Dark Reading RSS Feed

• Russia-Linked Hackers Attack Japan's Govt, Ports 22 octubre, 2024
  Russia-linked hackers have taken aim at Japan, following its ramping up of military exercises with regional allies and the increase of its defense budget.
• Unmanaged Cloud Credentials Pose Risk to Half of Orgs 21 octubre, 2024
  These types of "long-lived" credentials pose a risk for users across all major cloud service providers, and must meet their very timely ends, researchers say.
• Cisco Disables DevHub Access After Security Breach 21 octubre, 2024
  The networking company confirms that cyberattackers illegally accessed data belonging to some of its customers.
• Internet Archive Gets Pummeled in Round 2 Breach 21 octubre, 2024
  This latest breach was through Zendesk, a customer service platform that the organization uses.
• Anti-Bot Services Help Cybercrooks Bypass Google 'Red Page' 21 octubre, 2024
  The emergence of novel anti-detection kits for sale on the Dark Web limit the effectiveness of a Chrome browser feature that warns users that they have reached a phishing page.
• Why I'm Excited About the Future of Application Security 21 octubre, 2024
  The future of application security is no longer about reacting to the inevitable — it's about anticipating and preventing attacks before they can cause damage.
• DPRK Uses Microsoft Zero-Day in No-Click Toast Attacks 21 octubre, 2024
  The "Code-on-Toast" supply chain cyberattacks by APT37 delivered data-stealing malware to users in South Korea who had enabled Toast pop-up ads.
• EU Adopts Cyber Resilience Act to Regulate Internet of Things 20 octubre, 2024
  The European Union adopted a new law setting EU-wide cybersecurity requirements for connected devices to ensure their safety.
• MacOS Safari 'HM Surf' Exploit Exposes Camera, Mic, Browser Data 18 octubre, 2024
  Microsoft researchers toyed with app permissions to uncover CVE-2024-44133, using it to access sensitive user data. Adware merchants may have as well.
• Time to Get Strict With DMARC 18 octubre, 2024
  Adoption of the email authentication and policy specification remains low, and only about a tenth of DMARC-enabled domains enforce policies. Everyone is waiting for major email providers to get strict.