Cyberattacks Are Now Increasingly Hands-On, Break Out More Quickly
Attackers are increasingly taking a hands-on approach to network intrusions, usually avoiding using malware; they have also reduced the time it takes to move from an initial compromise to...
To Ease the Cybersecurity Worker Shortage, Broaden the Candidate Pipeline
I've been in the tech industry for 25 years, almost all in cybersecurity. I've held security leadership positions for well over a decade, including the 18 months as head...
SparklingGoblin Updates Linux Version of SideWalk Backdoor in Ongoing Cyber Campaign
A new Linux version of the SideWalk backdoor has been deployed against a Hong Kong university in a persistent attack that's compromised multiple servers key to the institution's network...
Attackers Can Compromise Most Cloud Data in Just 3 Steps
Companies and their cloud providers often leave vulnerabilities open in their system and services, gifting attackers with an easy path to gain access to critical data.
According to an Orca Security analysis...
Lorenz Ransomware Goes After SMBs via Mitel VoIP Phone Systems
A ransomware gang has been seen using a unique initial-access tactic to exploit a vulnerability in voice-over-IP (VoIP) appliances to breach corporate phone systems, before pivoting to corporate networks...
Name That Toon: Shiver Me Timbers!
Avast ye! Come up with a cybersecurity-themed caption for the cartoon, above, and if it's Dark Reading editors' favorite, you'll win a $25 Amazon gift card. We offer four convenient ways for...
ShadowPad Threat Actors Return With Fresh Government Strikes, Updated Tools
A threat group previously associated with the notorious ShadowPad remote access Trojan (RAT) has been observed using old and outdated versions of popular software packages to load malware on...
Google Releases Pixel Patches for Critical Bugs
A pair of critical security vulnerabilities in Google's Pixel mobile phone line could lead to privilege escalation and device takeover.
The Pixel bugs, tracked as CVE-2022-20231 and CVE-2022-20364, are in the...
Google Completes Acquisition of Mandiant
MOUNTAIN VIEW, Calif., and RESTON, Va., Sept. 12, 2022 /PRNewswire/ — Google LLC today announced the completion of its acquisition of Mandiant Inc. (NASDAQ: MNDT),
a recognized leader in dynamic...
Cisco Data Breach Attributed to Lapsus$ Ransomware Group
A month after confirming its systems were breached, networking giant Cisco reported that the attack was a failed ransomware attempt conducted on behalf of the Lapsus$ group.
The cybercriminals obtained access...
