Sophos research unveiled at Black Hat Europe details a thriving subeconomy of fraud on the cybercrime underground, aimed at Dark Web forum users.
Follow Dark Reading:
 December 13, 2022
LATEST SECURITY NEWS & COMMENTARY
Metaparasites & the Dark Web: Scammers Turn on Their Own
Sophos research unveiled at Black Hat Europe details a thriving subeconomy of fraud on the cybercrime underground, aimed at Dark Web forum users.
Rash of New Ransomware Variants Springs Up in the Wild
Vohuk, ScareCrow, and AESRT add to the ransomware chaos that organizations have to contend with on a daily basis.
Popular WAFs Subverted by JSON Bypass
Web application firewalls from AWS, Cloudflare, F5, Imperva, and Palo Alto Networks are vulnerable to a database attack using the popular JavaScript Object Notation (JSON) format.
Nearly 4,500 Pulse Connect Secure VPNs Left Unpatched and Vulnerable
Pulse Connect VPN server software received several updates over the years, and thousands of hosts haven't patched.
Amid Outrage, Rackspace Sends Users Email Touting Its Incident Response
More than 10 days after a ransomware attack, affected Rackspace customers are being told the incident had a "limited impact," and have been invited to a webinar for additional details.
When Companies Compensate the Hackers, We All Foot the Bill
Ensuring stronger in-house defenses is integral to retaining customer loyalty.
(Sponsored Article) Single Sign-on: It's Only as Good as Your Ability to Use It
Increased federal cybersecurity regulations provide a pivot point for manufacturers to reconsider their access management strategy.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
For Cyberattackers, Popular EDR Tools Can Turn into Destructive Data Wipers
Microsoft, three others release patches to fix a vulnerability in their respective products that enables such manipulation. Other EDR products potentially are affected as well.

Shift to Memory-Safe Languages Gains Momentum
Software firms and the National Security Agency urge developers to move to memory-safe programming languages to eliminate a major source of high-severity flaws.

How Naming Can Change the Game in Software Supply Chain Security
A reliance on CPE names currently makes accurate searching for high-risk security vulnerabilities difficult.

MORE
EDITORS' CHOICE
3 Ways Attackers Bypass Cloud Security
At Black Hat Europe, a security researcher details the main evasion techniques attackers are currently using in the cloud.
LATEST FROM THE EDGE

What We Can't See Can Hurt Us
Visibility into every environment, including cloud, enables businesses to mitigate operating risks.
LATEST FROM DR TECHNOLOGY

Cybersecurity 'Nutrition' Labels Still a Work in Progress
Pretty much every aspect of the effort to create easy-to-understand labels for Internet of Things (IoT) products is up in the air, according to participants in the process
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Shopify Plus Stores Can Easily Add Passwordless Login With Passkeys Support
Palo Alto Networks Xpanse Active Attack Surface Management Automatically Remediates Cyber Risks Before They Lead to Cyberattacks
Trilio Raises $17M, Appoints Massood Zarrabian as CEO
MORE PRODUCTS & RELEASES
CURRENT ISSUE

Developing and Testing an Effective Breach Response Plan
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2022   |   Informa Tech  |   Privacy Statement   |   Terms & Conditions  |  Contact Us