The enterprise resource planning platform bug CVE-2024-38856 has a vulnerability-severity score of 9.8 out of 10 on the CVSS scale and offers a wide avenue into enterprise applications for cyberattackers. Go to Source Author: Tara Seals, Managing Editor, News, Dark Reading
Category Archives: Uncategorized
The APT used DNS poisoning to install the Macma backdoor on targeted networks and then deliver malware to steal data via post-exploitation activity. Go to Source Author: Elizabeth Montalbano, Contributing Writer
Cybersecurity startup LeakSignal, a finalists in this year’s Black Hat USA Startup Spotlight competition, helps organizations see where data is leaking within their environment. Go to Source Author:
Cybersecurity startup Knostic, a finalists in this year’s Black Hat USA Startup Spotlight competition, adds guardrails to how AI uses enterprise data to ensure sensitive data does not get leaked. Go to Source Author: Dark Reading Staff
Adopting a military mindset toward cybersecurity means the industry moves beyond the current network protection strategies and toward a data-centric security approach. Go to Source Author: Denzil Wessels, Glenn Ignazio
Cybersecurity researchers have uncovered design weaknesses in Microsoft’s Windows Smart App Control and SmartScreen that could enable threat actors to gain initial access to target environments without raising any warnings. Smart App Control (SAC) is a cloud-powered security feature introduced by Microsoft in Windows 11 to block malicious, untrusted, and potentially unwanted apps from being […]
Ultimately, a more cyber-secure world requires a global governing body to regulate and campaign for cybersecurity, with consistent regulatory requirements in the various regions around the world. Go to Source Author: Joanna Huisman, Senior Vice President of Strategic Insights & Research, KnowBe4
Organizations in Kazakhstan are the target of a threat activity cluster dubbed Bloody Wolf that delivers a commodity malware called STRRAT (aka Strigoi Master). “The program selling for as little as $80 on underground resources allows the adversaries to take control of corporate computers and hijack restricted data,” cybersecurity vendor BI.ZONE said in a new […]
The scheme, from the group also known as APT28, involves targeting Eastern European diplomats in need of personal transportation, tempting them with a purported good deal on a Audi Q7 Quattro SUV. Go to Source Author: Nathan Eddy, Contributing Writer
The Loper Bright decision has yielded impactful results: the Supreme Court has overturned forty years of administrative law, leading to potential litigation over the interpretation of ambiguous laws previously decided by federal agencies. This article explores key questions for cybersecurity professionals and leaders as we enter a more contentious period of cybersecurity law. Background What […]