Nachrichtenarchiv

Dark Reading 21.11.2022 21:50
Analysts see an uptick in token theft from authenticated users, allowing threat actors to bypass MFA protections.

Dark Reading 21.11.2022 19:30
Here’s what that means about our current state as an industry, and why we should be happy about it.

Dark Reading 21.11.2022 18:10
Organizations that use the consensus principles can significantly improve their cyber resilience without raising costs, MIT research shows.

The Hacker News 21.11.2022 15:24
The notorious Emotet malware has returned with renewed vigor as part of a high-volume malspam campaign designed to drop payloads like IcedID and Bumblebee.
"Hundreds of thousands of emails per day" have been sent since early November 2022, enterprise security company Proofpoint said last week, adding, "the new activity suggests Emotet is returning to its full functionality acting as a delivery

The Hacker News 21.11.2022 6:42
Google Cloud last week disclosed that it identified 34 different hacked release versions of the Cobalt Strike tool in the wild, the earliest of which shipped in November 2012.
The versions, spanning 1.44 to 4.7, add up to a total of 275 unique JAR files, according to findings from the Google Cloud Threat Intelligence (GCTI) team. The latest version of Cobalt Strike is version 4.7.2.
Cobalt

Dark Reading 19.11.2022 0:00
Your journey to zero trust can be perilous if you are using legacy equipment that wasn’t designed for it. Begin the transformation where it makes the most sense for your organization.

The Hacker News 19.11.2022 8:24
A developing threat activity cluster has been found using Google Ads in one of its campaigns to distribute various post-compromise payloads, including the recently discovered Royal ransomware.
Microsoft, which spotted the updated malware delivery method in late October 2022, is tracking the group under the name DEV-0569.
"Observed DEV-0569 attacks show a pattern of continuous innovation, with

The Hacker News 18.11.2022 13:07
Threat hunting is the process of looking for malicious activity and its artifacts in a computer system or network. Threat hunting is carried out intermittently in an environment regardless of whether or not threats have been discovered by automated security solutions. Some threat actors may stay dormant in an organization’s infrastructure, extending their access while waiting for the right

The Hacker News 07.11.2022 11:49
Security researchers are warning of "a trove of sensitive information" leaking through urlscan.io, a website scanner for suspicious and malicious URLs.
"Sensitive URLs to shared documents, password reset pages, team invites, payment invoices and more are publicly listed and searchable," Positive Security co-founder, Fabian Bräunlein, said in a report published on November 2, 2022.
The

Golem 07.11.2022 11:45
Humanitäre Organisationen haben ein digitales Äquivalent zum roten Kreuz vorgeschlagen, damit staatliche Hacker ihre Infrastruktur nicht angreifen. (Cyberwar, Internet)