Tag: Dark Reading:

Researchers spot gaps in users’ and IT practitioners’ security habits, and between security tools and user preferences.   Advertise on IT Security News. Read the complete article: User Have Risky Security Habits, but Security Pros Aren’t Much Better

Read more →

Are you asking the right questions to determine how well your vendors will protect your data? Probably not.   Advertise on IT Security News. Read the complete article: Zero-Factor Authentication: Owning Our Data

Read more →

Amazon Web Services is a top source of cyberattacks, responsible for 94% of all Web attacks originating in the public cloud.   Advertise on IT Security News. Read the complete article: 44% of Security Threats Start in the Cloud

Read more →

An attack on a natural gas compression facility sent the operations offline for two days.   Advertise on IT Security News. Read the complete article: DHS’s CISA Warns of New Critical Infrastructure Ransomware Attack

Read more →

The voting experience should be the same whether the vote is in person, by mail, or over the Internet. Let’s not allow one bad incident stop us from finding new ways to achieve this.   Advertise on IT Security News.…

Read more →

Insecure developer accounts, legacy software, and nonstandard naming schemes are major problems, Linux Foundation and Harvard study concludes.   Advertise on IT Security News. Read the complete article: The Trouble with Free and Open Source Software

Read more →

Deal with private equity entity Symphony Technology Group revealed one week before the security industry’s RSA Conference in San Francisco.   Advertise on IT Security News. Read the complete article: Dell Sells RSA to Private Equity Firm for $2.1B

Read more →

The new company will focus on giving customers earlier indications of network and server compromise.   Advertise on IT Security News. Read the complete article: Lumu to Emerge from Stealth at RSAC

Read more →

Make cybersecurity your top priority, moving away from addressing individual problems with Band-Aids and toward attaining a long-term cyber-fitness plan.   Advertise on IT Security News. Read the complete article: Cyber Fitness Takes More Than a Gym Membership & a…

Read more →

A vulnerability in the network of marketing contractor Computer Facilities led to a breach at the South African bank.   Advertise on IT Security News. Read the complete article: 1.7M Nedbank Customers Affected via Third-Party Breach

Read more →

Network cards, video cameras, and graphics adapters are a few of the subsystems whose lack of security could allow attackers to turn them into spy implants.   Advertise on IT Security News. Read the complete article: Firmware Weaknesses Can Turn…

Read more →

A humorous nod to the lack of gender equity in cybersecurity hiring was our judges’ unanimous choice. And the winners are …   Advertise on IT Security News. Read the complete article: Staircase to the Cloud: Dark Reading Caption Contest…

Read more →

You could be making millions in just two years!   Advertise on IT Security News. Read the complete article: The Road(s) to Riches

Read more →

When a user interacts with an enterprise system the result can be productivity or disaster. Here are 8 opportunities for the disaster side to win out over the productive.   Advertise on IT Security News. Read the complete article: 8…

Read more →

Martin Hellman, co-creator of the Diffie-Hellman key exchange, and his wife of 53 years, Dorothie, talk about the current state of cryptography and what making peace at home taught them about making peace on Earth.   Advertise on IT Security…

Read more →

Consumers in dozens of countries were targeted, Lookout says.   Advertise on IT Security News. Read the complete article: Phishing Campaign Targets Mobile Banking Users

Read more →

Palm Beach County’s elections supervisor does not believe the attack is linked to Russian hacking attempts targeting Florida.   Advertise on IT Security News. Read the complete article: Palm Beach Elections Office Hit with Ransomware Pre-2016 Election

Read more →

Informa Tech combines Ovum, Heavy Reading, Tractica, and IHS Markit research.   Advertise on IT Security News. Read the complete article: Ovum to Expand Cybersecurity Research Under New Omdia Group

Read more →

Fraudulent dating and relationship apps and websites raise the risks for those seeking online romance on Valentine’s Day.   Advertise on IT Security News. Read the complete article: DHS Warns of Cyber Heartbreak

Read more →

When it comes to building buy-in from the business, all cybersecurity needs is love — especially when it comes to communication.   Advertise on IT Security News. Read the complete article: The 5 Love Languages of Cybersecurity

Read more →

What happens when understaffed security teams at home and abroad are sequestered in physical quarantine zones?   Advertise on IT Security News. Read the complete article: Coronavirus Raises New Business Continuity, Phishing Challenges for InfoSec

Read more →

The new threat model hones in on ML security at the design state.   Advertise on IT Security News. Read the complete article: Architectural Analysis IDs 78 Specific Risks in Machine-Learning Systems

Read more →

Peer-to-peer botnets, TCP reflection attacks, and increased activity on Sundays are three DDoS attack trends from last quarter.   Advertise on IT Security News. Read the complete article: DDoS Attacks Nearly Double Between Q4 2018 and Q4 2019

Read more →

With more than 80 different schemes for authenticating devices either proposed or implemented, best practices and reference architectures are sorely needed, experts say.   Advertise on IT Security News. Read the complete article: Babel of IoT Authentication Poses Security Challenges

Read more →

A new set of indictments adds conspiracy to violate RICO statutes to a list of existing charges against the Chinese telecommunications giant.   Advertise on IT Security News. Read the complete article: Huawei Charged with RICO Violations in Federal Court

Read more →

There is no one-size-fits-all strategy for security, but a robust plan and the implementation of new technologies will help you and your IT team sleep better.   Advertise on IT Security News. Read the complete article: Small Business Security: 5…

Read more →

Security pros need be on high alert from now until Tax Day on April 15. Here are seven ways to help keep your company safe.   Advertise on IT Security News. Read the complete article: 7 Tax Season Security Tips

Read more →

Mobile apps are used in nearly 80% of attacks targeting mobile devices, followed by network and operating system attacks.   Advertise on IT Security News. Read the complete article: Apps Remain Favorite Mobile Attack Vector

Read more →

As we gear up for the voting season, let’s put aside any links between foreign interference and voting machine security and focus on the actual risks threatening election security.   Advertise on IT Security News. Read the complete article: Forget…

Read more →

Each breach exposed an average of 13 million records, Risk Based Security found.   Advertise on IT Security News. Read the complete article: Third-Party Breaches – and the Number of Records Exposed – Increased Sharply in 2019

Read more →

The software security maker is suspected of selling data about more than 100 million users to companies including Google, Microsoft, and Home Depot.   Advertise on IT Security News. Read the complete article: Avast Under Investigation by Czech Privacy Agency

Read more →

BEC attacks comprised nearly half of cybercrime losses last year, which totaled $3.5 billion overall as Internet-enabled crimes ramped up.   Advertise on IT Security News. Read the complete article: FBI: Business Email Compromise Cost Businesses $1.7B in 2019

Read more →

Instead, try prioritizing with the aid of a thorough asset inventory.   Advertise on IT Security News. Read the complete article: Stop Defending Everything

Read more →

The implications of chaos form the basis of a new approach to encryption that promises quantum-proof perfect secrecy. But first, your current crypto needs some tidying up.   Advertise on IT Security News. Read the complete article: Chaos & Order:…

Read more →

With 5G adoption, businesses will be able to power more IoT devices and perform tasks more quickly, but there will be security ramifications.   Advertise on IT Security News. Read the complete article: 5G Adoption Should Change How Organizations Approach…

Read more →

The implications of chaos form the basis of a new approach to encryption that promises quantum-proof perfect secrecy.   Advertise on IT Security News. Read the complete article: Chaos May Be the Key to Quantum-Proof Encryption

Read more →

Make these mistakes and invaders might linger in your systems for years.   Advertise on IT Security News. Read the complete article: 5 Common Errors That Allow Attackers to Go Undetected

Read more →

Researchers found the total cost far exceeded the amount of ransom paid to attackers.   Advertise on IT Security News. Read the complete article: Healthcare Ransomware Damage Passes $157M Since 2016

Read more →

This month’s Patch Tuesday brings fixes for 99 CVEs, including one IE flaw seen exploited in the wild.   Advertise on IT Security News. Read the complete article: Microsoft Patches Exploited Internet Explorer Flaw

Read more →

As businesses’ daily operations become more dependent on cloud services, ransomware authors will follow to maximize profits. The good news: Many of the best practices for physical servers also apply to the cloud.   Advertise on IT Security News. Read…

Read more →

Infection vectors were evenly divided among phishing, vulnerability exploitation, and unauthorized credential use in 2019.   Advertise on IT Security News. Read the complete article: Cybercriminals Swap Phishing for Credential Abuse, Vuln Exploits

Read more →

The latest data from Malwarebytes show the average Mac sees almost twice as many bad apps as Windows systems, but actual malware continues to be scarce.   Advertise on IT Security News. Read the complete article: Macs See More Adware,…

Read more →

Assessing supply chains is one of the more challenging third-party risk management endeavors organizations can take on.   Advertise on IT Security News. Read the complete article: What Are Some Foundational Ways to Protect My Global Supply Chain?

Read more →

Crypto AG made millions selling encryption devices to more than 120 countries, which unknowingly transmitted intel back to the CIA.   Advertise on IT Security News. Read the complete article: CIA’s Secret Ownership of Crypto AG Enabled Extensive Espionage

Read more →

Don’t just report metrics — analyze, understand, monitor, and adjust them. These 10 tips will show you how.   Advertise on IT Security News. Read the complete article: Keeping a Strong Security Metrics Framework Strong

Read more →

Researchers learn how North Korea is expanding its Internet use in order to generate revenue and bypass international sanctions.   Advertise on IT Security News. Read the complete article: How North Korea’s Senior Leaders Harness the Internet

Read more →

Sanders and Trump campaigns lack proper DMARC security enforcement, study finds.   Advertise on IT Security News. Read the complete article: Some Democrats Lead Trump in Campaign Domain-Security Efforts

Read more →

Personal details of nearly 6.5 million Israelis were out in the open after the entire registry was uploaded to an notably insecure app.   Advertise on IT Security News. Read the complete article: Israel’s Entire Voter Registry Exposed in Massive…

Read more →

Four members of China’s People Liberation Army hacked the information broker, leading to the theft of sensitive data on approximately 145 million citizens.   Advertise on IT Security News. Read the complete article: China’s Military Behind 2017 Equifax Breach: DoJ

Read more →

The leaky repository belongs to JailCore, a cloud management and compliance platform used in several states’ correctional facilities.   Advertise on IT Security News. Read the complete article: Unlocked S3 Bucket Lets 36,077 Jail Files Escape

Read more →

The leaky repository belongs to JailCore, a cloud management and compliance platform used in several states’ correctional facilities.   Advertise on IT Security News. Read the complete article: Unlocked S3 Bucket Lets 36,077 Prison Files Escape

Read more →

Developments that exacerbate the risk and complicate making Internet of Things devices more secure.   Advertise on IT Security News. Read the complete article: 6 Factors That Raise The Stakes For IoT Security

Read more →

A typical workday for a bot, from its own point of view.   Advertise on IT Security News. Read the complete article: Day in the Life of a Bot

Read more →

A limited number of user videos were shared with others in a five-day incident from November.   Advertise on IT Security News. Read the complete article: Google Takeout Serves Up Video Files to Strangers

Read more →

Compliance with the new privacy rules doesn’t always fall on data center managers, but when it does, it’s more difficult than it may sound.   Advertise on IT Security News. Read the complete article: CCPA and GDPR: The Data Center…

Read more →

Attackers deploy a legitimate, digitally signed hardware driver to delete security software from machines before encrypting files.   Advertise on IT Security News. Read the complete article: RobbinHood Kills Security Processes Before Dropping Ransomware

Read more →

Although radio frequency energy (RF) communications are increasingly essential to modern wireless networking and IoT, the security of RF is notoriously lax.   Advertise on IT Security News. Read the complete article: From 1s & 0s to Wobbly Lines: The…

Read more →

Although radio frequency energy (RF) communications are increasingly essential to modern wireless networking and IoT, the security of RF is notoriously lax.   Advertise on IT Security News. Read the complete article: From 1s & 0s to Wobbly Lines: The…

Read more →

Voting machinery needs hardware-level security. The stakes are the ultimate, and the attackers among the world’s most capable.   Advertise on IT Security News. Read the complete article: 5 Measures to Harden Election Technology

Read more →

New exploit builds on previous research involving Philips Hue Smart Bulbs.   Advertise on IT Security News. Read the complete article: Researchers Reveal How Smart Lightbulbs Can Be Hacked to Attack

Read more →

Businesses receive $30,000 of ‘free’ CISO time as security leaders report job-related stress taking a toll on their health and relationships.   Advertise on IT Security News. Read the complete article: 90% of CISOs Would Cut Pay for Better Work-Life…

Read more →

What makes these scams so completely obvious in the physical form?   Advertise on IT Security News. Read the complete article: Phishing Personified

Read more →

The deal, valued at $1.9 billion, is expected to close next quarter.   Advertise on IT Security News. Read the complete article: Forescout Acquired by Private Equity Team

Read more →

Two years ago, Symantec and McAfee were both primed for a comeback. Today, both face big questions about their future.   Advertise on IT Security News. Read the complete article: Cybersecurity Vendor Landscape Transforming as Symantec, McAfee Enter New Eras

Read more →

Brand impersonators favor Facebook, Yahoo, Network, and PayPal in phishing attempts to steal credentials from victims.   Advertise on IT Security News. Read the complete article: Facebook Tops Imitated Brands as Attackers Target Tech

Read more →

Has working in the cybersecurity industry affected your ability to trust? Take the poll now.   Advertise on IT Security News. Read the complete article: A Matter of Trust

Read more →

University researchers show that changing the brightness of monitor pixels can communicates data from air-gapped systems in a way not visible to human eyes.   Advertise on IT Security News. Read the complete article: Invisible Pixel Patterns Can Communicate Data…

Read more →

In Iowa this week, a smartphone app for reporting presidential caucus results debuted. It did not go well.   Advertise on IT Security News. Read the complete article: How Can We Make Election Technology Secure?

Read more →

The 10 finalists will each have three minutes to make their case for being the most innovative, promising young security company of the year.   Advertise on IT Security News. Read the complete article: RSAC Sets Finalists for Innovation Sandbox

Read more →

Paul Vixie says emerging encryption protocols for endpoints could ‘break’ security in enterprise – and even home – networks.   Advertise on IT Security News. Read the complete article: Vixie: The Unintended Consequences of Internet Privacy Efforts

Read more →

Attacks turned to cheaper, shorter attacks to try and disrupt targets, Imperva analysis shows.   Advertise on IT Security News. Read the complete article: Majority of Network, App-Layer DDoS Attacks in 2019 Were Small

Read more →

The decoys and lures will help redirect attacks away from devices that can’t be protected through traditional means.   Advertise on IT Security News. Read the complete article: Department of Energy Adds Attivo Decoys for Critical Infrastructure Security

Read more →

The infection uses Lemon_Duck PowerShell malware variant to exploit vulnerabilities in embedded devices at manufacturing sites.   Advertise on IT Security News. Read the complete article: IoT Malware Campaign Infects Global Manufacturing Sites

Read more →

Malicious emails in a new attack campaign contain links and attachments claiming to lead victims to W-9 forms.   Advertise on IT Security News. Read the complete article: Emotet Preps for Tax Season with New Phishing Campaign

Read more →

What is a Privileged Access Workstation (PAW)?   Advertise on IT Security News. Read the complete article: What is a Privileged Access Workstation (PAW)?

Read more →

As the regulatory landscape transforms, it’s still smart to stay strategically focused on protecting your data.   Advertise on IT Security News. Read the complete article: Keeping Compliance Data-Centric Amid Accelerating Regulation

Read more →

Cybersecurity needs unconventional hires to help lead the next phase of development and innovation, coupled with salaries that aren’t insulting   Advertise on IT Security News. Read the complete article: Hiring Untapped Security Talent Can Transform the Industry

Read more →

Almost three-quarters of enterprises plan to have a zero-trust access model by the end of the year, but nearly half of cybersecurity professionals lack the knowledge to implement the right technologies, experts say.   Advertise on IT Security News. Read…

Read more →

Six of them were the same as from the previous year, according to new Recorded Future analysis.   Advertise on IT Security News. Read the complete article: 8 of the 10 Most Exploited Bugs Last Year Involved Microsoft Products

Read more →

Thousands of servers could be exposed to SharePoint vulnerability CVE-2019-0604, recently used in cyberattacks against Middle East government targets.   Advertise on IT Security News. Read the complete article: SharePoint Bug Proves Popular Weapon for Nation-State Attacks

Read more →

Various APT groups are successfully using Web shell attacks on a more frequent basis.   Advertise on IT Security News. Read the complete article: Microsoft DART Finds Web Shell Threat on the Rise

Read more →

For cities, states and towns, paying up is short-sighted and only makes the problem worse.   Advertise on IT Security News. Read the complete article: Ransomware Attacks: Why It Should Be Illegal to Pay the Ransom

Read more →

Here’s what small and midsize businesses should consider when they decide it’s time to up their website security.   Advertise on IT Security News. Read the complete article: 7 Ways SMBs Can Secure Their Websites

Read more →

The company believes state-sponsored actors may also be involved.   Advertise on IT Security News. Read the complete article: Twitter Suspends Fake Accounts Abusing Feature that Matches Phone Numbers and Users

Read more →

A Shmoocon presentation points out several weaknesses built in to Kubernetes configurations and how a researcher can exploit them.   Advertise on IT Security News. Read the complete article: Kubernetes Shows Built-in Weakness

Read more →

Predictions are a dime a dozen. Here are six trends that you won’t be hearing about anytime soon.   Advertise on IT Security News. Read the complete article: What WON’T Happen in Cybersecurity in 2020

Read more →

Microsoft allowed a certificate to expire, knocking the Office 365 version of Teams offline for almost an entire day.   Advertise on IT Security News. Read the complete article: Bad Certificate Knocks Teams Offline

Read more →

Microsoft allowed a certificate to expire, knocking the Office 365 version of Teams offline for almost an entire day.   Advertise on IT Security News. Read the complete article: Bad Certificate Knocks Teams Off Line

Read more →

Although the ransomware is unsophisticated, the malware does show that some crypto-attackers are targeting certain industrial control products.   Advertise on IT Security News. Read the complete article: EKANS Ransomware Raises Industrial-Control Worries

Read more →

One CTO tells us about his belated pursuit of a foundational infosecurity certification — why he wanted it and what it took.   Advertise on IT Security News. Read the complete article: C-Level & Studying for the CISSP

Read more →

Shenzhen Hawk Internet Co. is identified as the parent company behind five app developers seeking excessive permissions in Android apps.   Advertise on IT Security News. Read the complete article: Researchers Find 24 ‘Dangerous’ Android Apps with 382M Installs

Read more →

There’s been a sharp increase in scans for vulnerable Nortek Linear Emerge E3 systems, SonicWall says.   Advertise on IT Security News. Read the complete article: Attackers Actively Targeting Flaw in Door-Access Controllers

Read more →

Cybercriminals capitalize on fears of a global health emergency with phishing emails claiming to offer advice for protecting against coronavirus.   Advertise on IT Security News. Read the complete article: Coronavirus Phishing Attack Infects US, UK Inboxes

Read more →

While device-aware two-factor authentication is no panacea, it is more secure than conventional SMS-based 2FA. Here’s why.   Advertise on IT Security News. Read the complete article: How Device-Aware 2FA Can Defeat Social Engineering Attacks

Read more →

A new study of stolen passwords reflects the consequences of password overload.   Advertise on IT Security News. Read the complete article: ‘George’ the Most Popular Password That’s a Name

Read more →

Jony Fischbein shares the concerns and practices that are top-of-mind in his daily work leading security at Check Point Software.   Advertise on IT Security News. Read the complete article: What It’s Like to Be a CISO: Check Point Security…

Read more →

The recent attack messages use new techniques to extort Bitcoin payments from Ashley Madison users hit in massive 2015 data breach.   Advertise on IT Security News. Read the complete article: Ashley Madison Breach Returns with Extortion Campaign

Read more →

Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.   Advertise on IT Security News. Read the complete article: Name That Toon: Private (Button) Eye

Read more →

According to new Dark Reading research, some respondents have even left behind commercial off-the-shelf software and migrated to open-source or in-house homegrown applications. Click image to read more.   Advertise on IT Security News. Read the complete article: AppSec Concerns…

Read more →

Embracing a Prevention Mindset to Protect Critical Infrastructure   Advertise on IT Security News. Read the complete article: Embracing a Prevention Mindset to Protect Critical Infrastructure

Read more →