Category: darkreading

Apple Releases Urgent Patch for USB Vulnerability The vulnerability could allow a threat actor to disable the security feature on a locked device and gain access to user data. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

CISA Places Election Security Staffers on Leave The staffers were tasked with building relationships on the ground across the country in local election jurisdictions, teaching election officials tactics on mitigating cyber threats, cyber hygiene, combating misinformation and foreign influence, and more. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

Data Leaks Happen Most Often in These States — Here’s Why State-led data privacy laws and commitment to enforcement play a major factor in shoring up business data security, an analysis shows. Becky Bracken, Senior Editor, Dark Reading Go to gbhackers.com

DeepSeek AI Fails Multiple Security Tests, Raising Red Flag for Businesses The popular generative AI (GenAI) model allows hallucinations, easily avoidable guardrails, susceptibility to jailbreaking and malware creation requests, and more at critically high rates, researchers find. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com

Ransomware Groups Made Less Money in 2024 Improvements in cyber hygiene and resiliency made it possible for victim organizations to skip paying ransom amounts in 2024. Go to gbhackers.com

XE Group Shifts From Card Skimming to Supply Chain Attacks The likely Vietnam-based threat actor has been using two zero-days in VeraCore’s warehouse management software in some of its latest cyberattacks. Jai Vijayan, Contributing Writer Go to gbhackers.com

120K Victims Compromised in Memorial Hospital Ransomware Attack After claiming responsibility for the ransomware attack in 2024, the “Embargo” ransomware group posted 1.15 terabytes of stolen data to its public Tor site. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

Guilty Plea in Hacking of the SEC’s X Account That Caused Bitcoin Value Spike Go to gbhackers.com

Newspaper Giant Lee Enterprises Reels From Cyberattack The newspaper company expects the investigation to take some time, but said in an SEC filing that it has not yet identified any material impact. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

Magecart Attackers Abuse Google Ad Tool to Steal Data Attackers are smuggling payment card-skimming malicious code into checkout pages on Magento-based e-commerce sites by abusing the Google Tag Manager ad tool. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com

LLM Hijackers Quickly Incorporate DeepSeek API Keys The secret use of other people’s generative AI platforms, wherein hijackers gain unauthorized access to an LLM while someone else foots the bill, is getting quicker and stealthier by the month. Nate Nelson, Contributing Writer Go to gbhackers.com

SolarWinds to Go Private for $4.4B Five years after a Russian APT infiltrated a software update to gain access to thousands of SolarWInds customers, the board has voted unanimously to sell at a top valuation and plans for uninterrupted operations. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

Microsoft: Thousands of Public ASP.NET Keys Allow Web Server RCE Developers are pulling in publicly available ASP.NET keys into their environments, without realizing that cyberattackers can use them for clandestine code injection. Tara Seals, Managing Editor, News, Dark Reading Go to gbhackers.com

Canadian Man Charged in $65M Cryptocurrency Hacking Schemes Go to gbhackers.com

2024 Breaks Records With Highest Ever Ransomware Attacks Go to gbhackers.com

Databarracks Launches Air Gap Recover Go to gbhackers.com

Google’s DMARC Push Pays Off, but Email Security Challenges Remain A year after Google and Yahoo started requiring DMARC, the adoption rate of the email authentication specification has doubled; and yet, 87% of domains remain unprotected. Robert Lemos, Contributing Writer Go to gbhackers.com

Behavioral Analytics in Cybersecurity: Who Benefits Most? As the cost of data breaches continues to climb, the role of user and entity behavioral analytics (UEBA) has never been more important. Jackie Wyatt Go to gbhackers.com

Cybercrime Forces Local Law Enforcement to Shift Focus Local law enforcement have to shift away from “place-based policing” when investigating cybercrime. Jennifer Lawinski Go to gbhackers.com

7AI Streamlines Security Operations With Autonomous AI Agents Cybereason co-founders launch their second act with a security startup focused offering a platform that uses agentic AI to offload repetitive tasks commonly performed by security analysts. Jeffrey Schwartz Go to gbhackers.com

Researcher Outsmarts, Jailbreaks OpenAI’s New o3-mini OpenAI’s latest tech can reason better than its previous models could, but not well enough to ferret out careful social engineering. Nate Nelson, Contributing Writer Go to gbhackers.com

DeepSeek Phishing Sites Pursue User Data, Crypto Wallets Riding the wave of notoriety from the Chinese company’s R1 AT chatbot, attackers are spinning up lookalike sites for different malicious use cases. Jai Vijayan, Contributing Writer Go to gbhackers.com

The Cyber Savanna: A Rigged Race You Can’t Win, but Must Run Anyway When it comes to protecting your company from cyberattacks, you don’t have to be the fastest gazelle — you just can’t afford to be the slowest. Boaz Barzel Go to gbhackers.com

Basket of Bank Trojans Defraud Citizens of East India Cheap banking scams are often easier to pull off in a country with older devices, fewer regulations, and experienced fraudsters. Nate Nelson, Contributing Writer Go to gbhackers.com

Why Cybersecurity Needs Probability — Not Predictions While probabilities may be based on subjective information, when used in an objective framework, they demonstrate an effective way to improve the value of hard decisions. Vishaal "V8" Hariprasad Go to gbhackers.com

Attackers Target Education Sector, Hijack Microsoft Accounts A sophisticated cyberattack campaign is targeting organizations that still rely on Active Directory Federation Services (ADFS) for authentication across applications and services. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com

Nigeria Touts Cyber Success, Even as Cybercrime Rises in Africa Organizations continue to be at high risk from cybercrime in Africa, despite law enforcement takedowns of cybercriminal syndicates in Nigeria and other African nations. Robert Lemos, Contributing Writer Go to gbhackers.com

How Are Modern Fraud Groups Using Gen AI and Deepfakes? Fraud groups are using AI and deepfake technology to scale up their operations to create fake identities and execute fraud campaigns. Jennifer Lawinski Go to gbhackers.com

Backline Tackles Enterprise Security Backlogs With AI The security startup’s autonomous security remediation platform uses off-the-shelf large language models (LLMs) to analyze security alerts and apply the fixes. Dark Reading Staff Go to gbhackers.com

Credential Theft Becomes Cybercriminals’ Favorite Target Researchers measured a threefold increase in credential stealing between 2023 and 2024, with more than 11.3 million such thefts last year. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

Ferret Malware Added to ‘Contagious Interview’ Campaign Targets are lured into a fake interview process that convinces them to download malware needed for a virtual interview. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

Cybercriminals Court Traitorous Insiders via Ransom Notes Ransomware actors are offering individuals millions to turn on their employers and divulge private company information, in a brand-new cybercrime tactic. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

Chinese ‘Infrastructure Laundering’ Abuses AWS, Microsoft Cloud Funnull CDN rents IPs from legitimate cloud service providers and uses them to host criminal websites, continuously cycling cloud resources in and out of use and acquiring new ones to stay ahead of cyber-defender detection. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com

Managing Software Risk in a World of Exploding Vulnerabilities Organizations and development teams need to evolve from “being prepared” to “managing the risk” of security breaches. Kirsten Newcomer Go to gbhackers.com

DNSFilter’s Annual Security Report Reveals Worrisome Spike in Malicious DNS Requests Go to gbhackers.com

EMEA CISOs Plan 2025 Cloud Security Investment Go to gbhackers.com

Interactive Online Training for Cybersecurity Professionals; Earn CPE Credits Go to gbhackers.com

‘Constitutional Classifiers’ Technique Mitigates GenAI Jailbreaks Anthropic says its Constitutional Classifiers approach offers a practical way to make it harder for bad actors to try and coerce an AI model off its guardrails. Jai Vijayan, Contributing Writer Go to gbhackers.com

AI Malware Dressed Up as DeepSeek Packages Lurk in PyPi Adversaries looking to ride the DeepSeek interest wave are taking advantage of developers in a rush to deploy the new technology, by using AI-generated malware against them. Becky Bracken, Senior Editor, Dark Reading Go to gbhackers.com

Name That Edge Toon: In the Cloud Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card. John Klossner Go to gbhackers.com

Ransomware Groups Weathered Raids, Profited in 2024 Cybercriminals posted nearly 6,000 breaches to data-leak sites last year — and despite significant takedowns, continued to thrive in a record-breaking year for ransomware. Robert Lemos, Contributing Writer Go to gbhackers.com

1-Click Phishing Campaign Targets High-Profile X Accounts In an attack vector that’s been used before, threat actors aim to commit crypto fraud by hijacking highly followed users, thus reaching a broad audience of secondary victims. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com

Proactive Vulnerability Management for Engineering Success By integrating security into CI/CD, applying automated policies, and supporting developers with the right processes and tools, infosec teams can increase efficiency and build secure software. Remi Yazigi Go to gbhackers.com

DeepSeek Jailbreak Reveals Its Entire System Prompt Now we know exactly how DeepSeek was designed to work, and we may even have a clue toward its highly publicized scandal with OpenAI. Nate Nelson, Contributing Writer Go to gbhackers.com

Community Health Center Data Breach Affects 1M Patients The CHC remains operational, but a host of personal data is now in the hands of a “skilled cybercriminal,” it said. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

DoJ Shutters Cybercrime Forums Behind Attacks on 17M Americans The “Cracked” and “Nulled” Dark Web sites are now offline, along with the Pakistani “Saim Raza” network of underground forums (aka HeartSender). Tara Seals, Managing Editor, News, Dark Reading Go to gbhackers.com

Tenable to Acquire Vulcan Cyber to Boost Exposure Management Focus The deal, expected to close this quarter, will give Tenable One Exposure Management much-needed integration with over 100 third-party security tools and platforms. Jeffrey Schwartz Go to gbhackers.com

State Data Privacy Regulators Are Coming. What Story Will You Tell Them? Regulators are ready to enforce new state data privacy laws. Here’s how experts say organizations can stay compliant and avoid penalties. Becky Bracken, Senior Editor, Dark Reading Go to gbhackers.com

Code-Scanning Tool’s License at Heart of Security Breakup Nine application security toolmakers band together to fork the popular Semgrep code-scanning project, touching off a controversy over access to features and fairness. Robert Lemos, Contributing Writer Go to gbhackers.com

Can AI & the Cyber Trust Mark Rebuild Endpoint Confidence? The Cyber Trust Mark has the potential to change how we define and measure security at the endpoint level. But potential isn’t enough. Chris "CT" Thomas Go to gbhackers.com

Healthcare Sector Charts 2 More Ransomware Attacks No ransomware groups have yet to claim responsibility for either attack, and both institutions have yet to reveal what may have been stolen. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

New Jailbreaks Allow Users to Manipulate GitHub Copilot Whether by intercepting its traffic or just giving it a little nudge, GitHub’s AI assistant can be made to do malicious things it isn’t supposed to. Nate Nelson, Contributing Writer Go to gbhackers.com

Exposure Management Provider CYE Acquires Solvo The addition of Solvo CSPM to CYE Hyver aims to address need for multicloud vulnerability monitoring and risk assessment. Jeffrey Schwartz Go to gbhackers.com

Fake Videos of Former First Lady Scam Namibians Amateurish financial scams are common across Africa, and Namibia’s influential former first lady, Monica Geingos, has emerged as a particularly effective host body for these messages. Nate Nelson, Contributing Writer Go to gbhackers.com

PrintNightmare Aftermath: Windows Print Spooler is Better. What’s Next? While Microsoft has boosted the security of Windows Print Spooler in the three years since the disclosure of the PrintNightmare vulnerability, the service remains a spooky threat that organizations cannot afford to ignore. Jai Vijayan, Contributing Writer Go to gbhackers.com

Researchers Uncover Lazarus Group Admin Layer for C2 Servers The threat actor is using a sophisticated network of VPNs and proxies to centrally manage command and control servers from Pyongyang. Jai Vijayan, Contributing Writer Go to gbhackers.com

Unpatched Zyxel CPE Zero-Day Pummeled by Cyberattackers VulnCheck initially disclosed the critical command-injection vulnerability (CVE-2024-40891) six months ago, but Zyxel has yet to mention its existence or offer users a patch to mitigate threats. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

Mirai Variant ‘Aquabot’ Exploits Mitel Device Flaws Yet another spinoff of the infamous DDoS botnet is exploiting a known vulnerability in active attacks, while its threat actors are promoting it on Telegram for other attackers to use as well, in a DDoS-as-a-service model. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com

The Old Ways of Vendor Risk Management Are No Longer Good Enough Managing third-party risk in the SaaS era demands a proactive, data-driven approach beyond checkbox compliance. Jatin Mannepalli Go to gbhackers.com

7 Tips for Strategically Saying “No” in Cybersecurity Cybersecurity can’t always be “Department of No,” but saying yes all the time is not the answer. Here is how to enable innovation gracefully without adding risk to the organization. Joan Goodchild Go to gbhackers.com

CrowdStrike Highlights Magnitude of Insider Risk The impetus for CrowdStrike’s new professional services came from last year’s Famous Chollima threat actors, which used fake IT workers to infiltrate organizations and steal data. Jeffrey Schwartz Go to gbhackers.com

Lynx Ransomware Group ‘Industrializes’ Cybercrime With Affiliates The ransomware group provides everything an affiliate could want to breach and attack victims, including a quality controlled recruitment system to engage even more criminals. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

OAuth Flaw Exposed Millions of Airline Users to Account Takeovers The now-fixed vulnerability involved a major travel services company that’s integrated with dozens of airline websites worldwide. Jai Vijayan, Contributing Writer Go to gbhackers.com

Phishing Campaign Baits Hook With Malicious Amazon PDFs In their discovery, researchers found 31 PDF files linking to these phishing websites, none of which have been yet submitted to VirusTotal. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

Super Bowl LIX Could Be a Magnet for Cyberattacks Concerns include everything from ransomware, malware, and phishing attacks on the game’s infrastructure to those targeting event sponsors and fans. Jai Vijayan, Contributing Writer Go to gbhackers.com

Cryptographic Agility’s Legislative Possibilities & Business Benefits Quantum computing will bring new security risks. Both professionals and legislators need to use this time to prepare. Keavy Murphy Go to gbhackers.com

Spectral Capital Files Quantum Cybersecurity Patent Go to gbhackers.com

IT-Harvest Launches HarvestIQ.ai Go to gbhackers.com

For $50, Cyberattackers Can Use GhostGPT to Write Malicious Code Malware writing is only one of the several malicious activities that adversaries can use the new, uncensored generative AI chatbot. Jai Vijayan, Contributing Writer Go to gbhackers.com

Change Healthcare Breach Impact Doubles to 190M People One of the largest data breaches in history was apparently twice as impactful as previously thought, with PII belonging to hundreds of millions of people sitting in the hands of cybercriminals. Nate Nelson, Contributing Writer Go to gbhackers.com

USPS Impersonators Tap Trust in PDFs in Smishing Attack Wave Attackers aim to steal people’s personal and payment-card data in the campaign, which dangles the threat of an undelivered package and has the potential to reach organizations in more than 50 countries. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com

Crisis Simulations: A Top 2025 Concern for CISOs CISOs are planning to adjust their budgets this year to reflect their growing concerns for cybersecurity preparedness in the event of a cyberattack. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

The Case for Proactive, Scalable Data Protection Whether you’re facing growing data demands and increased cyber threats, or simply looking to future-proof your business, it’s time to consider the long-term benefits of transitioning to a cloud-first infrastructure. Tom Ferrucci Go to gbhackers.com

CISOs Are Gaining C-Suite Swagger, but Has It Come With a Cost? The number of CISOs who report directly to the CEO is up sharply in recent years, but many still say it’s not enough to secure adequate resources. Becky Bracken, Senior Editor, Dark Reading Go to gbhackers.com

DoJ Busts Up Another Multinational DPRK IT Worker Scam A departmentwide initiative has now led to five major law enforcement actions, in an attempt to curb the increasingly common trend of North Korean hackers posing as IT job applicants. Nate Nelson, Contributing Writer Go to gbhackers.com

MITRE’s Latest ATT&CK Simulations Tackles Cloud Defenses The MITRE framework’s applied exercise provides defenders with critical feedback about how to detect and defend against common, but sophisticated, attacks. Robert Lemos, Contributing Writer Go to gbhackers.com

Cisco: Critical Meeting Management Bug Requires Urgent Patch The bug has been given a 9.9 CVSS score, and could allow authenticated threat actors to escalate their privileges to admin-level if exploited. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

3 Use Cases for Third-Party API Security Third-party API security requires a tailored approach for different scenarios. Learn how to adapt your security strategy to outbound data flows, inbound traffic, and SaaS-to-SaaS interconnections. Dionisio Zumerle Go to gbhackers.com

Strengthening Our National Security in the AI Era For the first time in a long while, the federal government and the software sector alike finally have the tools and resources needed to do security well — consistently and cost-effectively. Mike Arrowsmith Go to gbhackers.com

War Game Pits China Against Taiwan in All-Out Cyberwar At Black Hat and DEF CON, cybersecurity experts were asked to game out how Taiwan could protect its communications and power infrastructure in case of invasion by China. Nate Nelson, Contributing Writer Go to gbhackers.com

Tesla Gear Gets Hacked Multiple Times in Pwn2Own Contests The first team to successfully hack the electric vehicle maker’s charger won $50,000 for their ingenuity. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

CISA Calls For Action to Close the Software Understanding Gap Go to gbhackers.com

84% of Healthcare Organizations Spotted a Cyberattack in the Late Year Go to gbhackers.com

Automox Releases Endpoint Management With FastAgent Go to gbhackers.com

Omdia Finds Phishing Attacks Top Smartphone Security Concern for Consumers Go to gbhackers.com

Cloudflare CDN Bug Outs User Locations on Signal, Discord Attackers can use a zero- or one-click flaw to send a malicious image to targets — an image that can deanonymize a user within seconds, posing a threat to journalists, activists, hackers, and others whose locations are sensitive. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com

CISA: Ivanti Vulns Chained Together in Cyberattack Onslaught The threat actors are abusing the vulnerabilities to gain initial access, obtain credentials, and install malicious scripts on user devices. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

Black ‘Magic’ Targets Enterprise Juniper Routers With Backdoor Such routers typically lack endpoint detection and response protection, are in front of a firewall, and don’t run monitoring software like Sysmon, making the attacks harder to detect. Nate Nelson, Contributing Writer Go to gbhackers.com

Doti AI Launches Platform to Securely Find Enterprise Data The AI-powered work platform helps organizations securely identify and access internal enterprise data as part of business processes and workflows. Dark Reading Staff Go to gbhackers.com

Security Needs to Start Saying ‘No’ Again The rush to say ‘yes’ allows cybersecurity teams to avoid hard conversations with business stakeholders, but also risks losing their ability to effectively protect organizations. Joan Goodchild Go to gbhackers.com

Trump Overturns Biden Rules on AI Development, Security The new administration moved quickly to remove any constraints on AI development and collected $500 billion in investment pledges for an American-owned AI joint venture. Becky Bracken, Senior Editor, Dark Reading Go to gbhackers.com

Chinese Cyberspies Target South Korean VPN in Supply Chain Attack Advanced persistent threat group PlushDaemon, active since 2019, is using a sophisticated modular backdoor to collect data from infected systems in South Korea. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com

Trump Pardons ‘Silk Road’ Dark Web Drug Market Creator The pardon comes after 11 years in prison for Ross Ulbricht, who was sentenced to life without parole on several charges, including computer hacking, distribution of narcotics, and money laundering. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

Will 2025 See a Rise of NHI Attacks? The flurry of non-human identity attacks at the end of 2024 demonstrates extremely strong momentum heading into the new year. That does not bode well. Itzik Alvas Go to gbhackers.com

Mandatory MFA, Biometrics Make Headway in Middle East, Africa Despite lagging in technology adoption, African and Middle Eastern organizations are catching up, driven by smartphone acceptance and national identity systems. Robert Lemos, Contributing Writer Go to gbhackers.com

[Virtual Event]: Cybersecurity’s Most Promising New and Emerging Technologies Go to gbhackers.com

Trump Fires Cyber Safety Board Investigating Salt Typhoon Hackers In a letter sent today, the acting DHS secretary terminated membership to all advisory boards, including the Cyber Safety Review Board (CSRB) tasked with investigating state-sponsored cyber threats against the US. Becky Bracken, Senior Editor, Dark Reading Go to gbhackers.com

Email Bombing, ‘Vishing’ Tactics Abound in Microsoft 365 Attacks Sophos noted more than 15 attacks have been reported during the past three months. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

DONOT Group Deploys Malicious Android Apps in India The advanced persistent threat (APT) group is likely India-based and targeting individuals with connections to the country’s intelligence community. Jai Vijayan, Contributing Writer Go to gbhackers.com

HPE Investigates After Alleged Data Breach The company reports that it is not experiencing any operational issues within its business, so far. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com