Dark Reading Staff, Dark Reading – Page 22 – CyberSecurity Confabulation

New analysis reveals basic regulatory password requirements fall far short of providing protection from compromise.

An analysis from Google TAG shows that Android zero-day exploits were packaged and sold for state-backed surveillance.

Analysts have seen a massive spike in malicious activity by the XorDdos trojan in the last six months, against Linux cloud and IoT infrastructures .

In a new phishing tactic, faux chatbots establish a conversation with victims to guide them to malicious links, researchers say.

Two of Microsoft's Patch Tuesday updates need a do-over after causing certificate-based authentication errors.

Revised policy means security analysts won't be charged under the Computer Fraud and Abuse Act.

Last month attackers quickly reverse-engineered VMWare patches to launch RCE attacks. CISA warns it's going to happen again.

Publicly released proof-of-concept exploits are supercharging attacks against unpatched systems, CISA warns.

Attackers appear to have found a way around PowerShell monitoring by using a default utility instead.

The founders behind more than 90 cybersecurity firms have set up a $300 million investment fund.