US Comptroller Cyber ‘Incident’ Compromises Org’s Emails – Dark Reading
A review of the emails involved in the breach is still ongoing, but what has been discovered is enough for the Treasury Department to label it a “major cyber incident.”…
Dark Reading
CrushFTP Exploitation Continues Amid Disclosure Dispute – Dark Reading
Attacks on a critical authentication bypass flaw in CrushFTP’s file transfer product continue this week after duplicate CVEs sparked confusion. – Read More
Tariffs May Prompt Increase in Global Cyberattacks – Dark Reading
Cybersecurity and policy experts worry that if tariffs give way to a global recession, organizations will reduce their spending on cybersecurity. – Read More
Oracle Appears to Admit Breach of 2 ‘Obsolete’ Servers – Dark Reading
The database company said its Oracle Cloud Infrastructure (OCI) was not involved in the breach. And at least one law firm seeking damages is already on the case. – Read…
China-Linked Hackers Continue Harassing Ethnic Groups With Spyware – Dark Reading
Threat actors are trolling online forums and spreading malicious apps to target Uyghurs, Taiwanese, Tibetans, and other individuals aligned with interests that China sees as a threat to its authority.…
Using Post-Quantum Planning to Improve Security Hygiene – Dark Reading
With careful planning, the transition to post-quantum cryptography can significantly improve security and risk management for the present and future. – Read More
Microsoft Drops Another Massive Patch Update – Dark Reading
A threat actor has already exploited one of the flaws in a ransomware campaign with victims in the US and other countries. – Read More
Industry Asks for Clarity on Proposed HIPAA Cybersecurity Rules – Dark Reading
Healthcare and IT security practitioners worry some of the proposed amendments are not practical for a sector that lacks resources and often uses legacy equipment. – Read More
Aurascape Brings Visibility, Security Controls to Manage AI Applications – Dark Reading
New cybersecurity startup Aurascape emerged from stealth today with an AI-native security platform to automate security policies for AI applications. – Read More
UK Orgs Pull Back Digital Projects With Looming Threat of Cyberwarfare – Dark Reading
Artificial intelligence poses a significant concern when it comes to nation-state cyberthreats and AI’s ability to supercharge attacks. – Read More
2 Android Zero-Day Bugs Under Active Exploit – Dark Reading
Neither security issue requires user interaction; and one of the vulnerabilities was used to unlock a student activist’s device in an attempt to install spyware. – Read More
Dangerous, Windows-Hijacking Neptune RAT Scurries Into Telegram, YouTube – Dark Reading
The malware’s creators insist a new open source version of Neptune is for educational use by pen testers, but a raft of sophisticated backdoor and evasion capabilities says otherwise. –…
How Democratized Development Creates a Security Nightmare – Dark Reading
No-code and low-code platforms offer undeniable benefits. But when security is an afterthought, organizations risk deploying vulnerable applications that expose sensitive data and critical systems. – Read More
Experts Optimistic about Secure by Design Progress – Dark Reading
Secure by Design is an important step to reduce the number of vulnerabilities present originally, but is it progressing fast enough? Security experts Chris Wysopal and Jason Healey say things…
Palo Alto Networks Begins Unified Security Rollout – Dark Reading
Cortex Cloud integrates Prisma Cloud with CDR to provide a consolidated security posture management and real-time threat detection and remediation. – Read More