Google, Microsoft Brands Impersonated the Most in Form-Based Attacks

[TechWeb]( Follow Dark Reading: [RSS]( May 29, 2020 LATEST SECURITY NEWS & COMMENTARY [Google, Microsoft Brands Impersonated the Most in Form-Based Attacks]( Attackers are preying on users' inclination to click on familiar-looking websites, but instead trick them into sharing usernames and passwords. [Valak Malware Retasked to Steal Data from US, German Firms]( Once considered a loader for other malware, Valak regularly conducts reconnaissance and steals information and credentials, new analysis shows. [Researchers ID Hacktivist Who Defaced Nearly 5,000 Websites]( Opsec mistakes lead a Check Point researcher to an individual in Brazil who was behind a longtime hacking campaign. [Vulnerability Disclosures Drop in Q1 for First Time in a Decade]( Even with more security issues published on Patch Tuesdays, the total number of software flaws dropped for the first three months of 2020, according to one tally. [GitHub Supply Chain Attack Uses Octopus Scanner Malware]( Octopus Scanner is a new malware used to compromise 26 open source projects in a massive GitHub supply chain attack. [Data Loss Spikes Under COVID-19 Lockdowns]( Two new reports suggest a massive gap between how organizations have prepared their cybersecurity defenses and the reality of their efficacy. [How Elite Protectors Operationalize Security Protection]( There is no silver bullet for cybersecurity. It takes the right people, with the right mindset, applying the right elements of good security from the data center to the SOC. [3 SMB Cybersecurity Myths Debunked]( Small and midsize businesses are better at cyber resilience than you might think. [NSA Warns Russia's 'Sandworm' Group Is Targeting Email Servers]( The Russian military group has been exploiting a flaw in the Exim mail transfer agent since last August, the NSA reports. [MORE NEWS & COMMENTARY]( HOT TOPICS [Stay-at-Home Orders Coincide With Massive DNS Surge]( A variety of sites saw as much as seven times the number of domain requests in late March and early April, suggesting attackers attempted massive denial-of-service attacks. [GDPR Enforcement Loosens Amid Pandemic]( The European Union has given some organizations more breathing room to remedy violations, yet no one should think regulators are planning to abandon the privacy legislation in the face of COVID-19. [How to Pay a Ransom: A Step-By-Step Guide for Something You'd Never Do]( Even prior to the COVID-19 pandemic, ransomware attacks were on the rise and becoming more expensive. Now your, um, friend's organization has fallen victim and is going to pay. Here's how they should handle it. [MORE]( EDITORS' CHOICE [A Rogues' Gallery of MacOS Malware]( MacOS isn't immune from malware. Being prepared means understanding the nature of the worst threats a security team is likely to see attacking Macs in the enterprise. [COVID-19: Latest Security News & Commentary]( Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic. NEW FROM THE EDGE [Security 101: SQL Injection]( A carefully crafted attack can convince a database to reveal all its secrets. Understanding the basics of what the attack looks like and how to protect against it can go a long way toward limiting the threat. Tech Resources - [CyberSecurity Trends 2020]( - [Automate Testing Using MITRE ATT&CK with Verodin Security Validation]( - [Qualys VMDR -- All-in-One Vulnerability Management, Detection, and Response]( - [How Cybersecurity Incident Response Programs Work (and Why Some Don't)]( - [APC Smart-UPS Lithium-Ion UPS Battery will Cut Your TCO]( - [The State of IT Operations and Cybersecurity Operations 2020]( - [10 Things to Consider Before Buying a Mobile Device Management Solution]( [ACCESS TECH LIBRARY NOW]( - [The Threat From the Internet - and What Your Organization Can Do About It]( In this webinar, experts describe some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. - [Cyber Attack Evasion Techniques]( When it comes to evasion techniques there's a perpetual cat and mouse game between malware developers and solutions providers. By drawing on the latest in evasion techniques, malware developers not only go undetected on the compromised machine but more importantly, ... [MORE WEBINARS]( FEATURED REPORTS - [The State of IT Operations and Cybersecurity Operations 2020]( Learn more about how today's IT operations teams work with cybersecurity operations, what technologies they are using, and how they communicate and share responsibility--or create risk by failing to do so. - [Endpoint Security 2020: The Resurgence of EPP and the Manifest Destiny of EDR]( [MORE REPORTS]( CURRENT ISSUE [How Cybersecurity Incident Response Programs Work (and Why Some Don't)]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [RiskIQ Creates Complimentary COVID-19 Internet Intelligence Gateway to Fight Pandemic of Cybercrime]( [Synack's $52 Million Investment Fuels Future of Remote Security Testing from World's Elite Hackers]( [Intrusion Inc. Appoints Jack Blount as President and Chief Executive Officer]( [MORE PRODUCTS & RELEASES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech 303 Second St., Suite 900 South Tower, San Francisco, CA 94107 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:customerservice_informationhub@techweb.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2020]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:customerservice_informationhub@techweb.com)