Author: Kelly Sheridan Staff Editor, Dark Reading

A team of Microsoft researchers developed and trained a Siamese Neural Network to detect brand impersonation attacks.

Candiru sold spyware that exploited Windows vulnerabilities and had been used in attacks against dissidents, activists, and journalists.

The July Patch Tuesday release also includes the out-of-band fix for the Windows Print Spooler remote code execution flaw under attack.

Security teams spend as much time addressing false positive alerts as they do addressing actual cyberattacks, survey data shows.

RiskIQ’s technology helps businesses assess their security across the Microsoft cloud, Amazon Web Services, other clouds, and on-premises.

Microsoft Active Directory, ubiquitous across enterprises, has long been a primary target for attackers seeking network access and sensitive data.

As attackers use more synthetic media in social engineering campaigns, a new framework is built to describe threats and provide countermeasures.

Security researchers discuss how a series of simple and consistent mistakes helped them learn more about ITG18, better known as Charming Kitten.

IPO is the highest valued in cybersecurity history, according to reports.

Security experts share their observations of the past year in cybersecurity M&A, highlighting key trends and notable deals.

Organizations often focus on promoting best practices, CISA says, but stopping poor security practices is equally important.

Experts discuss the meaning of action bias and how it presents a threat to IT security leaders, practitioners, and users.

Some ransomware attackers use virtual machines to bypass security detection, but adoption is slow for the complicated technique.

Billions of records were found exposed this week due to unprotected databases owned by major corporations and third-party providers.

Security researchers find ransomware operators rely less on email and more on criminal groups for initial access into target networks.

Attackers had used the cloud-based infrastructure to target mailboxes and add forwarding rules to learn about financial transactions.

The group has re-emerged after a brief hiatus with a new email campaign threatening a DDoS attack against businesses that don’t pay ransom.

The new company, called Outseer, will continue to focus on payment authentication and fraud detection and analysis.

Incident responders share insight on the DarkSide ransomware group connected to the recent Colonial Pipeline ransomware attack.

Microsoft releases security patches for 55 vulnerabilities in its monthly roundup, which includes a critical, wormable flaw in the HTTP protocol stack.

As the massive US pipeline operator works to restore operations after a DarkSide ransomware attack late last week, experts say it’s a cautionary tale for critical infrastructure providers.

Researchers find differences in Kimsuky’s operations that lead them to divide the APT into two groups: CloudDragon and KimDragon.

The Have I Been Pwned founder took the virtual stage at Black Hat Asia to share stories about his work and industrywide challenges.

The Department of Defense expands its vulnerability disclosure program to include a broad range of new targets.

The FBI’s action to remove Web shells from compromised Microsoft Exchange Servers sparks a broader discussion about officials’ response to cyberattacks.

Incident responders who investigate attacks targeting Active Directory discuss methods used to gain entry, elevate privileges, and control target systems.

An 81-page report details how ransomware has evolved, along with recommendations on how to deter attacks and disrupt its business model.

Strata Identity was founded to change businesses’ approach to identity management as multicloud environments become the norm.

Google will fund two full-time Linux kernel developers to maintain and improve Linux security in the long term.

Also on Krebs’ radar: the cyber-response to COVID-19 and intelligence-sharing between private and public sectors.

APT31 cloned and reused a Windows-based hacking tool for years before Microsoft patched the vulnerability, researchers report.

Security researchers explore how criminals are expanding their arsenals with new, more subtle, and more effective ransomware attack techniques.

New SKUs in Standard and Premium preview beef up the security of the content delivery network platform.

An analysis of 2020 malware activity indicates businesses should be worried about internal hack tools, ransomware, and spyware in the year ahead.

Ransomware has begun to target data-heavy SaaS applications, open source, and Web and application frameworks.

Analysts who anticipate the SASE market will expand by more than a factor of five before 2025 explain reasons behind the surge.

Microsoft’s monthly security fixes addressed a Win32k zero-day, six publicly known flaws, and three bugs in the Windows TCP/IP stack.

Security researchers examine how and when Emotet’s operators may resurface, and the threats that could evolve in the meantime.