Skip to main content

Darkreading.com: Latest Cybersecurity News

"Iranian APT targets U.S. with Drokbk Spyware via GitHub."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 09 December 2022, 2005 UTC.  Content provided by "Darkreading.com."

Source:  https://www.darkreading.com/latest/news

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

NEWS

spyglass magnifying rainbow colored computer code
Iranian APT Targets US With Drokbk Spyware via GitHub
The custom malware used by the state-backed Iranian threat group Drokbk has so far flown under the radar by using GitHub as a "dead-drop resolver" to more easily evade detection.
Dark Reading Logo
by Nathan Eddy, Contributing Writer, Dark Reading
December 09, 2022
THREAT INTELLIGENCE
4 MIN READ
Article Icon
ARTICLE
Network Security Concept Crypto Binary Particle Closeup - Abstract Background Texture
Google: Use SLSA Framework for Better Software Security
Security leaders also need to take a more holistic approach to addressing supply chain risks, company says in new research report.
Jai Vijayan
by Jai Vijayan, Contributing Writer, Dark Reading
December 09, 2022
APPLICATION SECURITY
4 MIN READ
Article Icon
ARTICLE
A black knight chess piece faces off against three white pieces
3 Ways Attackers Bypass Cloud Security
At Black Hat Europe, a security researcher details the main evasion techniques attackers are currently using in the cloud.
Kelly Jackson Higgins Headshot
by Kelly Jackson Higgins, Editor-in-Chief, Dark Reading
December 08, 2022
CLOUD
3 MIN READ
Article Icon
ARTICLE
police first responder ransomware cyber threats
Lack of Cybersecurity Expertise Poses Threat for Public-Safety Orgs
More than three-quarters of police and emergency responders worry about ransomware attacks and data leaks, while their organizations lag behind in technology adoption.
Robert Lemos Headshot
by Robert Lemos, Contributing Writer, Dark Reading
December 08, 2022
REMOTE WORKFORCE
3 MIN READ
Article Icon
ARTICLE
Report: Air-Gapped Networks Vulnerable to DNS Attacks
Report: Air-Gapped Networks Vulnerable to DNS Attacks
Common mistakes in network configuration can jeopardize the security of highly protected assets and allow attackers to steal critical data from the enterprise.
headshot of Elizabeth Montalbano
by Elizabeth Montalbano, Contributor, Dark Reading
December 08, 2022
ATTACKS/BREACHES
5 MIN READ
Article Icon
ARTICLE
mobile phone charger with innards hanging out, on brown paper background
Hacker Fails for the Win
Security researchers share their biggest initial screwups in some of their key vulnerability discoveries.
Kelly Jackson Higgins Headshot
by Kelly Jackson Higgins, Editor-in-Chief, Dark Reading
December 07, 2022
VULNERABILITIES/THREATS
3 MIN READ
Article Icon
ARTICLE
Cloud Computing Ransomware Cyber Security concept 3d illustration
Rackspace Incident Highlights How Disruptive Attacks on Cloud Providers Can Be
A ransomware attack on the company's Hosted Exchange environment disrupted email for thousands of mostly small and midsize businesses.
Jai Vijayan
by Jai Vijayan, Contributing Writer, Dark Reading
December 07, 2022
CLOUD
5 MIN READ
Article Icon
ARTICLE
Shopping fraud and invalid traffic
Fraudsters Siphon $360M From Retailers Using 50M Fake Shoppers
Cyberattackers focused on ad fraud and clickjacking stole millions during Black Friday by hijacking shopper accounts and tying up transactions.
Robert Lemos Headshot
by Robert Lemos, Contributing Writer, Dark Reading
December 07, 2022
THREAT INTELLIGENCE
4 MIN READ
Article Icon
ARTICLE
Zerobot Weaponizes Numerous Flaws in Slew of IoT Devices
Zerobot Weaponizes Numerous Flaws in Slew of IoT Devices
The botnet exploits flaws in various routers, firewalls, network-attached storage, webcams, and other products and allows attackers to take over affected systems.
headshot of Elizabeth Montalbano
by Elizabeth Montalbano, Contributor, Dark Reading
December 07, 2022
REMOTE WORKFORCE
3 MIN READ
Article Icon
ARTICLE
Endpoint Security Platform - Cloud-based Endpoint Protection Concept
For Cyberattackers, Popular EDR Tools Can Turn into Destructive Data Wipers
Microsoft, three others release patches to fix a vulnerability in their respective products that enables such manipulation. Other EDR products potentially are affected as well.
Jai Vijayan
by Jai Vijayan, Contributing Writer, Dark Reading
December 07, 2022
VULNERABILITIES/THREATS
4 MIN READ
Article Icon
ARTICLE
Illustration of a keyhole filled with red glowing 1s and 0s, against a background of blue-green floating 1s and 0s
Shift to Memory-Safe Languages Gains Momentum
Software firms and the National Security Agency urge developers to move to memory-safe programming languages to eliminate a major source of high-severity flaws.
Robert Lemos Headshot
by Robert Lemos, Contributing Writer, Dark Reading
December 06, 2022
APPLICATION SECURITY
4 MIN READ
Article Icon
ARTICLE
concept illustration of diplomatic relations between russia and ukraine flag using flags of both countries
Russian Actors Use Compromised Healthcare Networks Against Ukrainian Orgs
Victims include at least 15 healthcare organizations, one Fortune 500 company, and other organizations in multiple countries, security vendor says.
Jai Vijayan
by Jai Vijayan, Contributing Writer, Dark Reading
December 06, 2022
THREAT INTELLIGENCE
4 MIN READ
Article Icon
ARTICLE
cyberattack art
Machine Learning Models: A Dangerous New Attack Vector
Threat actors can weaponize code within AI technology to gain initial network access, move laterally, deploy malware, steal data, or even poison an organization's supply chain.
headshot of Elizabeth Montalbano
by Elizabeth Montalbano, Contributor, Dark Reading
December 06, 2022
THREAT INTELLIGENCE
5 MIN READ
Article Icon
ARTICLE
ransomware wiper
Wiper, Disguised as Fake Ransomware, Targets Russian Orgs
The program, dubbed CryWiper, is aimed at Russian targets; it requests a ransom but has no way to decrypt any overwritten files.
Robert Lemos Headshot
by Robert Lemos, Contributing Writer, Dark Reading
December 05, 2022
THREAT INTELLIGENCE
4 MIN READ
Article Icon
ARTICLE
skull embedded in computer code
Infostealer Malware Market Booms, as MFA Fatigue Sets In
The successful combo of stolen credentials and social engineering to breach networks is increasing demand for infostealers on the Dark Web.
Dark Reading Logo
by Nathan Eddy, Contributing Writer, Dark Reading
December 05, 2022
THREAT INTELLIGENCE
5 MIN READ
Article Icon
ARTICLE

Comments

Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.