Tools purporting to help organizations recover lost passwords for PLCs are really droppers for malware targeting industrial control systems, vendor says.
Follow Dark Reading:
 July 19, 2022
LATEST SECURITY NEWS & COMMENTARY
Trojanized Password Crackers Targeting Industrial Systems
Tools purporting to help organizations recover lost passwords for PLCs are really droppers for malware targeting industrial control systems, vendor says.
Retbleed Fixed in Linux Kernel, Patch Delayed
Linus Torvalds says Retbleed has been addressed in the Linux kernel, but code complexity means the release will be delayed by a week to give more time for testing.
Ransomware Attempts Flag as Payments Also Decline
Telecom and business services see the highest level of attacks, but the two most common ransomware families, which continue to be LockBit and Conti, are seen less often.
FBI: Beware of Scam Cryptocurrency Investment Apps
Law enforcement estimates campaign has already bilked cryptocurrency investors out of $42.7 million.
WordPress Page Builder Plug-in Under Attack, Can't Be Patched
An ongoing campaign is actively targeting the vulnerability in the Kaswara Modern WPBakery Page Builder Addon, which is still installed on up to 8,000 sites, security analysts warn.
Building Guardrails for Autonomic Security
AI's potential for automating security has promise, but there are miles to go in establishing decision-making boundaries.
Name That Toon: Modern-Day Fable
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
(Sponsored Article) The 3 Critical Elements You Need for Vulnerability Management Today
Most organizations are flying blind when remediating vulnerabilities. We lack the tooling to secure software fast enough. We need a new approach to vulnerability management now.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
How Hackers Create Fake Personas for Social Engineering
And some ways to up your game for identifying fabricated online profiles of people who don't exist.

Getting a Better Handle on Identity Management in the Cloud
Treat identity management as a first-priority problem, not something to figure out later while you get your business up and running in the cloud.

How Attackers Could Dupe Developers into Downloading Malicious Code From GitHub
Developers need to be cautious about whom they trust on GitHub because it's easy to establish fake credibility on the platform, security vendor warns.

MORE
EDITORS' CHOICE
Sandworm APT Trolls Researchers on Its Trail as It Targets Ukraine
Researchers who helped thwart the Russian nation-state group's recent attack on Ukraine's power supply will disclose at Black Hat USA what they found while reverse-engineering the powerful Industroyer2 malware used by the powerful hacking team.
LATEST FROM THE EDGE

Watch Out for User Impersonation in Low-Code/No-Code Apps
How a well-meaning employee could unwittingly share their identity with other users, causing a whole range of problems across IT, security, and the business.
LATEST FROM DR TECHNOLOGY

Hunting for Threats Using Network Traffic Flows
SeclarityIO's NetworkSage platform analyzes network traffic data to identify attacks before they become real problems.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Bishop Fox Secures $75 Million in Growth Funding From Carrick Capital Partners
Scribe Security Releases Code Integrity Validator Alongside Github Security Open Source Project
AEI HorizonX Ventures Joins Shift5 Series B Funding Round
MORE PRODUCTS & RELEASES
CURRENT ISSUE

Implementing Zero Trust In Your Enterprise: How to Get Started
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2022   |   Informa Tech  |   Privacy Statement   |   Terms & Conditions  |  Contact Us