The previously unknown state-sponsored group is compromising industrial targets with the ShadowPad malware before burrowing deeper into networks.
Follow Dark Reading:
 June 29, 2022
LATEST SECURITY NEWS & COMMENTARY
China-Backed APT Pwns Building-Automation Systems with ProxyLogon
The previously unknown state-sponsored group is compromising industrial targets with the ShadowPad malware before burrowing deeper into networks.
Facebook Business Pages Targeted via Chatbot in Data-Harvesting Campaign
The clever, interactive phishing campaign is a sign of increasingly complex social-engineering attacks, researchers warn.
Ransomware Volume Nearly Doubles 2021 Totals in a Single Quarter
Like a hydra, every time one ransomware gang drops out (REvil or Conti), plenty more step up to fill the void (Black Basta).
'Raccoon Stealer' Scurries Back on the Scene After Hiatus
Researchers this week said they had observed criminals using a new and improved version of the prolific malware, barely three months after its authors announced they were quitting.
Google Analytics Continues to Lose SEO Visibility as Bans Continue
Google Analytics has been found to be in violation of GDPR privacy laws by Italy — the third country to ban it.
Atlassian Confluence Exploits Peak at 100K Daily
Swarms of breach attempts against the Atlassian Confluence vulnerability are likely to continue for years, researchers say, averaging 20,000 attempts daily as of this week.
A WAF Is Not a Free Lunch: Teaching the Shift-Left Security Mindset
Developers need to think like WAF operators for security. Start with secure coding and think of Web application firewalls not as a prophylactic but as part of the secure coding test process.
How to Find New Attack Primitives in Microsoft Azure
Abuse primitives have a longer shelf life than bugs and zero-days and are cheaper to maintain. They're also much harder for defenders to detect and block.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
New Vulnerability Database Catalogs Cloud Security Issues
Researchers have created a new community website for reporting and tracking security issues in cloud platforms and services — plus fixes for them where available.

LockBit 3.0 Debuts With Ransomware Bug Bounty Program
LockBit 3.0 promises to 'Make Ransomware Great Again!' with a side of cybercrime crowdsourcing.

Name That Toon: Cuter Than a June Bug
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

MORE
EDITORS' CHOICE
Are You Hiring Enough Entry-Level Security Pros?
New (ISC)² survey shows employment levels for entry-level cyber pros lag behind every other experience level.
LATEST FROM THE EDGE

What We Mean When We Talk About Cyber Insurance
Cyber insurance is more than a policy for paying off ransomware gangs. It's designed to be something you transfer risk to when security controls fail.
LATEST FROM DR TECHNOLOGY

Can Zero-Knowledge Cryptography Solve Our Password Problems?
Creating temporary keys that are not stored in central repositories and time out automatically could improve security for even small businesses.
WEBINARS
  • Building and Maintaining Security at the Network Edge

    Advances in networking and new technologies have expanded the possibilities of deploying applications at the network edge. These edge devices bring with them their own security management challenges and risks. How do you scale your security to manage the sheer ...

  • Using Threat Modeling to Improve Enterprise Cyber Defenses

    As enterprises deal with multiple threats coming in different forms, security teams are shifting to a risk-based security to handle these challenges. One of the key tools is threat modeling, a process intended to help identify potential weaknesses and prioritize ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Kaspersky Reveals Phishing Emails That Employees Find Most Confusing
Thrive Acquires DSM
Palo Alto Networks Bolsters Its Cloud Native Security Offerings With Out-of-Band WAAS
Synopsys Completes Acquisition of WhiteHat Security
Zscaler and AWS Expand Relationship
MORE PRODUCTS & RELEASES
CURRENT ISSUE

Improving Enterprise Cybersecurity With XDR
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2022  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us