Mimecast: Recent Certificate Compromise Tied to SolarWinds Attacks January 26, 2021 by Dark Reading Staff Dark Reading Staff Yet another security firm hit in the sweeping attack campaign believed to be out of Russia. Continue Reading
BEC Scammers Find New Ways to Navigate Microsoft 365 January 26, 2021 by Dark Reading Staff Dark Reading Staff Their techniques made use of out-of-office replies and automatic responses during the 2020 holiday season, researchers report. Continue Reading
Deloitte & Touche Buys Threat-Hunting Firm January 25, 2021 by Dark Reading Staff Dark Reading Staff Root9B (R9B) offers threat hunting and other managed security services. Continue Reading
Small Security Teams Have Big Security Fears, CISOs Report January 25, 2021 by Dark Reading Staff Dark Reading Staff Researchers poll security leaders who are tasked with protecting large organizations but have a small presence and budget. Continue Reading
Microsoft to Launch ‘Enforcement Mode’ for Zerologon Flaw January 19, 2021 by Dark Reading Staff Dark Reading Staff Enforcement mode for the Netlogon Domain Controller will be enabled by default with the Feb. 9 security update. Continue Reading
NSA Appoints Rob Joyce as Cyber Director January 15, 2021 by Dark Reading Staff Dark Reading Staff Joyce has long worked in US cybersecurity leadership, most recently serving as the NSA's top representative in the UK. Continue Reading
‘Chimera’ Threat Group Abuses Microsoft & Google Cloud Services January 14, 2021 by Dark Reading Staff Dark Reading Staff Researchers detail a new threat group targeting cloud services to achieve goals aligning with Chinese interests. Continue Reading
NSA Recommends Using Only ‘Designated’ DNS Resolvers January 14, 2021 by Dark Reading Staff Dark Reading Staff Agency provides guidelines on securely deploying DNS over HTTPS, aka DoH. Continue Reading
SolarWinds Attackers May Have Hit Mimecast, Driving New Concerns January 13, 2021 by Dark Reading Staff Dark Reading Staff Mimecast no longer uses the SolarWinds Orion network management software that served as an attack vector for thousands of organizations. Continue Reading
Huntress Acquires EDR Technology From Level Effect January 13, 2021 by Dark Reading Staff Dark Reading Staff Huntress seeks to improve its detection and response capabilities with a more comprehensive view of endpoint security. Continue Reading
United Nations Security Flaw Exposed 100K Staff Records January 12, 2021 by Dark Reading Staff Dark Reading Staff Security researchers have disclosed a vulnerability they exploited to access more than 100,000 private employee records. Continue Reading
IoT Vendor Ubiquiti Suffers Data Breach January 11, 2021 by Dark Reading Staff Dark Reading Staff Cloud provider hosting "certain" IT systems attacked, company says. Continue Reading
Russian Hacker Sentenced to 12 Years for Role in Breaches of JP Morgan, Others January 8, 2021 by Dark Reading Staff Dark Reading Staff Crimes netted him $19 million overall. Continue Reading
SolarWinds Hires Chris Krebs and Alex Stamos for Breach Recovery January 8, 2021 by Dark Reading Staff Dark Reading Staff The former US cybersecurity official and former Facebook security chief will help SolarWinds respond to its recent attack and improve security. Continue Reading
State Dept. to Create New Cybersecurity & Technology Agency January 7, 2021 by Dark Reading Staff Dark Reading Staff Bureau of Cyberspace Security and Emerging Technologies (CSET) will serve as diplomatic arm for US cybersecurity interests. Continue Reading