"Vendors, attackers chase potential of non-human ID Mgmt."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 19 December 2024, 1503 UTC.

Content and Source:  Email subscription via https://feedly.com.   https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fwww.darkreading.com%2Frss%2Fall.xml

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Dark Reading

160K followers37 articles per week#security#tech

11

Today

Vendors, Attackers Chase Potential of Non-Human ID Mgmt

5 TTPs

•

by Jeffrey Schwartz / 40min

Non-human identities authenticate machine-to-machine communication. The big challenge now is to secure their elements and processes — and integrate them with human identity info.

Bridging the 'Keyboard-to-Chair' Gap With Identity Verification

by Joan Goodchild / 1h

Modern identity verification (IDV) approaches aim to connect digital credentials and real-world identity without sacrificing usability.

Yesterday

CISA Releases Draft of National Cyber Incident Response Plan

CISA seeks public input on NCIRP

•

by Jennifer Lawinski / 8h

The draft of the long-awaited update to the NCIRP outlines the efforts, mechanisms, involved parties, and decisions the US government will use in response to a large-scale cyber incident.

India Sees Surge in API Attacks, Especially in Banking, Utilities

by Robert Lemos, Contributing Writer / 11h

The number of DDoS-related incidents targeting APIs have jumped by 30x compared with traditional Web assets, suggesting that attackers see the growing API landscape as the more attractive target.

Interpol: Can We Drop the Term 'Pig Butchering'?

Interpol warns against "pig butchering" term

•

by Becky Bracken, Senior Editor, Dark Reading / 18h

The agency asks the cybersecurity community to adopt "romance baiting" in place of dehumanizing language.

Recorded Future: Russia's 'Undesirable' Designation Is a Compliment

Russia labels Recorded Future undesirable

•

by Tara Seals, Managing Editor, News, Dark Reading / 18h

The threat intelligence business, which is set to be acquired by Mastercard for billions, is officially vendor non grata in Putin's regime.

Manufacturers Lose Azure Creds to HubSpot Phishing Attack

6 TTPs

•

by Nate Nelson, Contributing Writer / 20h

•

Phishing campaign targets Azure credentials

Cyberattackers used fake DocuSign links and HubSpot forms to try to solicit Azure cloud logins from hundreds of thousands of employees across Europe.

Phishers Spoof Google Calendar Invites in Fast-Spreading, Global Campaign

9 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 21h

•

Google Calendar phishing attacks increase

Attackers are using links to the popular Google scheduling app to lead users to pages that steal credentials, with the ultimate goal of committing financial fraud.

Wallarm Releases API Honeypot Report Highlighting API Attack Trends

APIs discovered by attackers quickly

•

22h

[no content]

The Importance of Empowering CFOs Against Cyber Threats

by Shai Gabay / 23h

Working closely with CISOs, chief financial officers can become key players in protecting their organizations' critical assets and ensuring long-term financial stability.

Midnight Blizzard Taps Phishing Emails, Rogue RDP Nets

8 TTPs

•

by Jai Vijayan, Contributing Writer / 1d

•

Earth Koshchei conducts rogue RDP attacks

The Russian-based attack group uses legitimate red-team tools, 200 domain names, and 34 back-end RDP servers, making it harder to identify and block malicious activity.

End of feed