AuthorKelly Sheridan Staff Editor, Dark Reading

This Week in Database Leaks: Cognyte, CVS, Wegmans

Billions of records were found exposed this week due to unprotected databases owned by major corporations and third-party providers.

Ransomware Operators’ Strategies Evolve as Attacks Rise

Security researchers find ransomware operators rely less on email and more on criminal groups for initial access into target networks.

Microsoft Disrupts Large-Scale BEC Campaign Across Web Services

Attackers had used the cloud-based infrastructure to target mailboxes and add forwarding rules to learn about financial transactions.

‘Fancy Lazarus’ Criminal Group Launches DDoS Extortion Campaign

The group has re-emerged after a brief hiatus with a new email campaign threatening a DDoS attack against businesses that don't pay ransom.

RSA Spins Off Fraud & Risk Intelligence Unit

The new company, called Outseer, will continue to focus on payment authentication and fraud detection and analysis.

Microsoft Patches 6 Zero-Days Under Active Attack

The June 2021 Patch Tuesday fixes 50 vulnerabilities, six of which are under attack and three of which were publicly known at the time of disclosure.

Microsoft CISO Shares Remote Work Obstacles & Lessons Learned

Bret Arsenault explains changes he implemented along the way as Microsoft's workforce went from 20% to 97% remote.

Google Experts Explore Open Source Security Challenges & Fixes

An open source security event brought discussions of supply chain security and managing flaws in open source projects.

Microsoft Buys ReFirm Labs to Drive IoT Security Efforts

The acquisition will bring ReFirm's firmware analysis capabilities alongside Microsoft's Azure Defender for IoT to boost device security.

Microsoft 365: Most Common Threat Vectors & Defensive Tips

Security pros discuss the most typical ways attackers leverage Microsoft 365 and share their guidance for defenders.