Call it a "cyber tax": Those costs are usually passed on to consumers, not investors, as compromised businesses raise prices for goods and services.
Follow Dark Reading:
 July 28, 2022
LATEST SECURITY NEWS & COMMENTARY
Critical Bugs Threaten to Crack Atlassian Confluence Workspaces Wide Open
A hardcoded password associated with the Questions for Confluence app has been publicly released, which will likely lead to exploit attempts that give cyberattackers access to all Confluence content.
Average Data Breach Costs Soar to $4.4M in 2022
Call it a "cyber tax": Those costs are usually passed on to consumers, not investors, as compromised businesses raise prices for goods and services.
Rare 'CosmicStrand' UEFI Rootkit Swings into Cybercrime Orbit
The firmware threat offers ultimate stealth and persistence — and may be distributed via tainted firmware components in a supply chain play, researchers theorize.
Snowballing Ransomware Variants Highlight Growing Threat to VMware ESXi Environments
Luna, Black Basta add to rapidly growing list of malware tools targeted at virtual machines deployed on VMware's bare-metal hypervisor technology.
Mysterious, Cloud-Enabled macOS Spyware Blows Onto the Scene
The CloudMensis spyware, which can lift reams of sensitive information from Apple machines, is the first Mac malware observed to exclusively rely on cloud storage for C2 activities.
Discord, Telegram Services Hijacked to Launch Array of Cyberattacks
Attackers are easily turning popular messaging apps and their associated services — like bots, cloud infrastructure, and CDNs — against users, researchers warn.
LockBit 3.0: Significantly Improved Ransomware Helps the Gang Stay on Top
Just ahead of its headline-grabbing attack on the Italian tax agency, the infamous ransomware group debuted an improved version of the malware featuring parts from Egregor and BlackMatter.
Phishing Bonanza: Social-Engineering Savvy Skyrockets as Malicious Actors Cash In
The ever-evolving threat from phishing is growing more sophisticated as attackers design high-pressure situations and leverage ever-more-convincing social engineering tactics to increase their success rates.
Ducktail Spear-Phishing Campaign Uses LinkedIn to Hijack Facebook Business Accounts
Ducktail targets marketing and HR professionals through LinkedIn to hijack Facebook accounts and run malvertising schemes.
The Beautiful Lies of Machine Learning in Security
Machine learning should be considered an extension of — not a replacement for — existing security methods, systems, and teams.
The Kronos Ransomware Attack: What You Need to Know So Your Business Isn't Next
Identify your business's security posture and head off ransomware attacks with third-party risk management and vendor security assessments.
What Firewalls Can — and Can't — Accomplish
Understanding the limitations of firewalls is important to protecting the organization from evolving threats.
T-Mobile Pitches $4-Per-Customer Settlement for Data Leak Impacting 80M People
After leaking 80 million US customer data records in a cyberattack last summer, T-Mobile offers to settle a wide-ranging class action suit for just $350 million.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
ICYMI: Neopets & the Gaming Problem; SolarWinds Hackers Are Back; Google Ads Abused
Dark Reading's weekly roundup of all the OTHER important stories of the week.

The Great BizApp Hack: Cyber-Risks in Your Everyday Business Applications
IT admins can lock some of the obvious open doors in business applications, but system visibility is key. Build automatic monitoring defenses and adopt a Git-like tool so you can "version" your business apps to restore prior states.

What InfoSec Pros Can Teach the Organization About ESG
Security pros' experience with transparency and evaluating third-party partners positions them to act as key environmental, social, and governance advisers.

MORE
EDITORS' CHOICE
8 Hot Summer Fiction Reads for Cybersecurity Pros
A reading list of recommended novels curated by cybersecurity experts for cybersecurity experts.
LATEST FROM THE EDGE

Equitable Digital Identity Verification Requires Moving Past Flawed Legacy Systems
Data science can be used to improve access to government assistance while reducing fraud.
LATEST FROM DR TECHNOLOGY

AI Can Help Fintechs Fight Fraud-as-a-Service
Artificial intelligence tools can help companies strike the right balance between preventing financial crime and maintaining customer service and satisfaction.
WEBINARS
  • Assessing Cyber Risk

    Top executives often ask, "how safe are we from a cyber breach?" But it can be difficult to quantitatively measure cyber risk, and even harder to assess your organization's attack surface. In this webinar, you'll learn how to evaluate your ...

  • Building and Maintaining Security at the Network Edge

    Advances in networking and new technologies have expanded the possibilities of deploying applications at the network edge. These edge devices bring with them their own security management challenges and risks. How do you scale your security to manage the sheer ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
First Cohort Graduates from PSM Cyber Stars Program at Liverpool FC
No More Ransom Helped More Than 1.5 Million People Decrypt Their Devices
Craig Newmark Gives UC Berkeley $2 Million for University Cybersecurity Clinics
Norton Consumer Cyber Safety Pulse Report: Phishing for New Bait on Social Media
Siemens Energy Takes Next Step to Protect Critical Infrastructure
Aqua Launches Out-of-the-Box Runtime Security with Advanced Protection against the Most Sophisticated Threats
MORE PRODUCTS & RELEASES
CURRENT ISSUE

Implementing Zero Trust In Your Enterprise: How to Get Started
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2022  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us