How North Korean APT Kimsuky Is Evolving Its Tactics
Researchers find differences in Kimsuky’s operations that lead them to divide the APT into two groups: CloudDragon and KimDragon.
Read More How North Korean APT Kimsuky Is Evolving Its TacticsAuthor: Kelly Sheridan Staff Editor, Dark Reading
Troy Hunt: Organizations Make Security Choices Tough for Users
The Have I Been Pwned founder took the virtual stage at Black Hat Asia to share stories about his work and industrywide challenges.
Read More Troy Hunt: Organizations Make Security Choices Tough for UsersDoD Lets Researchers Target All Publicly Accessible Info Systems
The Department of Defense expands its vulnerability disclosure program to include a broad range of new targets.
Read More DoD Lets Researchers Target All Publicly Accessible Info SystemsDebating Law Enforcement’s Role in the Fight Against Cybercrime
The FBI’s action to remove Web shells from compromised Microsoft Exchange Servers sparks a broader discussion about officials’ response to cyberattacks.
Read More Debating Law Enforcement’s Role in the Fight Against CybercrimeResearchers Explore Active Directory Attack Vectors
Incident responders who investigate attacks targeting Active Directory discuss methods used to gain entry, elevate privileges, and control target systems.
Read More Researchers Explore Active Directory Attack VectorsRansomware Task Force Publishes Framework to Fight Global Threat
An 81-page report details how ransomware has evolved, along with recommendations on how to deter attacks and disrupt its business model.
Read More Ransomware Task Force Publishes Framework to Fight Global ThreatInside Strata’s Plans to Solve the Cloud Identity Puzzle
Strata Identity was founded to change businesses’ approach to identity management as multicloud environments become the norm.
Read More Inside Strata’s Plans to Solve the Cloud Identity PuzzleGoogle Invests in Linux Kernel Developers to Focus on Security
Google will fund two full-time Linux kernel developers to maintain and improve Linux security in the long term.
Read More Google Invests in Linux Kernel Developers to Focus on SecurityFormer CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Also on Krebs’ radar: the cyber-response to COVID-19 and intelligence-sharing between private and public sectors.
Read More Former CISA Director Chris Krebs Discusses Risk Management & Threat IntelChinese-Affiliated APT31 Cloned & Used NSA Hacking Tool
APT31 cloned and reused a Windows-based hacking tool for years before Microsoft patched the vulnerability, researchers report.
Read More Chinese-Affiliated APT31 Cloned & Used NSA Hacking Tool8 Ways Ransomware Operators Target Your Network
Security researchers explore how criminals are expanding their arsenals with new, more subtle, and more effective ransomware attack techniques.
Read More 8 Ways Ransomware Operators Target Your NetworkMicrosoft Azure Front Door Gets a Security Upgrade
New SKUs in Standard and Premium preview beef up the security of the content delivery network platform.
Read More Microsoft Azure Front Door Gets a Security UpgradeEnterprise Windows Threats Drop as Mac Attacks Rise: Report
An analysis of 2020 malware activity indicates businesses should be worried about internal hack tools, ransomware, and spyware in the year ahead.
Read More Enterprise Windows Threats Drop as Mac Attacks Rise: ReportRansomware Attackers Set Their Sights on SaaS
Ransomware has begun to target data-heavy SaaS applications, open source, and Web and application frameworks.
Read More Ransomware Attackers Set Their Sights on SaaSSASE Surge: Why the Market Is Poised to Grow
Analysts who anticipate the SASE market will expand by more than a factor of five before 2025 explain reasons behind the surge.
Read More SASE Surge: Why the Market Is Poised to GrowMicrosoft Fixes Windows Zero-Day in Patch Tuesday Rollout
Microsoft’s monthly security fixes addressed a Win32k zero-day, six publicly known flaws, and three bugs in the Windows TCP/IP stack.
Read More Microsoft Fixes Windows Zero-Day in Patch Tuesday RolloutEmotet Takedown: Short-Term Celebration, Long-Term Concerns
Security researchers examine how and when Emotet’s operators may resurface, and the threats that could evolve in the meantime.
Read More Emotet Takedown: Short-Term Celebration, Long-Term Concerns