A seemingly sharp drop in the number of compromised Cisco IOS XE devices visible on the Internet led to a flurry of speculation over the weekend — but it turns out the malicious implants were just hiding.
Follow Dark Reading:
 October 24, 2023
LATEST SECURITY NEWS & COMMENTARY
Cyberattackers Alter Implant on 30K Compromised Cisco IOS XE Devices
A seemingly sharp drop in the number of compromised Cisco IOS XE devices visible on the Internet led to a flurry of speculation over the weekend — but it turns out the malicious implants were just hiding.
'Log in with...' Feature Allows Full Online Account Takeover for Millions
Hundreds of millions of users of Grammarly, Vidio, and the Indonesian e-commerce giant Bukalapak are at risk for financial fraud and credential theft due to OAuth misfires -- and other online services likely have the same problems.
Valve's 2FA Mandate for Game Developers Shows SMS Stickiness
Despite warnings that sending one-time passwords via text messages is a flawed security measure, companies continue to roll out the approach, especially in consumer-facing applications.
Ragnar Locker Ransomware Boss Arrested in Paris
Cops track down ransomware developer and seize Ragnar Locker infrastructure and data-leak site, Europol says.
Malicious Apps Spoof Israeli Attack Detectors: Conflict Goes Mobile
A spoofed version of an Israeli rocket-attack alerting app is targeting Android devices, in a campaign that shows how cyber-espionage attacks are shifting to individual, everyday citizens.
Freelance Market Flooded With North Korean IT Actors
Organizations should be careful that the workers they hire on a freelance and temporary basis are not operatives working to funnel money to North Korea's WMD program, US DOJ says.
Telling Small Businesses to Buy Cyber Insurance Isn't Enough
To protect themselves from threats, companies also need proactive cybersecurity.
City of Philadelphia Releases Cyber-Breach Notice
The investigation is ongoing, and the city will contact those who may have potentially been affected by the breach, it said.
(Sponsored Article) The Silent Threat of APIs: What the New Data Reveals About Unknown Risk
The rapid growth of APIs creates a widening attack surface and increasing unknown cybersecurity risks.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Cisco Finds New Zero-Day Bug, Pledges Patches in Days
A patch for the max-severity zero-day bug tracked as CVE-2023-20198 is coming soon, but the bug has already led to the compromise of tens of thousands of Cisco devices. And now, there's a new unpatched threat.

Change From Within: 3 Cybersecurity Transformation Traps for CISOs to Avoid
To make cybersecurity an organizationwide priority, CISOs must avoid these common input, empathy, and alignment obstacles.

Patch Now: APTs Continue to Pummel WinRAR Bug
State-sponsored cyber-espionage actors from Russia and China continue to target WinRAR users with various info-stealing and backdoor malware, as a patching lag plagues the software's footprint.

Name That Toon: Modern Monarchy
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

MORE
EDITORS' CHOICE
9 Innovative Ways to Boost Security Hygiene for Cyber Awareness Month
If we really want to move the dial on security habits, it's time to think beyond phishing tests. Our panel of CISOs and other security heavy-hitters offer expert tips that go beyond the obvious.
LATEST FROM THE EDGE

How State and Local Governments Can Serve Citizens More Securely
Looking at the top 10 priorities of state CIOs underscores the importance of securing applications and APIs in complex environments.
LATEST FROM DR TECHNOLOGY

Open Source Security Agents Promise Greater Simplicity, Flexibility
Endpoint management based on open source agents, such as osquery, could simplify IT management and security while giving larger firms more customization options.
LATEST FROM DR GLOBAL

Hola Espana: 'Grandoreiro' Trojan Targets Global Banking Customers
Brasileiro cybercrime has been on the rise. Now, one campaign targeting bank customers has reached beyond the Americas, into Europe.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
SailPoint Unveils Annual 'Horizons of Identity Security' Report
AI 'Will Have a Significant Impact on Energy Industry,' EPRI Tells Congress
Kaspersky Launches Specialized Security Solution for Containerized Environments
Spec Secures $15M Series A Funding, Accelerating Innovation in Fraud Defense
MORE PRODUCTS & RELEASES
CURRENT ISSUE

How to Deploy Zero Trust for Remote Workforce Security
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us