Malware Campaign Hides in Resumes and Medical Leave Forms
The campaigns have been part of the overall increase in coronavirus-related malware activity.
Author Archives: Dark Reading Staff
Microsoft Office Files Most Popular for Exploit Tests
A new report examines attacker methodologies to better understand how exploit testing is conducted in the wild.
Google Faces $5B Lawsuit for Tracking Users in Incognito Mode
A proposed class-action lawsuit accuses Google of collecting browser data from people who used "private" mode.
Old Spreadsheet Macro Tech Newly Popular with Criminals
A 30-year-old macro technology for Microsoft Excel is finding new popularity as a cybersecurity attack vector.
Amtrak Breach Rolls Over Frequent Travelers
The breach exposed usernames and passwords of an undisclosed number of program members.
Thycotic Buys Onion ID to Extend PAM Portfolio
The acquisition brings three new products into Thycotic's privileged access management lineup.
26 IoT Flaws Enable Denial-of-Service Attacks, Privilege Escalation
Research details vulnerabilities in the Zephyr Real Time Operating Systems and MCUboot, both used in IoT devices and sensors.
Bank of America Security Incident Affects PPP Applicants
The incident occurred when Paycheck Protection Program applications were uploaded to a test platform and accidentally shared.
Cisco Announces Patches to SaltStack
The patches came after Cisco was notified by the Salt Open Core team that the vulnerabilities and updates were available.
Zscaler Buys Edge Networks
The acquisition is Zscaler's second major buy this quarter.
NSA Warns Russia’s ‘Sandworm’ Group Is Targeting Email Servers
The Russian military group has been exploiting a flaw in the Exim mail transfer agent since last August, the NSA reports.
Cloud Security Architect Proves Hardest Infosec Role to Fill
Nearly 70% of businesses struggle to recruit, hire, and retain cybersecurity talent, and many link security incidents to lack of skills.
HackerOne Bounties Hit $100M Milestone
The bug-hunting platform has now paid more than $100 million in bounties since October 2013.
Americans Care About Security But Don’t Follow Through
Most Americans say they're very concerned about online security but still behave in insecure ways, according to a new survey.
World Leaders Urge Action Against Healthcare Cyberattacks
The global call to end cybercrime targeting healthcare facilities has been signed by government leaders and Nobel laureates.
Hackers Serve Up Stolen Credentials from Home Chef
Some 8 million of the meal delivery company's customer records have been offered for sale on the Dark Web.
Offers to Sell Enterprise Network Access Surge on Dark Web
In contrast, Q1 2019 saw more interest in selling and buying access to individual servers.
Microsoft Warns of Vulnerability Affecting Windows DNS Server
A new security advisory addresses a vulnerability that could be exploited to cause a denial-of-service attack.
COVID-19: Latest Security News & Commentary
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
Google Chrome Redesign Puts Security & Privacy in Users’ Hands
The Chrome browser will tell users if their browser is up to date, malicious extensions are installed, and/or a password has been compromised.
EasyJet Sees 9 Million Customer Email Addresses Stolen
More than 2,000 customers also had credit card information taken in the attack.
Private Equity Firm Stalls $1.9B Forescout Acquisition
Officials say "there can be no assurance" Forescout and Advent International will reach an agreement, though talks are ongoing.
Templates Make Coronavirus Phishing Campaigns Easy
Ready-made website templates make it simple for criminals to create fake government and NGO websites for COVID-19-related phishing campaigns.
Microsoft Open Sources Its Coronavirus Threat Data
Microsoft's COVID-19 intelligence will be made publicly available to help businesses fight virus-related security threats.