SaaS Apps Present an Abbreviated Kill Chain for Attackers – Dark Reading
Black Hat presentation reveals adversaries don’t need to complete all seven stages of a traditional kill chain to achieve their objectives. – Read More
Dark Reading
Critical AWS Vulnerabilities Allow S3 Attack Bonanza – Dark Reading
Researchers at Aqua Security discovered the “Shadow Resource” attack vector and the “Bucket Monopoly” problem, where threat actors can guess the name of S3 buckets based on their public account…
Hazy Issue in Entra ID Allows Privileged Users to Become Global Admins – Dark Reading
Invisible authentication mechanisms in Microsoft allow any attacker to escalate from privileged to super-duper privileged in cloud environments, paving the way for complete takeover. – Read More
Monitoring Changes in KEV List Can Guide Security Teams – Dark Reading
The number of additions to the Known Exploited Vulnerabilities catalog is growing quickly, but even silent changes to already-documented flaws can help security teams prioritize. – Read More
CrowdStrike Will Give Customers Control Over Falcon Sensor Updates – Dark Reading
The security vendor has also implemented several changes to protect against the kind of snafu that crashed 8.5 million Windows computers worldwide last month. – Read More
Knostic Wins 2024 Black Hat Startup Spotlight Competition – Dark Reading
During a “Shark Tank”-like final, each startup’s representative spent five minutes detailing their company and product, with an additional five minutes to take questions from eight judges from Omdia, investment…
Chameleon Banking Trojan Makes a Comeback Cloaked as CRM App – Dark Reading
The evolving malware is targeting hospitality and other B2C workers in Canada and Europe with capabilities that can evade Android 13 security restrictions. – Read More
Creating Insecure AI Assistants With Microsoft Copilot Studio Is Easy – Dark Reading
Microsoft claims 50,000 organizations are using its new Copilot Creation tool, but researcher Michael Bargury demonstrated at Black Hat USA ways it could unleash insecure chatbots. – Read More
The API Security Crisis: Why Your Company Could Be Next – Dark Reading
You’re only as strong as your weakest security link. – Read More
Dark Reading News Desk Live From Black Hat USA 2024 – Dark Reading
The Dark Reading team once again welcomes the world’s top cybersecurity experts to the Dark Reading News Desk live from Black Hat USA 2024. Tune into the livestream. – Read…
Verizon Business 2024 Mobile Security Index Reveals Escalating Risks in Mobile and IoT Security – Dark Reading
Post Content – Read More
Cybersecurity Industry Leaders Launch the Cyber Threat Intelligence Capability Maturity Model – Dark Reading
Post Content – Read More
Dataprise Acquires Phoenix IT Adding Cyber Incident Response & Remediation Services – Dark Reading
Post Content – Read More
Votiro Unveils New Data Privacy Features and Integrations – Dark Reading
Post Content – Read More
BlankBot Trojan Targets Turkish Android Users – Dark Reading
While still under development, the malware contains Turkish-language filenames, can record the screen and keystrokes, and inject custom overlays to steal passwords and sensitive data. – Read More