Darkreading.com: Latest Cybersecurity News

Container verification bug allows malicious images to cloud up Kubernetes.

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 24 December 2022, 1400 UTC. Content supplied by "Darkreading.com."

Source:  https://www.darkreading.com/

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

Latest News

Container Verification Bug Allows Malicious Images to Cloud Up Kubernetes

A complete bypass of the Kyverno security mechanism for container image imports allows cyberattackers to completely take over a Kubernetes pod to steal data and inject malware.

Tara-Seals-Headshot2.jpg

by Tara Seals, Managing Editor, News, Dark Reading

Dec 23, 2022

CLOUD
5 MIN READ
Article Icon
ARTICLE
LastPass Cops to Massive Breach Including Customer Vault Data

The follow-on attack from August's source-code breach could fuel future campaigns against LastPass customers.

dr_staff_125x125.jpg

by Dark Reading Staff, Dark Reading

Dec 23, 2022

ATTACKS/BREACHES
1 MIN READ
Article Icon
ARTICLE
Videoconferencing Worries Grow, With SMBs in Cyberattack Crosshairs

Securing videoconferencing solutions is just one of many IT security challenges small businesses are facing, often with limited financial and human resources.

NathanEddyHeadshot.PNG

by Nathan Eddy, Contributing Writer, Dark Reading

Dec 23, 2022

APPLICATION SECURITY
6 MIN READ
Article Icon
ARTICLE
Google: With Cloud Comes APIs & Security Headaches

APIs are key to cloud transformation, but two Google surveys find that cyberattacks targeting them are reaching a tipping point, even as general cloud security issues abound.

Robert-Lemos.png

by Robert Lemos, Contributing Writer, Dark Reading

Dec 23, 2022

CLOUD
4 MIN READ
Article Icon
ARTICLE
Inside the Next-Level Fraud Ring Scamming Billions Off Holiday Retailers

"Largest attack of its kind": A potent Southeast Asian e-commerce fraud ring has declared war on US retailers, targeting billions in goods in just the past month and forcing mules into its scheme.

BeckyB.jpg

by Becky Bracken, Editor, Dark Reading

Dec 22, 2022

ATTACKS/BREACHES
4 MIN READ
Article Icon
ARTICLE
Biden Signs Post-Quantum Cybersecurity Guidelines Into Law

The new law holds the US Office of Budget and Management to a road map for transitioning federal systems to NIST-approved PQC.

pink-headshot.jpg

by Karen Spiegelman, Features Editor

Dec 22, 2022

RISK
2 MIN READ
Article Icon
ARTICLE
Security on a Shoestring? Cloud, Consolidation Best Bets for Businesses

With a recession potentially coming, some companies are cutting security teams. But moving more infrastructure to the cloud and reducing the number of vendors through consolidation may be the best ways to prepare.

Robert-Lemos.png

by Robert Lemos, Contributing Writer, Dark Reading

Dec 22, 2022

RISK
4 MIN READ
Article Icon
ARTICLE
Google WordPress Plug-in Bug Allows AWS Metadata Theft

A successful attacker could use the SSRF vulnerability to collect metadata from WordPress sites hosted on an AWS server, and potentially log in to a cloud instance to run commands.

NathanEddyHeadshot.PNG

by Nathan Eddy, Contributing Writer, Dark Reading

Dec 22, 2022

VULNERABILITIES/THREATS
3 MIN READ
Article Icon
ARTICLE
MORE NEWS

Latest Commentary

Fool Me Thrice? How to Avoid Double and Triple Ransomware Extortion

To stay safer, restrict access to data, monitor for breaches in the supply chain, track relevant data that is sold on the Dark Web, and implement best safety practices.

Rob Jenks

by Rob Jenks, Senior Vice President, Corporate Strategy, Tanium

Dec 23, 2022

Threat Modeling in the Age of OpenAI's Chatbot

New technical chatbot capabilities raise the promise that their help in threat modeling could free humans for more interesting work.

Photo of Adam Shostack

by Adam Shostack, Leading expert in threat modeling

Dec 22, 2022

'Sextortion,' Business Disruption, and a Massive Attack: What Could Be in Store for 2023

Our growing interconnectedness poses almost as many challenges as it does benefits.

Photo of Reuven Aronashvili

by Reuven Aronashvili, Founder and CEO, CYE

Dec 22, 2022

Name That Toon: Kiss and Tell

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Klossner_iwk_photo.gif

by John Klossner, Cartoonist

Dec 21, 2022

Why Security Teams Shouldn't Snooze on MFA Fatigue

Employee education, biometric and adaptive authentication, and zero trust can go a long way in strengthening security.

Candid Wüest

by Candid Wüest, VP of Cyber Protection Research, Acronis

Dec 21, 2022

MORE COMMENTARY


Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

Cyber War News Today.

Image
"International Defence Cooperation:  A key to regional stability." Views expressed in this cybersecurity, cyber espionage, and cyber crime update are those of the reporters and correspondents.  Accessed on 15 December 2024, 0134 UTC. Content and Source:   https://cyberwar.einnews.com/news/cyber-war-news?n=2&code=FA9GNesSTpp2rjO1&utm_source=NewsletterNews&utm_medium=email&utm_campaign=Cyber+War+News&utm_content=navig Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Cyber War News Monitoring Get by    Email    •     RSS Published on  Dec 13, 2024 The Cyber Warfare Market Size Reach USD 127.1 Billion by 2032 Exhibiting CAGR at 13.3% WILMINGTON, DE, UNITED STATES, December 13, 2024 /⁨EINPresswire.com⁩/ -- According to the report, The Cyber Warfare Market Size Reach USD 127.1 Billion by 2032 Exhibiting CAGR at 1...
Read more

BleepingComputer.com

Image
"Progress LoadMaster vulnerable to 10/10 severity RCE flaw." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 08 September 2024, 1458 UTC. Content and Source:   https://www.bleepingcomputer.com/ Please check link or scroll down to read your selections. Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Latest Articles   Security Progress LoadMaster vulnerable to 10/10 severity RCE flaw Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device. Bill Toulas   September 08, 2024   10:11 AM     0   Deals Get started learning about cybersecurity with this course bundle deal Take a real step towards a job in information security with this intro to cybersecurity. Get the 2...
Read more

The Cyberwire Daily Briefing

Image
"Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 15 September 2024, 1339 UTC. Content and Source:   https://thecyberwire.com/newsletters/daily-briefing/13/176 Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). V13 | Issue 176 | 9.13.24 Daily Briefing for 09.13.24 Announcement Cloud Security in the Age of Generative AI. Artificial Intelligence is revolutionizing business, but it also introduces new risks. Join us on Wednesday, September 18th at 2pm EDT for a compelling live webinar on "Good vs. Evil: Cloud Security in the Age of Generative AI" with N2K CyberWire’s Dave Bittner and Sysdig’s Loris Degioanni.  Learn more and register now . Summary By the CyberWire staff At a glance. Fortinet confirms breach of customer data. Iran's Scarred Manticore deplo...
Read more