5 Hard Truths About the State of Cloud Security 2024
Dark Reading talks cloud security with John Kindervag, the godfather of zero trust.
April 2024
Siemens Working on Fix for Device Affected by Palo Alto Firewall Bug
Growing attacks targeting the flaw prompted CISA to include it in the known exploited vulnerabilities catalog earlier this month.
Hackers Create Legit Phishing Links With Ghost GitHub, GitLab Comments
An utterly innocuous feature in popular Git CDNs allows anyone to conceal malware behind brand names, without those brands being…
Back from the Brink: UnitedHealth Offers Sobering Post-Attack Update
The company reports most systems are functioning again but that analysis of the data affected will take months to complete.
Lessons for CISOs From OWASP’s LLM Top 10
It's time to start regulating LLMs to ensure they're accurately trained and ready to handle business deals that could affect…
US Gov Slaps Visa Restrictions on Spyware Honchos
The State Department can now deny entrance to the US for individuals accused of profiting from spyware-related human rights abuses,…
Russia’s Fancy Bear Pummels Windows Print Spooler Bug
The infamous Russian threat actor has created a custom tool called GooseEgg to exploit CVE-2022-38028 in cyber-espionage attacks against targets…
Teetering on the Edge: VPNs, Firewalls’ Nonexistent Telemetry Lures APTs
State-sponsored groups are targeting critical vulnerabilities in virtual private network (VPN) gateways, firewall appliances, and other edge devices to make…
Licensed to Bill? Nations Mandate Certification & Licensure of Cybersecurity Pros
Malaysia, Singapore, and Ghana are among the first countries to pass laws that require cybersecurity firms — and in some…
ToddyCat APT Is Stealing Data on ‘Industrial Scale’
The threat actor is deploying multiple connections into victim environments to maintain persistence and steal data.