A tailored spear-phishing attack successfully convinced a Reddit employee to hand over their credentials and their one-time password, but soon after, the same worker notified security.
Follow Dark Reading:
 February 13, 2023
LATEST SECURITY NEWS & COMMENTARY
Reddit Hack Shows Limits of MFA, Strengths of Security Training
A tailored spear-phishing attack successfully convinced a Reddit employee to hand over their credentials and their one-time password, but soon after, the same worker notified security.
Attacker Allure: A Look at the Super Bowl's Operational Cyber-Risks
Event organizers should be exercising various cyberattack scenarios to ensure they have the proper checks and balances in place to respond accordingly and maintain resilience.
Trickbot Members Sanctioned for Pandemic-Era Ransomware Hits
The US Treasury Department linked the notorious cybercrime gang to Russian Intelligence Services because cyberattacks that disrupted hospitals and other critical infrastructure align with Russian state interests.
MagicWeb Mystery Highlights Nobelium Attacker's Sophistication
The authentication bypass used by the Nobelium group, best known for the supply chain attack on SolarWinds, required a massive, real-time investigation to uncover, Microsoft says.
Malicious Game Mods Target Dota 2 Game Users
Valve's unpatched JavaScript engine and incomplete modification vetting process for Steam-delivered mods led to user systems being backdoored.
Addressing the Elephant in the Room: Getting Developers & Security Teams to Work Together
Bridging the divide between developers and security can create a culture change organically.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Phishing Surges Ahead, as ChatGPT & AI Loom
AI and phishing-as-a-service (PaaS) kits are making it easier for threat actors to create malicious email campaigns, which continue to target high-volume applications using popular brand names.

Lessons From the Cold War: How Quality Trumps Quantity in Cybersecurity
High-quality tools and standards remain critical components in cybersecurity efforts even as budgets decline. It's important that staff knows response procedures and their roles, and also communicates well.

NewsPenguin Goes Phishing for Maritime & Military Secrets
A sophisticated cyber-espionage attack against high-value targets attending a maritime technology conference in Pakistan this weekend has been in the works since last year.

In Perfect Harmony: Cybersecurity Regulation Harmonization
By simplifying compliance management, security and risk teams can focus on managing operational risk, not compliance risk — and better counter threats.

MORE
EDITORS' CHOICE
7 Critical Cloud Threats Facing the Enterprise in 2023
From shadow data to misconfigurations, and overpermissioning to multicloud sprawl, Dark Reading's cloud security slideshow helps security pros understand the threat horizon.
LATEST FROM THE EDGE

5 Ways to Survive Scam Season — or Rather, Tax Season
Security pros need to look beyond user education to find and disarm fraudulent actors.
LATEST FROM DR TECHNOLOGY

Cloud Apps Still Demand Way More Privileges Than They Use
Hackers can't steal a credential that doesn't exist.
WEBINARS
  • Shoring Up the Software Supply Chain Across Enterprise Applications

    Modern-day software development depends heavily on third-party components, libraries, and frameworks. Attackers are increasingly targeting these software building blocks to compromise enterprise applications. In this webinar, experts discuss the ever-expanding software attack surface. Find out where potential attack vectors are ...

  • Deciphering the Hype Around XDR

    Security teams are increasingly being asked about the organization's Extended Detection and Response capabilities. There is still a lot of confusion and misunderstanding about XDR and what it can accomplish. XDR goes beyond endpoint monitoring and detection, while extending visibility ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Integreon Launches Cyber Incident Response Offering with Development of AI-Based Review and Integration of RadarFirst
SynSaber Releases ICS CVE Retrospective: 3 Years of CISA Advisories
Avast Threat Report: Consumers Plagued With Refund Fraud, Tech Support Scams, and Adware
Kaspersky Finds Growing Number of Parents Experiencing Ransomware Attacks on Children's Schools
MORE PRODUCTS & RELEASES
CURRENT ISSUE

The Promise and Reality of Cloud Security
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us