“PerSwaysion” phishing campaign ongoing, and pervasive.
Views expressed in this cybersecurity and cybercrime update are those of the reporters and correspondents.
Accessed on 19 November 2021, 1337 UTC.
Content provided by “DarkReading.com.”
Please click link or scroll down to read your selections.
Attackers also are deploying ProxyShell and abusing the vulnerabilities in stealthier manner, researchers say.
The TA406 group uses credential harvesting to target diplomats and policy experts in the United States, Russia, China, and South Korea, rarely resorting to malware.
Personal data, including Social Security numbers, of more than 100K employees exposed.
Research shows that multiple attack groups have been using the Microsoft file-sharing service – leveraging phishing kit for much longer than previously thought.
The United States, United Kingdom, and Australia warn attacks from groups linked to Iran are on the rise, while the Iranian government blames the US and Israel for an attack on gas pumps.
Researchers share their findings on the current zero-day market and how criminals’ strategies may shift in the future.
Security experts weigh in on the value and pitfalls of extended detection and response (XDR), offering consideration and advice on this growing new category.
EU officials and others previously had blamed Russia’s intelligence operations for the so-called Ghostwriter campaign.
Swarm Intelligence May Be Just the Ticket for Improved Network & Device Security
Based on the reaction of a single insect in a swarm, messages are passed along peer to peer, and an entire environment can respond without a central leader processing data and giving orders.
5 Things ML Teams Should Know About Privacy and the GDPR
Machine learning delivers plenty of benefits. But as the emerging technology gets applied more broadly, be careful about how you handle all the data used in the process.
How to Navigate the Mitigation of Deepfakes
Deepfakes are already several steps ahead of the technology that can detect and warn us about them.
4 Considerations for Improving Cloud Security Hygiene
Mixing cloud security and maintenance practices with legacy enterprise approaches usually ends up shortchanging cloud hygiene. Here are some ways to remedy that.
Navigating the Complexity of Today’s Digital Supply Chain
An efficient way to monitor security is to model user behavior using time series data and watching for anomalies.