Dell’s Hard-Coded Flaw: A Nation-State Goldmine – Dark Reading
A China-related attacker has exploited the vendor flaw since mid-2024, allowing it to move laterally, maintain persistent access, and deploy malware. – Read More
Dark Reading
A CISO’s Playbook for Defending Data Assets Against AI Scraping – Dark Reading
Discover a strategic approach to govern scraping risks, balance security with business growth, and safeguard intellectual capital from automated data harvesting. – Read More
Singapore & Its 4 Major Telcos Fend Off Chinese Hackers – Dark Reading
After detecting a zero-day attack, the country’s effective response was attributed to the tight relationship between its government and private industry. – Read More
Supply Chain Attack Embeds Malware in Android Devices – Dark Reading
Keenadu downloads payloads that hijack browser searches, commit ad fraud, and execute other actions without user knowledge. – Read More
Poland Energy Survives Attack on Wind, Solar Infrastructure – Dark Reading
Russia-aligned groups are probable culprits behind the wiper attacks against renewable energy farms, a manufacturer, and a heating and power plant. – Read More
RMM Abuse Explodes as Hackers Ditch Malware – Dark Reading
It’s the path of lesser resistance, as remote monitoring and management (RMM) software offers stealth, persistence, and operational efficiency. – Read More
ClickFix Attacks Abuses DNS Lookup Command to Deliver ModeloRAT – Dark Reading
ClickFix campaigns have adapted to the latest defenses with a new technique to trick users into infecting their own machines with malware. – Read More
Operation DoppelBrand: Weaponizing Fortune 500 Brands – Dark Reading
The GS7 cyberthreat group targets US financial institutions with near-perfect imitations of corporate portals to steal credentials and gain remote access. – Read More
260K+ Chrome Users Duped by Fake AI Browser Extensions – Dark Reading
30 copycat apps tricked users, and Google itself, into thinking they’re legitimate AI tools. – Read More
Zscaler-SquareX Deal Boosts Zero Trust, Secure Browsing Capabilities – Dark Reading
Zscaler’s acquisition of SquareX comes as competitors like CrowdStrike and Palo Alto Networks are also investing in secure browser technologies. – Read More
Microsoft Under Pressure to Bolster Defenses for BYOVD Attacks – Dark Reading
Threat actors are exploiting security gaps to weaponize Windows drivers and terminate security processes in targeted networks, and there may be no easy fixes in sight. – Read More
Nation-State Hackers Put Defense Industrial Base Under Siege – Dark Reading
Espionage groups from China, Russia and other nations burned at least two dozen zero-days in edge devices in attempts to infiltrate defense contractors’ networks. – Read More
AI Agents ‘Swarm,’ Security Complexity Follows Suit – Dark Reading
As AI deployments scale and start to include packs of agents autonomously working in concert, organizations face a naturally amplified attack surface. – Read More
Ivanti EPMM Zero-Day Bugs Spark Exploit Frenzy — Again – Dark Reading
It’s time to phase out the “patch and pray” approach, eliminate needless public interfaces, and enforce authentication controls, one expert says. – Read More
Booz Allen Announces General Availability of Vellox Reverser to Automate Malware Defense – Dark Reading
The AI-powered product delivers expert-grade malware analysis and reverse engineering in minutes. – Read More