Security
Headlines
HeadlinesLatestCVEs

Source

DARKReading

Russian APT Group Thwarted in Attack on US Automotive Manufacturer

The group gained access to the victim network by duping IT employees with high administrative-access privileges.

DARKReading
#backdoor#auth
Rebalancing NIST: Why 'Recovery' Can't Stand Alone

The missing ingredient in NIST's newest cybersecurity framework? Recovery.

Break Security Burnout: Combining Leadership With Neuroscience

Industry leaders aim to solve the threat to both the mental health of workers and security of organizations with solutions that recognize the enormous pressures facing cybersecurity professionals.

Sneaky Shellcode: Windows Fibers Offer EDR-Proof Code Execution

Two new code-execution techniques, Poison Fiber and Phantom Thread, take advantage of a little-known Windows OS workhorse to sneak shellcode and other malware onto victim machines.

Nigeria & Romania Ranked Among Top Cybercrime Havens

A survey of cybercrime experts assessing the top cybercrime-producing nations results in some expected leaders — Russia, Ukraine, and China — but also some surprises.

Open Source Tool Looks for Signals in Noisy AWS Cloud Logs

Permiso Security announced Cloud Console Cartographer during Black Hat Asia to help defenders look inside Amazon Web Services events logs for signs of cyberattacks.

Countering Voice Fraud in the Age of AI

Caller ID spoofing and AI voice deepfakes are supercharging phone scams. Fortunately, we have tools that help organizations and people protect themselves against the devious combination.

For Service Accounts, Accountability Is Key to Security

Modern networks teem with machine accounts tasked with simple automated tasks yet given too many privileges and left unmonitored. Resolve that situation and you close an attack vector.

Dangerous ICS Malware Targets Orgs in Russia and Ukraine

"Kapeka" and "Fuxnet" are the latest examples of malware to emerge from the long-standing conflict between the two countries.