13 Jul'22

  Supreme Court justices doxxed on dark web

  Five conservative Supreme Court justices were reportedly doxxed by threat actors that claim to have obtained credit card numbers, addresses and other information.

• July 12, 2022 12 Jul'22

  4 critical flaws among 84 fixes in July Patch Tuesday

  Microsoft's Patch Tuesday release for July brought dozens of fixes for security flaws in Windows, an Azure disaster recovery tool and the problematic Print Spooler service.

• July 07, 2022 07 Jul'22

  Early detection crucial in stopping BEC scams

  Cofense Intelligence studied hundreds of business email compromise attacks and found that most scams attempt to establish trust with targeted employees over multiple emails.

• July 07, 2022 07 Jul'22

  Public sector still facing ransomware attacks amid decline

  While ransomware activity has reportedly decreased worldwide in recent months, several public sector organizations in the U.S. suffered attacks in June.

• July 06, 2022 06 Jul'22

  5G networks vulnerable to adversarial ML attacks

  A team of academic researchers introduced an attack technique that could disrupt 5G networks, requiring new ways to protect against adversarial machine learning attacks.

• July 06, 2022 06 Jul'22

  HackerOne incident raises concerns for insider threats

  While the threat actor's motivation appears to be financial, it shows just how damaging an insider threat could be for vulnerability disclosure and bug bounty systems.

• July 05, 2022 05 Jul'22

  Ransomware in 2022: Evolving threats, slow progress

  Experts say trends involving new forms of leverage, increasing numbers of affiliates and the evolving cyber insurance market are shaping the ransomware landscape in 2022.

• June 30, 2022 30 Jun'22

  SANS Institute: Human error remains the top security issue

  The SANS Institute's annual report on security awareness found that human risk is still the biggest source of data breaches and security issues for enterprises.

• June 28, 2022 28 Jun'22

  Ransomware gangs using Log4Shell to attack VMware instances

  Ransomware groups are exploiting the Log4Shell flaw in VMware Horizon and using DLL sideloading techniques to exfiltrate and encrypt data, according to Trend Micro.

• June 28, 2022 28 Jun'22

  Cisco Talos techniques uncover ransomware sites on dark web

  One of the three techniques Cisco Talos used to de-anonymize ransomware dark web sites is to match TLS certificate serial numbers from dark web leak sites to the clear web.

• June 28, 2022 28 Jun'22

  Wiz launches open database to track cloud vulnerabilities

  Wiz researchers Alon Schindel and Amitai Cohen and Scott Piper, cloud security engineer at Block, launched a database to list all known cloud vulnerabilities and security issues.

• June 24, 2022 24 Jun'22

  Researchers criticize Oracle's vulnerability disclosure process

  While the critical flaws were reported in April, it took the vendor nearly half a year to issue patches, exceeding the standard responsible coordinated disclosure policy.

• June 23, 2022 23 Jun'22

  Chinese HUI Loader malware ups the ante on espionage attacks

  A state-sponsored piece of malware may become a favorite weapon for Beijing-backed hacking crews looking to lift intellectual property from foreign firms.

• June 23, 2022 23 Jun'22

  Access management issues may create security holes

  Employees who aren't credentialed to access corporate systems to do their jobs find ways around the red tape that could lead to security breaches.

• June 22, 2022 22 Jun'22

  Ongoing PowerShell security threats prompt a call to action

  Although PowerShell poses an ongoing risk to enterprise security as a post-exploitation tool, authorities strongly advise against disabling it completely.

• June 22, 2022 22 Jun'22

  Kaspersky unveils unknown APT actor 'ToddyCat'

  The origin of 'ToddyCat' is unknown. However, Kaspersky said the APT actor carries similarities with a number of Chinese-speaking threat groups.

• June 22, 2022 22 Jun'22

  Publicly disclosed U.S. ransomware attacks database

  Each day SearchSecurity looks for every publicly available instance of a ransomware attack in the U.S. and compiles this data into a list to keep readers updated on recent threats.

• June 22, 2022 22 Jun'22

  Proofpoint: Social engineering attacks slipping past users

  Executives, administrators and network defenders overlook the severity of many of the most effective social engineering tools, Proofpoint cautions.

• June 21, 2022 21 Jun'22

  Forescout discloses 'OT:Icefall,' 56 flaws from 10 vendors

  The OT:Icefall vulnerabilities come from 10 operational technology vendors that make hardware for critical infrastructure, including Emerson, Honeywell, Motorola and more.

• June 20, 2022 20 Jun'22

  Cleveland BSides takes heat for Chris Hadnagy appearance

  The Cleveland BSides security conference is experiencing turmoil after booking a 'surprise' keynote speaker who was recently barred from DEF CON for misconduct.

• June 20, 2022 20 Jun'22

  Paige Thompson found guilty in 2019 Capital One data breach

  The former Amazon engineer who hacked AWS and gained access to sensitive data belonging to Capital One customers has been convicted.

• June 20, 2022 20 Jun'22

  Healthcare breaches on the rise in 2022

  According to U.S. government data, the number of healthcare breaches in the first five months of 2022 has nearly doubled from the same period last year.

• June 17, 2022 17 Jun'22

  Hertzbleed disclosure raises questions for Intel

  Hertzbleed, a family of new side-channel attacks, was first reported to Intel in the third quarter of 2021, and it's unclear why it was kept under embargo for so long.

• June 16, 2022 16 Jun'22

  Risk & Repeat: Recapping RSA Conference 2022

  This Risk & Repeat episode discusses RSA Conference 2022 and major themes, such as the evolving ransomware landscape and the government's strategy to address nation-state threats.

• June 15, 2022 15 Jun'22

  Alphv ransomware gang ups pressure with new extortion scheme

  The ransomware operators this week launched a website for victims' employees and customers to search for any stolen personal information following an attack.

• June 15, 2022 15 Jun'22

  Microsoft takes months to fix critical Azure Synapse bug

  Orca Security discovered that inadequate tenant separation in Microsoft's Azure Synapse service could allow a threat actor to steal credentials from thousands of customers.

• June 14, 2022 14 Jun'22

  Critical Atlassian Confluence flaw remains under attack

  Researchers say a critical flaw in the Atlassian Confluence Data Center and Server is now being used to spread ransomware in the wild, making updates a top priority.

• June 14, 2022 14 Jun'22

  How Russian sanctions may be helping US cybersecurity

  Federal government officials say Russian sanctions decreased cyber attacks on the U.S. over the past few months but could potentially lead to significant threats down the road.

• June 13, 2022 13 Jun'22

  Tenable slams Microsoft over Azure vulnerabilities

  Tenable expressed its frustration after working with Microsoft on the disclosure of two cloud flaws that researchers ranked as critical, which the company later silently patched.

• June 13, 2022 13 Jun'22

  Skyhigh Security CEO, VP talk life after McAfee

  Gee Rittenhouse discusses the process of building Skyhigh Security, a new company created by Symphony Technology Group as a rebirth of McAfee's enterprise cloud security portfolio.

• June 09, 2022 09 Jun'22

  Rob Joyce: China represents biggest long-term cyberthreat

  NSA director of cybersecurity Rob Joyce spoke at RSA Conference 2022 about the cyberthreat landscape for nation-state attacks from Russia and China.

• June 09, 2022 09 Jun'22

  CrowdStrike demonstrates dangers of container escape attacks

  CrowdStrike gave a live demonstration at RSA Conference 2022 of how an attacker can use a recently discovered Kubernetes flaw to obtain full control over a container's host system.

• June 09, 2022 09 Jun'22

  Mandiant: Cyberextortion schemes increasing pressure to pay

  At RSA Conference 2022, Mandiant executives discussed how attackers are pulling out all the stops to pressure victims to pay, from DDoS attacks to harassing victims' customers.

• June 08, 2022 08 Jun'22

  SANS lists bad backups, cloud abuse as top cyberthreats

  A panel of experts from the SANS Institute took the stage at RSA Conference 2022 to weigh in on some of the biggest threats and risks facing security teams.

• June 08, 2022 08 Jun'22

  CISA director promotes collaboration and trust at RSAC 2022

  Jen Easterly said there's growing momentum for stronger collaboration and communication between government agencies like CISA and private-sector cybersecurity companies.

• June 07, 2022 07 Jun'22

  Cisco Talos: Destructive malware, supply chain attacks rising

  At RSA Conference 2022, Cisco Talos discussed how adversaries have evolved and changed their tactics, leading to major shifts in the threat landscape.

• June 07, 2022 07 Jun'22

  Microsoft flags common pitfalls for cyber insurance

  Cyber insurance is getting more expensive and tougher to acquire. At RSA Conference 2022, Microsoft's Cynthia James discussed the common mistakes made when obtaining coverage.

• June 07, 2022 07 Jun'22

  Ransomware Task Force calls for better incident reporting

  Michael Phillips, co-chair of the Ransomware Task Force and chief claims officer at Resilience, pointed to a 'data gap' that prohibits a complete picture of the ransomware problem.

• June 07, 2022 07 Jun'22

  Microsoft details zero-trust transition, challenges

  Over the past three years, Microsoft has moved to a zero-trust framework. Security engineers outlined the transition and its challenges during a session at RSA Conference 2022.

• June 07, 2022 07 Jun'22

  DNI Avril Haines: Cybersecurity is getting harder

  During her RSA Conference 2022 keynote, the U.S. Director of National Intelligence discussed the increase in cyber threats, from nation-state attacks to commercial hacking tools.

• June 07, 2022 07 Jun'22

  Cybereason: Paying ransoms leads to more ransomware attacks

  Cybereason found that the majority of organizations that pay threat actors to decrypt data are attacked again -- usually within a month and at the hands of the same attackers.

• June 06, 2022 06 Jun'22

  MacOS malware attacks slipping through the cracks

  Apple security specialist Patrick Wardle told RSA Conference 2022 attendees that some of the worst security flaws in the macOS operating system come from overlooked bits of code.

• June 06, 2022 06 Jun'22

  Major DDoS attacks increasing after invasion of Ukraine

  DDoS attacks are a growing threat to both government and commercial entities across the globe, as Russia's invasion of Ukraine has increased the rate of attacks in 2022.

• June 03, 2022 03 Jun'22

  Critical Atlassian Confluence flaw exploited in the wild

  No patch is currently available for the critical Atlassian bug, which affects Confluence Server and Data Center products, though one is expected by end of day Friday.

• June 02, 2022 02 Jun'22

  May ransomware attacks strike municipal governments, IT firms

  A major agriculture machinery vendor as well as a handful of other private companies and municipal governments were the targets of ransomware attacks in May.

• June 02, 2022 02 Jun'22

  Conti ransomware group targeted Intel firmware tools

  A pair of Intel firmware management platforms were targeted by the notorious Conti ransomware group to create new attack techniques, according to Eclypsium researchers.

• June 02, 2022 02 Jun'22

  VMware launches 'threat intelligence cloud' Contexa

  The Contexa threat intelligence service is integrated into all VMware security products and will be available to all new and existing customers at no additional cost.

• June 01, 2022 01 Jun'22

  Hackers ransom 1,200 exposed Elasticsearch databases

  An extensive extortion operation didn't need exploits or vulnerabilities to take over more than 1,200 Elasticsearch databases and demand bitcoin payments, according to Secureworks.

• June 01, 2022 01 Jun'22

  Forescout proof-of-concept ransomware attack affects IoT, OT

  Forescout's proof of concept showed how an attacker could use an IoT camera to gain access to an enterprise's IT network and then shut down operational technology hardware.

• May 31, 2022 31 May'22

  Microsoft zero day exploited in the wild, workarounds released

  A zero-day flaw in the Microsoft Support Diagnostic Tool has already been exploited in the wild. No patch is available yet, but Microsoft released temporary mitigations.

• May 26, 2022 26 May'22

  U.S. Senate report calls out lack of ransomware reporting

  The Senate Committee on Homeland Security published a report that points to a lack of ransomware reporting as a major issue in defending the U.S. from cyber attacks.

• May 26, 2022 26 May'22

  Twitter fined $150M for misusing 2FA data

  The DOJ and FTC said the social media company misused consumers' personal data for advertisement purposes, from which it gained benefit.

• May 26, 2022 26 May'22

  'Pantsdown' BMC vulnerability still present in Quanta servers

  Eclypsium found that a critical security flaw first disclosed in 2019 remains exposed in many internet-facing servers, leaving networks at risk for remote code execution attacks.