Dark Reading Daily -- August 08, 2022

Follow Dark Reading:

August 08, 2022

LATEST SECURITY NEWS & COMMENTARY

Stolen Data Gives Attackers Advantage Against Text-Based 2FA

With names, email addresses, and mobile numbers from underground databases, one person in five is at risk of account compromise even with SMS two-factor authentication in place.

Genesis IAB Market Brings Polish to the Dark Web

As the market for initial access brokers matures, services like Genesis — which offers elite access to compromised systems and slick, professional services — are raising the bar in the underground economy.

A Ransomware Explosion Fosters Thriving Dark Web Ecosystem

For the right price, threat actors can get just about anything they want to launch a ransomware attack — even without technical skills or any previous experience.

A Digital Home Has Many Open Doors

Development of digital gateways to protect the places where we live, work, and converse need to be secure and many doors need to offer restricted access.

Fresh RapperBot Malware Variant Brute-Forces Its Way Into SSH Servers

Over the past few weeks, a Mirai variant appears to have made a pivot from infecting new servers to maintaining remote access.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
The Myth of Protection Online — and What Comes Next It's a myth that consuming and processing alerts qualifies as security. Today's technology allows better detection and prevention, rather than accepting the low bar for protection set by ingrained incident response reactions. Cyberattackers Increasingly Target Cloud IAM as a Weak Link At Black Hat USA, Igal Gofman plans to address how machine identities in the cloud and the explosion of SaaS apps are creating risks for IAM, amid escalating attention from attackers. How IT Teams Can Use 'Harm Reduction' for Better Cybersecurity Outcomes Copado's Kyle Tobener will discuss a three-pronged plan at Black Hat USA for addressing human weaknesses in cybersecurity with this medical concept — from phishing to shadow IT. MORE

EDITORS' CHOICE

35K Malicious Code Insertions in GitHub: Attack or Bug-Bounty Effort?

In the last month, "Pl0xP" cloned several GitHub repositories, adding malicious code to the forks that would attempt to infect developer systems and steal sensitive files that included software keys.

LATEST FROM THE EDGE

What Worries Security Teams About the Cloud?

What issues are cybersecurity professionals concerned about in 2022? You tell us!

LATEST FROM DR TECHNOLOGY

How to Resolve Permission Issues in CI/CD Pipelines

This Tech Tip outlines how DevOps teams can address security integration issues in their CI/CD pipelines.

WEBINARS

Malicious Bots: What Enterprises Need to Know
Bots are launching more complex and targeted attacks such as price scraping, credential stuffing, scalping, and credit card fraud, but many security defenders are still focused on only the most obvious attacks. Automated bot attacks are on the rise, but ...
Assessing Cyber Risk
Top executives often ask, "how safe are we from a cyber breach?" But it can be difficult to quantitatively measure cyber risk, and even harder to assess your organization's attack surface. In this webinar, you'll learn how to evaluate your ...

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

6 Elements of a Solid IoT Security Strategy
Practical Network Security Approaches for a Multicloud, Hybrid IT World
The report covers areas enterprises should focus on for their multicloud/hybrid cloud security strategy: -increase visibility over the environment -learning cloud-specific skills -relying on established security frameworks -re-architecting the network
How Enterprises Are Securing the Application Environment
Download this report from Dark Reading to learn more about the measures enterprises have adopted to ensure the security of their internally developed applications and third-party packaged applications.

View More Dark Reading Reports >>

PRODUCTS & RELEASES

Phylum Releases a Free Community Edition to Make Software Supply Chain Security More Accessible

Deep Instinct Pioneers Deep-Learning Malware Prevention to Protect Mission-Critical Business Applications at Scale

CompTIA CEO Outlines Initiative to Create the Pre-eminent Destination to Start, Build and ‘Supercharge’ a Tech Career

From Babuk Source Code to Darkside Custom Listings — Exposing a Thriving Ransomware Marketplace on the Dark Web

MORE PRODUCTS & RELEASES

CURRENT ISSUE

Living on the Edge: Building and Maintaining Security at the Network Edge
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES

Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.

Living on the Edge: Building and Maintaining Security at the Network Edge