Category: darkreading

Mirai Botnet Spinoffs Unleash Global Wave of DDoS Attacks Two separate campaigns are targeting flaws in various IoT devices globally, with the goal of compromising them and propagating malware worldwide. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com

Why CISOs Must Think Clearly Amid Regulatory Chaos Even as the rule book changes, the profession of the CISO remains unchanged: protecting their organization in a world of constant, continually evolving threats. Marene Allison Go to gbhackers.com

Name That Toon: Incentives Feeling creative? Have something to say about cybersecurity? Submit your caption and our panel of experts will reward the winner with a $25 gift card. John Klossner Go to gbhackers.com

US Ban on Automotive Components Could Curb Supply Chain The US Department of Commerce will prohibit the import of components for connected vehicles from China or Russia, as the US continues to ban technology it sees as potential national security threats. Robert Lemos, Contributing Writer Go to gbhackers.com

Has the TikTok Ban Already Backfired on US Cybersecurity? The Supreme Court has affirmed TikTok’s ban in the US, which has its users in revolt and is creating a whole new set of national cybersecurity concerns. Becky Bracken, Senior Editor, Dark Reading Go to gbhackers.com

Employees Enter Sensitive Data Into GenAI Prompts Far Too Often The propensity for users to enter customer data, source code, employee benefits information, financial data, and more into ChatGPT, Copilot, and others is racking up real risk for enterprises. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

15K Fortinet Device Configs Leaked to the Dark Web The stolen firewall data is thorough but more than 2 years old now, meaning that most organizations following even basic security practices face minimal risk, hopefully. Nate Nelson, Contributing Writer Go to gbhackers.com

Leveraging Behavioral Insights to Counter LLM-Enabled Hacking As LLMs broaden access to hacking and diversify attack strategies, understanding the thought processes behind these innovations will be vital for bolstering IT defenses. Aybars Tuncdogan, Oguz A. Acar Go to gbhackers.com

Russian APT Phishes Kazakh Gov’t for Strategic Intel A highly targeted cyber-intelligence campaign adds fuel to the increasingly complex relationship between the two former Soviet states. Nate Nelson, Contributing Writer Go to gbhackers.com

Biden’s Cybersecurity EO Leaves Trump a Comprehensive Blueprint for Defense New order mandates securing the federal software supply chain and communications networks, as well as deploying AI tools to protect critical infrastructure from cyberattacks — but will the Trump administration follow through? Becky Bracken, Senior Editor, Dark Reading Go to gbhackers.com

Strategic Approaches to Threat Detection, Investigation & Response By staying vigilant, agile, and prepared, organizations can turn TDIR from a defensive strategy into a proactive enabler of security and operational excellence. Sameer Bhanushali Go to gbhackers.com

Risk, Reputational Scores Enjoy Mixed Success as Security Tools Part predictive analysis, part intuition, risk and reputation services are imperfect instruments at best — and better than nothing for most organizations and insurers. Robert Lemos, Contributing Writer Go to gbhackers.com

Trusted Apps Sneak a Bug Into the UEFI Boot Process Seven system recovery programs contained what amounted to a backdoor for injecting any untrusted file into the system startup process. Nate Nelson, Contributing Writer Go to gbhackers.com

Attackers Hijack Google Advertiser Accounts to Spread Malware It’s an especially brazen form of malvertising, researchers say, striking at the heart of Google’s business; the tech giant says it’s aware of the issue and is working quickly to address the problem. Jai Vijayan, Contributing Writer Go to gbhackers.com

CISA: Second BeyondTrust Vulnerability Added to KEV Catalog BeyondTrust has patched all cloud instances of the vulnerability and has released patches for self-hosted versions. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

Extension Poisoning Campaign Highlights Gaps in Browser Security Evidence suggests that some of the payloads and extensions may date as far back as April 2023. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com

North Korea’s Lazarus APT Evolves Developer-Recruitment Attacks “Operation 99” uses job postings to lure freelance software developers into downloading malicious Git repositories. From there, malware infiltrates developer projects to steal source code, secrets, and cryptocurrency. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com

OWASP’s New LLM Top 10 Shows Emerging AI Threats Ultimately, there is no replacement for an intuitive, security-focused developer working with the critical thinking required to drive down the risk of both AI and human error. Matias Madou Go to gbhackers.com

As Tensions Mount With China, Taiwan Sees Surge in Cyberattacks In 2024, the Taiwanese government saw the daily average of attempted attacks by China double to 2.4 million, with a focus on government targets and telecommunications firms. Robert Lemos, Contributing Writer Go to gbhackers.com

Microsoft Rings in 2025 With Record Security Update Company has issued patches for an unprecedented 159 CVEs, including eight zero-days, three of which attackers are already exploiting. Jai Vijayan, Contributing Writer Go to gbhackers.com

Apple Bug Allows Root Protections Bypass Without Physical Access Emergent macOS vulnerability lets adversaries circumvent Apple’s System Integrity Protection (SIP) by loading third-party kernels. Becky Bracken, Senior Editor, Dark Reading Go to gbhackers.com

FBI Wraps Up Eradication Effort of Chinese ‘PlugX’ Malware Two hacker groups were paid to develop malware targeting victims in the US, Europe, and Asia, as well as various Chinese dissident groups. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

Zero-Day Security Bug Likely Fueling Fortinet Firewall Attacks An ongoing campaign targeting FortiGate devices with management interfaces exposed on the public Internet is leading to unauthorized administrative logins and configuration changes, creating new accounts, and performing SSL VPN authentication. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com

New Startups Focus on Deepfakes, Data-in-Motion & Model Security In times of unprecedented change, innovative mindsets and attentiveness of startup culture make for a community everyone can leverage to understand the world and guard against its dangers. Paul Shomo Go to gbhackers.com

CISA Releases the Cybersecurity Performance Goals Adoption Report Go to gbhackers.com

K2 Secures Navy SeaPort Next Generation Contract Go to gbhackers.com

Microsoft Cracks Down on Malicious Copilot AI Use According to the tech giant, it has observed a threat group seeking out vulnerable customer accounts using generative AI, then creating tools to abuse these services. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

Grupo Bimbo Ventures Announces Investment in NanoLock Security Go to gbhackers.com

Cloud Attackers Exploit Max-Critical Aviatrix RCE Flaw The security vulnerability tracked as CVE-2024-50603, which rates 10 out of 10 on the CVSS scale, enables unauthenticated remote code execution on affected systems, which cyberattackers are using to plant malware. Jai Vijayan, Contributing Writer Go to gbhackers.com

Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results Threat actors are targeting people searching for pirated or cracked software with fake downloaders that include infostealing malware such as Lumma and Vidar. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com

Telefonica Breach Exposes Jira Tickets, Customer Data The Hellcat ransomware group has stolen roughly 5,000 documents, potentially containing confidential information, from the telecom giant’s internal database. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

The Shifting Landscape of Open Source Security By focusing on vigilant security practices, responsible AI deployment, and alignment with global regulatory standards, the OSS community can make 2025 a transformative year for security. Christopher Robinson Go to gbhackers.com

Threat Actors Exploit a Critical Ivanti RCE Bug, Again New year, same story. Despite Ivanti’s commitment to secure-by-design principles, threat actors — possibly the same ones as before — are exploiting its edge devices for the nth time. Nate Nelson, Contributing Writer Go to gbhackers.com

China’s UNC5337 Exploits a Critical Ivanti RCE Bug, Again New year, same story. Despite Ivanti’s commitment to secure-by-design principles, Chinese threat actors are exploiting its edge devices for the nth time. Nate Nelson, Contributing Writer Go to gbhackers.com

Fake CrowdStrike ‘Job Interviews’ Become Latest Hacker Tactic Cybercriminals are luring victims into downloading the XMRig cryptomining malware via convincing emails, inviting them to schedule fake interviews using a malicious link. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

Russia Carves Out Commercial Surveillance Success Globally Growing sales of the System for Operative Investigative Activities (SORM), a Russian wiretapping platform, in Central Asia and Latin American suggests increasing risks for Western businesses. Robert Lemos, Contributing Writer Go to gbhackers.com

The Path Toward Championing Diversity in Cybersecurity Education To build a truly inclusive and diverse cybersecurity workforce, we need a comprehensive approach beyond recruitment and retention. Laurie Salvail Go to gbhackers.com

Chinese APT Group Is Ransacking Japan’s Secrets Since 2019, MirrorFace has been stealing information from myriad Japanese organizations to gain leverage over Japan in the event of hostilities between the two countries, experts said. Becky Bracken, Senior Editor, Dark Reading Go to gbhackers.com

Banshee 2.0 Malware Steals Apple’s Encryption to Hide on Macs The most recent iteration of the open source infostealer skates by antivirus programs on Macs, using an encryption mechanism stolen from Apple’s own antivirus product. Nate Nelson, Contributing Writer Go to gbhackers.com

Hacking Group ‘Silk Typhoon’ Linked to US Treasury Breach The attack used a stolen remote support SaaS API key to exfiltrate data from workstations in the Treasury Department’s Office of Foreign Assets Control. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

New AI Challenges Will Test CISOs & Their Teams in 2025 CISOs need to recognize the new threats AI can present — while also embracing AI-powered solutions to stay ahead of those threats. Josh Lemos Go to gbhackers.com

India Readies Overhauled National Data Privacy Rules The country awaits implementation guidelines for a framework that gives Indians greater autonomy and security over their personal data — and recognizes a right to personal privacy. Nate Nelson, Contributing Writer Go to gbhackers.com

Zivver Report Reveals Critical Challenges in Email Security for 2025 Go to gbhackers.com

Trend Micro and Intel Innovate to Weed Out Covert Threats Go to gbhackers.com

CrowdStrike Achieves FedRAMP Authorization for New Modules Go to gbhackers.com

Fed ‘Cyber Trust’ Label: Good Intentions That Fall Short The voluntary program is intended to boost consumer confidence in vulnerable IoT devices, but experts want to see vendors held to a higher standard. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

Palindrome Technologies Approved as Cybersecurity Label Administrator for FCC’s IoT Program Go to gbhackers.com

New Docuseries Spotlights Hackers Who Shaped Cybersecurity “Where Warlocks Stay Up Late” project speaks to hackers who have played pivotal roles in shaping the field of cybersecurity. The video interviews are complemented by an encyclopedia and an anthropological map. Andrada Fiscutean Go to gbhackers.com

Unconventional Cyberattacks Aim to Take Over PayPal Accounts Attackers are abusing a Microsoft 365 feature to send payment requests to users, tricking them into logging in to their accounts so attackers can seize control over them. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com

Best Practices & Risks Considerations in LCNC and RPA Automation Low-code/no-code (LCNC) and robotic process automation (RPA) technologies allow companies to speed up development processes and reduce costs, but security is often overlooked. When this happens, the risks can outweigh the benefits. Jordan Bonagura Go to gbhackers.com

Ransomware Targeting Infrastructure Hits Telecom Namibia The southern African telco is the latest entity on the continent to have its critical infrastructure hacked, and attackers release sensitive info online when Telecom Namibia refuses to negotiate. Robert Lemos, Contributing Writer Go to gbhackers.com

Sharing of Telegram User Data Surged After CEO Arrest Until September 2024, the encrypted messaging service acceded to 14 requests for user data from the US; that number jumped to 900 after its CEO was detained by French authorities in August. Becky Bracken, Senior Editor, Dark Reading Go to gbhackers.com

Pentagon Adds Chinese Gaming Giant Tencent to Federal Ban The sprawling social media and gaming platform says that being considered a Chinese military business must be a mistake. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

CISA: Third-Party Data Breach Limited to Treasury Dept. The breach was carried out by exploiting CVE-2024-12356 in BeyondTrust cybersecurity company, just last week. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

PhishWP Plug-in Hijacks WordPress E-Commerce Checkouts The malware, found on a Russian cybercriminal site, impersonates e-commerce payment-processing services such as Stripe to steal user payment data from legitimate websites. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com

Name That Edge Toon: Greetings and Salutations Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card. John Klossner Go to gbhackers.com

Cybercriminals Don’t Care About National Cyber Policy We can’t put defense on hold until Inauguration Day. Christy Wyatt Go to gbhackers.com

Veracode Buys Package Analysis Technology From Phylum The deal adds Phylum’s technology for malicious package analysis, detection, and mitigation to Veracode’s software composition analysis portfolio. Fahmida Y. Rashid Go to gbhackers.com

In Appreciation: Amit Yoran, Tenable CEO, Passes Away Cybersecurity industry visionary and renowned executive Amit Yoran has passed away after an almost one-year battle with cancer. Dark Reading Staff Go to gbhackers.com

FireScam Android Spyware Campaign Poses ‘Significant Threat Worldwide’ A fake Telegram Premium app delivers information-stealing malware, in a prime example of the rising threat of adversaries leveraging everyday applications, researchers say. Becky Bracken, Senior Editor, Dark Reading Go to gbhackers.com

China’s Salt Typhoon Adds Charter, Windstream to Telecom Victim List These latest attacks follow a long string of cyberattacks and breaches targeting US and global telecom and ISP companies. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

EagerBee Backdoor Takes Flight Against Mideast ISPs, Government Targets The malware, operated by China-backed cyberattackers, has been significantly fortified with new evasive and post-infection capabilities. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com

IoT’s Regulatory Reckoning Is Overdue New security regulations are more than compliance hurdles — they’re opportunities to build better products, restore trust, and lead the next chapter of innovation. Carsten Rhod Gregersen Go to gbhackers.com

Thousands of Buggy BeyondTrust Systems Remain Exposed Weeks after the critical vulnerability was reported and a hacking of the Treasury Department, nearly 9,000 BeyondTrust instances remain wide open to the Internet, researchers say. Becky Bracken, Senior Editor, Dark Reading Go to gbhackers.com

New HIPAA Cybersecurity Rules Pull No Punches Healthcare organizations of all shapes and sizes will be held to a stricter standard of cybersecurity starting in 2025 with new proposed rules, but not all have the budget for it. Nate Nelson, Contributing Writer Go to gbhackers.com

Treasury Dept. Sanctions Chinese Tech Vendor for Complicity Integrity Technology Group was found complicit with Flax Typhoon as part of a broader Chinese strategy to infiltrate the IT systems of US critical infrastructure. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

Apple Offers $95M to Settle Siri Privacy Lawsuit The proposed settlement would amount to roughly $20 per Apple product that has Siri enabled, for each plaintiff. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

Why Small Businesses Can’t Rely Solely on AI to Combat Threats The growing complexity of cyber threats, paired with limited resources, makes it essential for companies to adopt a more comprehensive approach that combines human vigilance with AI’s capabilities. John Mutuski Go to gbhackers.com

Chrome Extension Compromises Highlight Software Supply Challenges The Christmas Eve compromise of data-security firm Cyberhaven’s Chrome extension spotlights the challenges in shoring up third-party software supply chains. Robert Lemos, Contributing Writer Go to gbhackers.com

Proposed HIPAA Amendments Will Close Healthcare Security Gaps The changes to the healthcare privacy regulation with technical controls such as network segmentation, multi-factor authentication, and encryption. The changes would strengthen cybersecurity protections for electronic health information and address evolving threats against healthcare entities. Fahmida Y. Rashid Go to gbhackers.com

CDAO Sponsors Crowdsourced AI Assurance Pilot in the Context of Military Medicine Go to gbhackers.com

UN General Assembly Adopts Cybercrime Treaty Go to gbhackers.com

Unpatched Active Directory Flaw Can Crash Any Microsoft Server Windows servers are vulnerable to a dangerous LDAP vulnerability that could be used to crash multiple servers at once and should be patched immediately. Becky Bracken, Senior Editor, Dark Reading Go to gbhackers.com

VicOne and Zero Day Initiative (ZDI) to Lead Pwn2Own Automotive Go to gbhackers.com

US Soldier Arrested in Verizon, AT&T Hacks Wagenius posted about hacking more than 15 telecom providers on the Telegram messaging service. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

Volkswagen Breach Exposes Data of 800K EV Customers Ethical hacking group Chaos Computer Club uncovered exposed data of electrical vehicle owners across the company’s VW, Audi, Seat, and Skoda brands. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

‘Bad Likert Judge’ Jailbreak Bypasses Guardrails of OpenAI, Other Top LLMs A novel technique to stump artificial intelligence (AI) text-based systems increases the likelihood of a successful cyberattack by 60%. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com

Managing Cloud Risks Gave Security Teams a Big Headache in 2024 The results of Dark Reading’s 2024 Strategic Security survey suggest that security teams continue to grapple with the challenges that come with increased cloud adoption such as data visibility and loss of controls. Managing cloud risks will be a focus for security teams in…

Cybersecurity Lags in Middle East Business Development The fast growing region has its own unique cyber issues — and it needs its own talent to fight them. Partha Gopalakrishnan Go to gbhackers.com

6 AI-Related Security Trends to Watch in 2025 AI tools will enable significant productivity and efficiency benefits for organizations in the coming year, but they also will exacerbate privacy, governance, and security risks. Jai Vijayan, Contributing Writer Go to gbhackers.com

Chinese State Hackers Breach US Treasury Department In what’s being called a ‘major cybersecurity incident,’ Beijing-backed adversaries broke into cyber vendor BeyondTrust to access US Department of Treasury workstations and steal unclassified data, according to a letter sent to lawmakers. Becky Bracken, Senior Editor, Dark Reading Go to gbhackers.com

How to Get the Most Out of Cyber Insurance Cyber insurance should augment your cybersecurity strategy — not replace it. Rita Gurevich Go to gbhackers.com

What Security Lessons Did We Learn in 2024? Proactive defenses, cross-sector collaboration, and resilience are key to combating increasingly sophisticated threats. Joan Goodchild Go to gbhackers.com

Deepfakes, Quantum Attacks Loom Over APAC in 2025 Organizations in the region should expect to see threat actors accelerate their use of AI tools and mount ongoing “harvest now, decrypt later” attacks for various malicious use cases. Jai Vijayan, Contributing Writer Go to gbhackers.com

Defining & Defying Cybersecurity Staff Burnout Sometimes it feels like burnout is an inevitable part of working in cybersecurity. But a little bit of knowledge can help you and your staff stay healthy. Karen Spiegelman, Features Editor Go to gbhackers.com

Hackers Are Hot for Water Utilities The US water sector suffered a stream of cyberattacks over the past year and half, from a mix of cybercriminals, hacktivists, and nation-state hacking teams. Here’s how the industry and ICS/OT security experts are working to better secure vulnerable drinking and wastewater utilities. Kelly Jackson Higgins, Editor-in-Chief, Dark Reading…

Quantum Computing Advances in 2024 Put Security In Spotlight The work on quantum computing hit some major milestones in 2024, making the path to a workable quantum computer seem closer than ever. Google, Microsoft, and other research efforts hit significant milestones this year, but is the cybersecurity world ready? Robert Lemos, Contributing Writer Go to…

SEC Disclosures Up, But Not Enough Details Provided While companies have responded to the new SEC rules by disclosing incidents promptly, many of the reports don’t meet the SEC’s “material” standard. Fahmida Y. Rashid Go to gbhackers.com

Emerging Threats & Vulnerabilities to Prepare for in 2025 From zero-day exploits to 5G network vulnerabilities, these are the threats that are expected to persist over the next 12 months. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

DDoS Attacks Surge as Africa Expands Its Digital Footprint As organizations on the continent expand their use of digital technologies, they increasingly face many of the same threats that entities in other regions have had to deal with for years. Jai Vijayan, Contributing Writer Go to gbhackers.com

Too Much ‘Trust,’ Not Enough ‘Verify’ “Zero trust” doesn’t mean “zero testing.” Rob Sloan, Sam Curry Go to gbhackers.com

Trump 2.0 Portends Big Shift in Cybersecurity Policies Changes at CISA and promises of more public-private partnerships and deregulation are just a few ways the incoming administration could upend the feds’ role in cybersecurity. Becky Bracken, Senior Editor, Dark Reading Go to gbhackers.com

DNSSEC Denial-of-Service Attacks Show Technology’s Fragility The security extensions for the Domain Name System aimed to make the Internet more reliable, but instead the technology has exchanged one set of problems for another. Robert Lemos, Contributing Writer Go to gbhackers.com

Non-Human Identities Gain Momentum, Requires Both Management, Security The number of Non-Human Identities (NHIs) in many organizations has exploded. Key trends, drivers, and market landscape in this fast-developing area are explored. Don Tait Go to gbhackers.com

How CISOs Can Communicate With Their Boards Effectively With the increased frequency of board reporting, CISOs need to ensure their interactions are brief, productive, and valuable. Harold Rivas Go to gbhackers.com

Middle East Cyberwar Rages On, With No End in Sight Since October 2023, cyberattacks among countries in the Middle East have persisted, fueled by the conflict between Israel and Hamas, reeling in others on a global scale. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com

LockBit Ransomware Developer Arrested in Israel Dual Russian-Israeli national Rostislav Panev was arrested last August and is facing extradition to the US for playing a critical role in LockBit’s RaaS activities, dating back to the ransomware gang’s origins. Becky Bracken, Senior Editor, Dark Reading Go to gbhackers.com

How to Protect Your Environment from the NTLM Vulnerability This Tech Tip outlines what enterprise defenders need to do to protect their enterprise environment from the new NTLM vulnerability. Roy Akerman Go to gbhackers.com

US Ban on TP-Link Routers More About Politics Than Exploitation Risk While a number of threat groups have used TP-Link bugs to infiltrate networks, a proposed ban of the company’s popular routers is more about geopolitics than actual cybersecurity — and that may not be a bad thing. Robert Lemos, Contributing Writer Go to gbhackers.com

How Nation-State Cybercriminals Are Targeting the Enterprise Combating nation-state threat actors at the enterprise level requires more than just cyber readiness and investment — it calls for a collaborative effort. Adam Finkelstein Go to gbhackers.com