Penetration testing in the cloud needs a different approach.
Views expressed in this cybersecurity-intelligence update are those of the reporters and correspondents.
Accessed on 20 October 2021, 1338 UTC.
Content provided by “DarkReading.com.”
Source: https://www.darkreading.com/latest/news
NEWS
Penetration Testing in the Cloud Demands a Different Approach
Attackers use a different set of techniques to target the cloud, meaning defenders must think differently when pen testi…
by Kelly Sheridan, Senior Editor
October 19, 2021
5 MIN READ
CLOUD
ARTICLE
Telecommunications Providers Worldwide Are Targeted in Sophisticated Cyber-Espionage Campaign
LightBasin has displayed in-depth knowledge of telecom architectures and protocols in its attacks, security vendor warns…
by Jai Vijayan, Contributing Writer
October 19, 2021
4 MIN READ
ATTACKS/BREACHES
ARTICLE
Damages Escalate Rapidly in Multiparty Data Breaches
Analysis of the top-50 multiparty attacks over the past decade finds that nation-state-linked hackers focused on disrupt…
by Robert Lemos, Contributing Writer
October 19, 2021
4 MIN READ
ATTACKS/BREACHES
ARTICLE
Group With Potential Links to Iranian Threat Actor Resurfaces
The Lyceum group has previously been linked to attacks on targets in the Middle East.
by Jai Vijayan, Contributing Writer
October 18, 2021
3 MIN READ
ATTACKS/BREACHES
ARTICLE
(ISC)² Plans Entry-Level Certification for Aspiring Security Pros
The certification aims to help new entrants to the security field with professional development and career paths early o…
by Kelly Sheridan, Senior Editor
October 18, 2021
4 MIN READ
ATTACKS/BREACHES
ARTICLE
‘Clumsy’ BlackByte Malware Reuses Crypto Keys, Worms Into Networks
Discovered during a recent incident response engagement, the malware avoids Russian computers and uses a single symmetri…
by Robert Lemos, Contributing Writer
October 15, 2021
4 MIN READ
THREAT INTELLIGENCE
ARTICLE
Enterprise Data Storage Environments Riddled With Vulnerabilities
Many organizations are not properly protecting their storage and backup systems from compromise, new study finds.
by Jai Vijayan, Contributing Writer
October 14, 2021
5 MIN READ
VULNERABILITIES/THREATS
ARTICLE
VirusTotal Shares Data on Ransomware Activity
Google’s online malware scanning service analyzed 80 million ransomware samples that were uploaded in the past year-and-…
by Kelly Jackson Higgins, Executive Editor
October 13, 2021
2 MIN READ
THREAT INTELLIGENCE
ARTICLE
Worried Over Antitrust Debate, Apple Talks Sideloading Dangers
Apple argues in a position paper that sideloading apps poses a major security threat to its users, as many lawmakers and…
by Robert Lemos, Contributing Writer
October 13, 2021
6 MIN READ
APPLICATION SECURITY
ARTICLE
Microsoft Fixes Zero-Day Flaw in Win32 Driver
A previously known threat actor is using the flaw in a broad cyber-espionage campaign, security vendor warns.
by Jai Vijayan, Contributing Writer
October 12, 2021
5 MIN READ
VULNERABILITIES/THREATS
ARTICLE
Google Launches Security Advisory Service, Security to Workspaces
Internet giant aims to help companies use the cloud securely and adds more security features to its productivity workspa…
by Robert Lemos, Contributing Writer
October 12, 2021
4 MIN READ
CLOUDARTICLE
Overly Complex IT Infrastructures Pose Security Risk
Cybersecurity budgets are set to increase in 2022, but companies worry that complex IT networks and data infrastructure …
by Robert Lemos, Contributing Writer
October 11, 2021
4 MIN READ
OPERATIONS
ARTICLE
Applying Behavioral Psychology to Strengthen Your Incident Response Team
A deep-dive study on the inner workings of incident response teams leads to a framework to apply behavioral psychology p…
by Kelly Sheridan, Senior Editor
October 11, 2021
5 MIN READ
ENDPOINT
ARTICLE
North American Orgs Hit With an Average of 497 Cyberattacks per Week
A new analysis confirms a surge in global cyberattacks since the COVID-19 pandemic began.
by Jai Vijayan, Contributing Writer
October 08, 2021
3 MIN READ
ATTACKS/BREACHES
ARTICLE
Microsoft: 58% of Nation-State Cyberattacks Come From Russia
A wealth of Microsoft data highlights trends in nation-state activity, hybrid workforce security, disinformation, and su…
by Kelly Sheridan, Senior Editor
October 07, 2021
6 MIN READ
THREAT INTELLIGENCE
ARTICLE
Rapid RYUK Ransomware Attack Group Christened as FIN12
Prolific ransomware cybercrime group’s approach underscores a complicated, layered model of cybercrime.
by Kelly Jackson Higgins, Executive Editor
October 07, 2021
5 MIN READ
ATTACKS/BREACHES
ARTICLE
What the CEO Saw: Colonial Pipeline, Accellion Execs Share Cyberattack War Stories
CEOs of the two breached companies said their priorities instantly shifted to joining the response efforts when they fir…
by Kelly Jackson Higgins, Executive Editor
October 06, 2021
6 MIN READ
THREAT INTELLIGENCE
ARTICLE
Aerospace, Telecommunications Companies Victims of Stealthy Iranian Cyber-Espionage Campaign
Since at least 2018, “MalKamak” group has targeted firms in the Middle East, Russia, and other areas to steal sensitive …
by Jai Vijayan, Contributing Writer
October 06, 2021
4 MIN READ
ATTACKS/BREACHES
ARTICLE
Misconfigured Apache Airflow Platforms Threaten Organizations
Security researchers found thousands of credentials for popular cloud-hosted services exposed on insecure instances of t…
by Jai Vijayan, Contributing Writer
October 05, 2021
4 MIN READ
VULNERABILITIES/THREATS
ARTICLE
Mandia Alerted NSA on FireEye’s SolarWinds Breach
“National security” concerns led former CEO Kevin Mandia to call the NSA when FireEye discovered its breach in late 2020…
by Kelly Jackson Higgins, Executive Editor
October 05, 2021
5 MIN READ
THREAT INTELLIGENCE
ARTICLE
Windows 11 Available: What Security Pros Should Know
Microsoft discusses the security requirements and changes coming to the newest version of its Windows operating system.
by Kelly Sheridan, Senior Editor
October 04, 2021
4 MIN READ
ENDPOINT
ARTICLE
—–
Hawaii Cybersecurity Digest 