Author: Kelly Jackson Higgins Executive Editor at Dark Reading

New research suggests isolation among cloud customer accounts may not be a given — and the researchers behind the findings issue a call to action for cloud security. Source: Darkreading Attacks Breaches

“We can’t do this alone,” the new CISA director told attendees in a keynote at Black Hat USA today. Source: Darkreading Attacks Breaches

In his keynote address at Black Hat USA on Wednesday, Matt Tait, chief operating officer at Corellium, called for software platform vendors and security researchers to do their part to thwart the fallout of software supply chain compromises. Source: Darkreading Attacks Breaches

“PwnedPiper” flaws could allow attackers to disrupt delivery of lab samples or steal hospital employee credentials, new research shows. Source: Darkreading Attacks Breaches

Fancy Bear nation-state hacking team add a modern twist on old-school hacking method by using a cluster of Kubernetes software containers to expedite credential theft. Source: Darkreading Attacks Breaches

Apple security expert Patrick Wardle found that some macOS malware written for the new M1 processor can bypass anti-malware tools. Source: Darkreading Attacks Breaches

Researchers found a “novel” class of DNS vulnerabilities in AWS Route53 and other DNS-as-a-service offerings that leak sensitive information on corporate and government customers, with one simple registration step. Source: Darkreading Attacks Breaches

Best practices guide encompasses integrity, hardening, resilience, and monitoring of PLCs in industrial networks. Source: Darkreading Attacks Breaches

Security researchers at Mandiant have seen an increasing wave of relatively simplistic attacks involving ICS systems – and attackers sharing their finds with one another – since 2020. Source: Darkreading Attacks Breaches

Incident response cases and research show how the red-team tool has become a become a go-to for attackers. Source: Darkreading Attacks Breaches