Darkreading.com: Latest Cybersecurity News

Container verification bug allows malicious images to cloud up Kubernetes.

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 24 December 2022, 1400 UTC. Content supplied by "Darkreading.com."

Source:  https://www.darkreading.com/

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

Latest News

Container Verification Bug Allows Malicious Images to Cloud Up Kubernetes

A complete bypass of the Kyverno security mechanism for container image imports allows cyberattackers to completely take over a Kubernetes pod to steal data and inject malware.

Tara-Seals-Headshot2.jpg

by Tara Seals, Managing Editor, News, Dark Reading

Dec 23, 2022

CLOUD
5 MIN READ
Article Icon
ARTICLE
LastPass Cops to Massive Breach Including Customer Vault Data

The follow-on attack from August's source-code breach could fuel future campaigns against LastPass customers.

dr_staff_125x125.jpg

by Dark Reading Staff, Dark Reading

Dec 23, 2022

ATTACKS/BREACHES
1 MIN READ
Article Icon
ARTICLE
Videoconferencing Worries Grow, With SMBs in Cyberattack Crosshairs

Securing videoconferencing solutions is just one of many IT security challenges small businesses are facing, often with limited financial and human resources.

NathanEddyHeadshot.PNG

by Nathan Eddy, Contributing Writer, Dark Reading

Dec 23, 2022

APPLICATION SECURITY
6 MIN READ
Article Icon
ARTICLE
Google: With Cloud Comes APIs & Security Headaches

APIs are key to cloud transformation, but two Google surveys find that cyberattacks targeting them are reaching a tipping point, even as general cloud security issues abound.

Robert-Lemos.png

by Robert Lemos, Contributing Writer, Dark Reading

Dec 23, 2022

CLOUD
4 MIN READ
Article Icon
ARTICLE
Inside the Next-Level Fraud Ring Scamming Billions Off Holiday Retailers

"Largest attack of its kind": A potent Southeast Asian e-commerce fraud ring has declared war on US retailers, targeting billions in goods in just the past month and forcing mules into its scheme.

BeckyB.jpg

by Becky Bracken, Editor, Dark Reading

Dec 22, 2022

ATTACKS/BREACHES
4 MIN READ
Article Icon
ARTICLE
Biden Signs Post-Quantum Cybersecurity Guidelines Into Law

The new law holds the US Office of Budget and Management to a road map for transitioning federal systems to NIST-approved PQC.

pink-headshot.jpg

by Karen Spiegelman, Features Editor

Dec 22, 2022

RISK
2 MIN READ
Article Icon
ARTICLE
Security on a Shoestring? Cloud, Consolidation Best Bets for Businesses

With a recession potentially coming, some companies are cutting security teams. But moving more infrastructure to the cloud and reducing the number of vendors through consolidation may be the best ways to prepare.

Robert-Lemos.png

by Robert Lemos, Contributing Writer, Dark Reading

Dec 22, 2022

RISK
4 MIN READ
Article Icon
ARTICLE
Google WordPress Plug-in Bug Allows AWS Metadata Theft

A successful attacker could use the SSRF vulnerability to collect metadata from WordPress sites hosted on an AWS server, and potentially log in to a cloud instance to run commands.

NathanEddyHeadshot.PNG

by Nathan Eddy, Contributing Writer, Dark Reading

Dec 22, 2022

VULNERABILITIES/THREATS
3 MIN READ
Article Icon
ARTICLE
MORE NEWS

Latest Commentary

Fool Me Thrice? How to Avoid Double and Triple Ransomware Extortion

To stay safer, restrict access to data, monitor for breaches in the supply chain, track relevant data that is sold on the Dark Web, and implement best safety practices.

Rob Jenks

by Rob Jenks, Senior Vice President, Corporate Strategy, Tanium

Dec 23, 2022

Threat Modeling in the Age of OpenAI's Chatbot

New technical chatbot capabilities raise the promise that their help in threat modeling could free humans for more interesting work.

Photo of Adam Shostack

by Adam Shostack, Leading expert in threat modeling

Dec 22, 2022

'Sextortion,' Business Disruption, and a Massive Attack: What Could Be in Store for 2023

Our growing interconnectedness poses almost as many challenges as it does benefits.

Photo of Reuven Aronashvili

by Reuven Aronashvili, Founder and CEO, CYE

Dec 22, 2022

Name That Toon: Kiss and Tell

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Klossner_iwk_photo.gif

by John Klossner, Cartoonist

Dec 21, 2022

Why Security Teams Shouldn't Snooze on MFA Fatigue

Employee education, biometric and adaptive authentication, and zero trust can go a long way in strengthening security.

Candid Wüest

by Candid Wüest, VP of Cyber Protection Research, Acronis

Dec 21, 2022

MORE COMMENTARY


Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

SecurityWeek Briefing.

Image
"Microsoft offers up to $15,000 in New AI Bug Bounty Program." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 13 October 2023, 2020 UTC.  Content provided by email subscription to "SecurityWeek Briefing." Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGtxdZHmrfcBkMDJSSNTtHlmhQX ("SecurityWeek Briefing"). Please click link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). SecurityWeek News Briefing | Friday, October 13, 2023 CISA Now Flagging Vulnerabilities, Misconfigurations Exploited by Ransomware Juniper Networks Patches Over 30 Vulnerabilities in Junos OS In Other News : Ex-Uber Security Chief Appeal, New Offerings From Tech Giants, Crypto Bounty Dozens of Squid Proxy Vulnerabilities Remain Unpatched 2 Years After Disclosure Microsoft Offers Up to $15,000 in New AI Bug Bounty Program Researcher Co
Read more

SecurityWeek Briefing.

Image
"Health Care Solutions giant disrupted by Cyberattack." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 19 October 2023, 2033 UTC.  Content provided by email subscription to "SecurityWeek Briefing." Source:  https://mail.google.com/mail/u/0/?tab=rm&ogbl#inbox/FMfcgzGwHLhdlHbpbQJXqhLLSvQbhdnC ("SecurityWeek Briefing"). Please click link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). SecurityWeek News Briefing | Thursday, October 19, 2023 Healthcare Solutions Giant Disrupted by Cyberattack Thousands of Remote IT Workers Sent Wages to North Korea to Help Fund Weapons Program CipherStash Raises $3 Million for Encryption-in-Use Technology US Government Releases Anti-Phishing Guidance Google Play Protect Gets Real-Time Code Scanning Number of Cisco Devices Hacked via Unpatched Vulnerability Increases to 40,00
Read more

Cyber War News Wire.

Image
 "Navy establishes cyber warfare enlisted rating." Views expressed in this cyber war, cybersecurity, cyber espionage update are those of the reporters and correspondents.  Accessed on 02 July 2023, 2311 UTC.  Content provided by EIN Presswire. Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGtvsTbTPlbNrgzDpppFbtXwWxF ("Cyber War News Wire" from EIN Presswire). Please click link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). ·  Subscribe  ·  Unsubscribe My Alerts       Cyber War Newswire Got News to Share? Send 2 FREE Releases ↓ Daily update  ·  July 2, 2023     NEWS     Navy Establishes Cyber Warfare Enlisted Rating  Seapower Magazine ***** ARLINGTON, Va. — The U.S. Navy’s effort to expand its cyber warfare capabilities took another step with the establishment of the Cyber Warfare Technician (CWT) rating in its enlisted force.  The CTWs will conduct both offensive and defensive
Read more