Category: Dark Reading:

FragAttacks Foil 2 Decades of Wireless Security

This article has been indexed from Dark Reading: Wireless security protocols have improved, but product vendors continue to make implementation errors that allow a variety of attacks. Read the original article: FragAttacks Foil 2 Decades of Wireless Security

HTTP/2 Implementation Errors Exposing Websites to Serious Risks

This article has been indexed from Dark Reading: Organizations that don’t implement end-to-end HTTP/2 are vulnerable to attacks that redirect users to malicious sites and other threats, security researcher reveals at Black Hat USA. Read the original article: HTTP/2 Implementation…

Why Supply Chain Attacks Are Destined to Escalate

This article has been indexed from Dark Reading: In his keynote address at Black Hat USA on Wednesday, Matt Tait, chief operating officer at Corellium, called for software platform vendors and security researchers to do their part to thwart the…

New Normal Demands New Security Leadership Structure

This article has been indexed from Dark Reading: At the inaugural Omdia Analyst Summit, experts discuss where the past year has created gaps in traditional security strategy and how organizations can fill them. Read the original article: New Normal Demands…

8 Security Tools to be Unveiled at Black Hat USA

This article has been indexed from Dark Reading: Security researchers and practitioners share a host of new cyber tools for penetration testing, reverse engineering, malware defense, and more. Read the original article: 8 Security Tools to be Unveiled at Black…

Biden Administration Responds to Geopolitical Cyber Threats

This article has been indexed from Dark Reading: In response to growing concerns regarding the recent uptick in large-scale, nation-state-backed ransomware attacks on critical infrastructure, the Biden administration is taking new action to tackle the evolving challenges posed by ransomware…

Law Firm for Ford, Pfizer, Exxon Discloses Ransomware Attack

This article has been indexed from Dark Reading: Campbell Conroy & O’Neil reports the attack affected personal data including Social Security numbers, passport numbers, and payment card data for some individuals. Read the original article: Law Firm for Ford, Pfizer,…

How Gaming Attack Data Aids Defenders Across Industries

This article has been indexed from Dark Reading: Web application attacks against the video game industry quadrupled in 2020 compared to the previous year, but companies outside entertainment can learn from the data. Read the original article: How Gaming Attack…

When Ransomware Comes to (Your) Town

This article has been indexed from Dark Reading: While steps for defending against a ransomware attack vary based on the size of the government entity and the resources available to each one, rooting out ransomware ultimately will come down to…

4 Future Integrated Circuit Threats to Watch

This article has been indexed from Dark Reading: Threats to the supply chains for ICs and other computer components are poised to wreak even more havoc on organizations. Read the original article: 4 Future Integrated Circuit Threats to Watch

Attackers Exploited 4 Zero-Day Flaws in Chrome, Safari & IE

This article has been indexed from Dark Reading: At least two government-backed actors — including one Russian group — used the now-patched flaws in separate campaigns, Google says. Read the original article: Attackers Exploited 4 Zero-Day Flaws in Chrome, Safari…

CISA Launches New Website to Aid Ransomware Defenders

This article has been indexed from Dark Reading: StopRansomware.gov provides information to help organizations protect against, and respond to, ransomware attacks. Read the original article: CISA Launches New Website to Aid Ransomware Defenders

How to Bridge On-Premises and Cloud Identity

This article has been indexed from Dark Reading: Identity fabric, a cloud-native framework, removes the need for multiple, siloed, proprietary identity systems. Read the original article: How to Bridge On-Premises and Cloud Identity

What to Look for in an Effective Threat Hunter

This article has been indexed from Dark Reading: The most important personality traits, skills, and certifications to look for when hiring a threat hunting team. Read the original article: What to Look for in an Effective Threat Hunter

Google to Bring HTTPS-First Mode to Chrome Browser

This article has been indexed from Dark Reading: Beginning in M94, Chrome will offer HTTPS-First Mode, which will attempt to upgrade all page loads to HTTPS. Read the original article: Google to Bring HTTPS-First Mode to Chrome Browser

Microsoft Patches 3 Windows Zero-Days Amid 117 CVEs

This article has been indexed from Dark Reading: The July Patch Tuesday release also includes the out-of-band fix for the Windows Print Spooler remote code execution flaw under attack. Read the original article: Microsoft Patches 3 Windows Zero-Days Amid 117…

Why We Need to Raise the Red Flag Against FragAttacks

This article has been indexed from Dark Reading: Proliferation of wireless devices increases the risk that corporate networks will be attacked with this newly discovered breed of Wi-Fi-based cyber assault. Read the original article: Why We Need to Raise the…

This article has been indexed from Dark Reading: This post doesn’t have text content, please click on the link below to view the original article. Read the original article:

The Trouble With Automated Cybersecurity Defenses

This article has been indexed from Dark Reading: While there’s enormous promise in AI-powered tools and machine learning, they are very much a double-edged sword. Read the original article: The Trouble With Automated Cybersecurity Defenses

Tool Sprawl & False Positives Hold Security Teams Back

This article has been indexed from Dark Reading: Security teams spend as much time addressing false positive alerts as they do addressing actual cyberattacks, survey data shows. Read the original article: Tool Sprawl & False Positives Hold Security Teams Back

SolarWinds Discloses Zero-Day Under Active Attack

This article has been indexed from Dark Reading: The company confirms this is a new vulnerability that is not related to the supply chain attack discovered in December 2020. Read the original article: SolarWinds Discloses Zero-Day Under Active Attack

Microsoft Confirms Acquisition of RiskIQ

This article has been indexed from Dark Reading: RiskIQ’s technology helps businesses assess their security across the Microsoft cloud, Amazon Web Services, other clouds, and on-premises. Read the original article: Microsoft Confirms Acquisition of RiskIQ

AI and Cybersecurity: Making Sense of the Confusion

This article has been indexed from Dark Reading: Artificial intelligence is a maturing area in cybersecurity, but there are different concerns depending on whether you’re a defender or an attacker. Read the original article: AI and Cybersecurity: Making Sense of…

Navigating Active Directory Security: Dangers and Defenses

This article has been indexed from Dark Reading: Microsoft Active Directory, ubiquitous across enterprises, has long been a primary target for attackers seeking network access and sensitive data. Read the original article: Navigating Active Directory Security: Dangers and Defenses

CISA Analysis Reveals Successful Attack Techniques of FY 2020

This article has been indexed from Dark Reading: The analysis shows potential attack paths and the most effective techniques for each tactic documented in CISA’s Risk and Vulnerability Assessments. Read the original article: CISA Analysis Reveals Successful Attack Techniques of…

It’s in the Game (but It Shouldn’t Be)

This article has been indexed from Dark Reading: Five ways that game developers (and others) can avoid falling victim to an attack like the one that hit EA. Read the original article: It’s in the Game (but It Shouldn’t Be)

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry

This article has been indexed from Dark Reading: The ElectroRAT Trojan attacker’s success highlights the increasingly sophisticated nature of threats to cryptocurrency exchanges, wallets, brokerages, investing, and other services. Read the original article: I Smell a RAT! New Cybersecurity Threats…

Morgan Stanley Discloses Data Breach

This article has been indexed from Dark Reading: Attackers were able to compromise customers’ personal data by targeting the Accellion FTA server of a third-party vendor. Read the original article: Morgan Stanley Discloses Data Breach

Kaseya Hacked via Authentication Bypass

This article has been indexed from Dark Reading: The Kaseya ransomware attack is believed to have been down to an authentication bypass. Yes, ransomware needs to be on your radar — but good authentication practices are also imperative. Read the…

Are Security Attestations a Necessity for SaaS Businesses?

This article has been indexed from Dark Reading: Are security attestations becoming business imperatives, or are they merely token additions on the list of regulatory requirements? Read the original article: Are Security Attestations a Necessity for SaaS Businesses?

Security 101: The ‘PrintNightmare’ Flaw

This article has been indexed from Dark Reading: A closer look at the printer software vulnerability – and what you can do about it. Read the original article: Security 101: The ‘PrintNightmare’ Flaw

Watch for Cybersecurity Games at the Tokyo Olympics

This article has been indexed from Dark Reading: The cybersecurity professionals guarding the Summer Olympics are facing at least as much competition as the athletes, and their failure could have steeper ramifications. Read the original article: Watch for Cybersecurity Games…

Barracuda Agrees to Acquire Skout Cybersecurity

This article has been indexed from Dark Reading: The acquisition will bring Barracuda into the extended detection and response (XDR) market with a tool for managed service providers. Read the original article: Barracuda Agrees to Acquire Skout Cybersecurity

Microsoft Issues New CVE for ‘PrintNightmare’ Flaw

This article has been indexed from Dark Reading: Company says remote code execution issue in all Windows versions is different from one in Windows Print Spooler that it had patched last month, though both affect same function. Read the original…

Name That Edge Toon: Security Grill

This article has been indexed from Dark Reading: Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card. Read the original article: Name That Edge Toon: Security…

CISA Updates CSET Tool for Ransomware Defense

This article has been indexed from Dark Reading: A new module provides a set of practices to help organizations assess how well-equipped they are to defend and recover from ransomware. Read the original article: CISA Updates CSET Tool for Ransomware…

SMB Worm Targeting EternalBlue Vuln Spreads to US

This article has been indexed from Dark Reading: “Indexsinas” is the latest threat designed to exploit Windows servers that remain vulnerable to an NSA-developed exploit Microsoft patched more than four years ago. Read the original article: SMB Worm Targeting EternalBlue…

Impersonation Becomes Top Phishing Technique

This article has been indexed from Dark Reading: A new report finds IT, healthcare, and manufacturing are the industries most targeted by phishing emails. Read the original article: Impersonation Becomes Top Phishing Technique

Intl. Law Enforcement Operation Takes Down DoubleVPN

This article has been indexed from Dark Reading: The VPN service allegedly provided a means for cybercriminals to target their victims, Europol officials report. Read the original article: Intl. Law Enforcement Operation Takes Down DoubleVPN

3 Things Every CISO Wishes You Understood

This article has been indexed from Dark Reading: Ensuring the CISO’s voice is heard by the board will make security top of mind for the business, its employees, and their customers. Read the original article: 3 Things Every CISO Wishes…