Tag: Dark Reading:

Researchers detail the process of finding two flaws in the Azure Stack architecture and Azure App Service, both of which have been patched.   Advertise on IT Security News. Read the complete article: Two Vulnerabilities Found in Microsoft Azure Infrastructure

Read more →

Some 93% of all mobile transactions across 20 countries were blocked as fraudulent, Upstream says.   Advertise on IT Security News. Read the complete article: Android Malware for Mobile Ad Fraud Spiked Sharply in 2019

Read more →

Competitions for users are a long-time tradition on underground cybercrime forums for members looking for money – and cred with major criminal syndicates.   Advertise on IT Security News. Read the complete article: Russian Cybercrime Forum Contests Bring Cash, Visibility…

Read more →

SMBs need action, not just insight.   Advertise on IT Security News. Read the complete article: I’m an SMB. What Should I Watch for When Choosing Security Vendors?

Read more →

SMBs need action, not just insight.   Advertise on IT Security News. Read the complete article: I’m an SMB. What Should I Watch for When Choosing Security Vendors and Their Products?

Read more →

For businesses planning to adopt 5G, the sheer number of IoT devices creates a much larger attack surface.   Advertise on IT Security News. Read the complete article: How to Secure Your IoT Ecosystem in the Age of 5G

Read more →

A remote code execution flaw enabled a breach of UN offices in Geneva and Vienna, as well as the Office of the High Commissioner for Human Rights.   Advertise on IT Security News. Read the complete article: United Nations Data…

Read more →

Most laptops, workstations, and servers are still vulnerable to physical attacks via direct memory access, despite mitigations often being available, report says.   Advertise on IT Security News. Read the complete article: Enterprise Hardware Still Vulnerable to Memory Lane Attacks

Read more →

Too many states and municipalities still rely on aging systems; it’s time they upped their game and treated election technology like they would any other security project.   Advertise on IT Security News. Read the complete article: Election Security 2020:…

Read more →

Pwn2Own Miami could help spur more research on and attention to the security of industrial control system products, experts say.   Advertise on IT Security News. Read the complete article: Aftermath of a Major ICS Hacking Contest

Read more →

Servers worldwide that were used to control malware-infected systems jumped more than 71% compared to 2018, Spamhaus says.   Advertise on IT Security News. Read the complete article: Number of Botnet Command & Control Servers Soared in 2019

Read more →

The team sheds light on how their organization works and what they’re watching in the threat landscape.   Advertise on IT Security News. Read the complete article: Inside the Check Point Research Team’s Investigation Process

Read more →

Songs by Ariana Grande, Taylor Swift, and Post Malone are the most popular places.   Advertise on IT Security News. Read the complete article: Criminals Hide Malware Behind Grammy-Winning Cover

Read more →

Common elements to highly effective security champion programs that take DevSecOps to the next level   Advertise on IT Security News. Read the complete article: 9 Things Application Security Champions Need to Succeed

Read more →

The Joker’s Stash underground marketplace is offering stolen payment card data from Wawa’s recently disclosed data breach.   Advertise on IT Security News. Read the complete article: Pilfered Wawa Payment Card Data Now for Sale on Dark Web

Read more →

While the California Consumer Privacy Act will force companies to provide a modicum of meaningful privacy, World Privacy Day still mainly celebrates data security.   Advertise on IT Security News. Read the complete article: Businesses Improve Their Data Security, But…

Read more →

A software identity-based approach should become a standard security measure for protecting workloads in all enterprise networks.   Advertise on IT Security News. Read the complete article: Securing Containers with Zero Trust

Read more →

Threat hunting is a sophisticated, advanced technique that should be reserved for specific instances and be conducted only by trained professionals.   Advertise on IT Security News. Read the complete article: Threat Hunting Is Not for Everyone

Read more →

Threat hunting is a sophisticated, advanced technique that should be reserved for specific instances and be conducted only by trained professionals.   Advertise on IT Security News. Read the complete article: Why Threat Hunting Is Not for Everyone

Read more →

Marking yesterday’s 14th anniversary of Europe’s first data protection day reminds us how far we still have to go.   Advertise on IT Security News. Read the complete article: Why Companies Should Care about Data Privacy Day

Read more →

Hackers claiming to be from the hacktivist group OurMine temporarily took over Twitter accounts of the NFL and several teams in the league.   Advertise on IT Security News. Read the complete article: NFL, Multiple NFL Teams’ Twitter Accounts Hacked…

Read more →

The root keys used to protect communication on LoRaWAN infrastructure can be easily obtained, IOActive says.   Advertise on IT Security News. Read the complete article: Emerging Long-Range WAN Networks Vulnerable to Hacking, Compromise

Read more →

In the past few years, social media has transformed from a communications gold mine to a minefield of disinformation campaigns.   Advertise on IT Security News. Read the complete article: ‘Understand What You Believe’: Fmr. FBI Agent Unpacks Information Threats

Read more →

Begin with one application, then give your tech team some time to learn.   Advertise on IT Security News. Read the complete article: How Do I Get My Team Started with Container Security and Kubernetes?

Read more →

Intel has promised a third patch to remediate the Zombieload speculative execution vulnerability.   Advertise on IT Security News. Read the complete article: Intel Previews Newest ‘Zombieload’ Patch

Read more →

Finally, some good news about CCPA: If you’ve built your security infrastructure to PCI DSS standards, you may be already covered by California’s new data protection rules   Advertise on IT Security News. Read the complete article: CCPA: Cut From…

Read more →

A newly discovered Zoom vulnerability would have enabled an attacker to join active meetings and access audio, video, and documents shared.   Advertise on IT Security News. Read the complete article: New Zoom Bug Prompts Security Fix, Platform Changes

Read more →

Average Ransomware Payments More Than Doubled in Q4 2019   Advertise on IT Security News. Read the complete article: Average Ransomware Payments More Than Doubled in Q4 2019

Read more →

Privacy-mature companies complete sales more quickly, have fewer and less serious breaches, and recover from incidents faster, according to Cisco’s annual survey.   Advertise on IT Security News. Read the complete article: Greater Focus on Privacy Pays Off for Firms

Read more →

There’s an art to reporting security metrics so that they speak the language of leadership and connect the data from tools to business objectives.   Advertise on IT Security News. Read the complete article: How to Get the Most Out…

Read more →

Russian national faced multiple charges in connection with operating the marketplace for stolen credit-card credentials, and a forum for VIP criminals to offer their services.   Advertise on IT Security News. Read the complete article: ‘CardPlanet’ Operator Pleads Guilty in…

Read more →

There are important steps security teams should take to be ready for the evolving security threats to the IoT in 2020.   Advertise on IT Security News. Read the complete article: 7 Steps to IoT Security in 2020

Read more →

The DEF CON Social Engineering Capture the Flag contest inspired a new event aimed at teaching both security and non-security professionals on the fine art of hacking human behavior.   Advertise on IT Security News. Read the complete article: New…

Read more →

You’ll need to add resume tactician to your skill set in order to climb up the next rung on the security job ladder. Here’s how.   Advertise on IT Security News. Read the complete article: 5 Resume Basics for a…

Read more →

Looking to change jobs? Watch out for fraudsters who use legitimate job services, slick websites, and an interview process to convince applicants to part with sensitive personal details.   Advertise on IT Security News. Read the complete article: Online Employment…

Read more →

In two years, the adware-dropping Shlayer Trojan has spread to infect one in 10 MacOS systems, Kaspersky says.   Advertise on IT Security News. Read the complete article: The Annoying MacOS Threat That Won’t Go Away

Read more →

Emotet is considered one of the most damaging banking Trojans, primarily through its ability to carry other malware into an organization.   Advertise on IT Security News. Read the complete article: DHS Warns of Increasing Emotet Risk

Read more →

A new document separates cloud vulnerabilities into four classes and offers mitigations to help businesses protect cloud resources.   Advertise on IT Security News. Read the complete article: NSA Offers Guidance on Mitigating Cloud Flaws

Read more →

Expect cache attacks to get worse before they get better. The problem is that we don’t yet have a good solution.   Advertise on IT Security News. Read the complete article: Deconstructing Web Cache Deception Attacks: They’re Bad; Now What?

Read more →

CISA has released an advisory for six high-severity CVEs for GE Carescape patient monitors, Apex Pro, and Clinical Information Center systems.   Advertise on IT Security News. Read the complete article: Severe Vulnerabilities Discovered in GE Medical Devices

Read more →

Attackers ‘weaponized’ Active Directory to spread the ransomware.   Advertise on IT Security News. Read the complete article: Ryuk Ransomware Hit Multiple Oil & Gas Facilities, ICS Security Expert Says

Read more →

A general approach to privacy, no matter the regulation, is the only way companies can avoid a data protection disaster in 2020 and beyond.   Advertise on IT Security News. Read the complete article: Weathering the Privacy Storm from GDPR…

Read more →

For all the cautions against doing so, one-third of organizations in a Proofpoint survey said they paid their attackers after getting infected with ransomware.   Advertise on IT Security News. Read the complete article: To Avoid Disruption, Ransomware Victims Continue…

Read more →

New research finds security operations centers suffer high turnover and yield mediocre results for the investment they require.   Advertise on IT Security News. Read the complete article: For Mismanaged SOCs, The Price Is Not Right

Read more →

An attack chain of vulnerabilities in ConnectWise’s software for MSPs has similarities to some of the details of the August attack on Texas local and state agencies.   Advertise on IT Security News. Read the complete article: Eight Flaws in…

Read more →

Recent data protection laws mean that the data protection officer and CISO must work in tandem to make sure users’ data is protected.   Advertise on IT Security News. Read the complete article: Why DPOs and CISOs Must Work Closely…

Read more →

Some the records, found on five identically configured servers, might have contained data in clear text.   Advertise on IT Security News. Read the complete article: Configuration Error Reveals 250 Million Microsoft Support Records

Read more →

Exactly who is king of the castle here?   Advertise on IT Security News. Read the complete article: ‘We Only Have Two of the Blinky Boxes Left to Go’

Read more →

The company today disclosed an approach to data security designed to protect against modern threats at a lower cost than complex network tools.   Advertise on IT Security News. Read the complete article: Startup Privafy Raises $22M with New Approach…

Read more →

They’re especially relevant regarding several issues we face now, including biometrics, secure data management, and human error with passwords.   Advertise on IT Security News. Read the complete article: Cybersecurity Lessons Learned from ‘The Rise of Skywalker’

Read more →

Software firm is “aware of limited targeted attacks” exploiting a scripting issue vulnerability in Internet Explorer 9, 10, and 11 that previously has not been disclosed.   Advertise on IT Security News. Read the complete article: Microsoft, DHS Warn of…

Read more →

Researchers have discovered how ransomware can take advantage of the Windows Encrypting File System, prompting security vendors to release patches.   Advertise on IT Security News. Read the complete article: New Ransomware Tactic Shows How Windows EFS Can Aid Attackers

Read more →

The purchase is intended to bring new cloud capabilities to the FireEye Helix security platform.   Advertise on IT Security News. Read the complete article: FireEye Buys Cloudvisory

Read more →

While doing good for the user is the theoretical ideal, the threat of fiscal repercussions should drive organizations to take privacy seriously. That means security and data privacy teams must work more closely.   Advertise on IT Security News. Read…

Read more →

More businesses think SD-WAN will reduce WAN costs, but only 37% think SD-WANs will help defend against malware and other threats.   Advertise on IT Security News. Read the complete article: Nearly 75% of SD-WAN Owners Lack Confidence Post-Digital Transformation

Read more →

The latest version of the FTCode ransomware can steal credentials from five popular browsers and email clients.   Advertise on IT Security News. Read the complete article: Ransomware Upgrades with Credential-Stealing Tricks

Read more →

Traditional data-leak prevention is not enough for businesses facing today’s dynamic threat landscape.   Advertise on IT Security News. Read the complete article: Data Awareness Is Key to Data Security

Read more →

A fictitious industrial company with phony employees personas, website, and PLCs sitting on a simulated factory network fooled malicious hackers – and raised alarms for at least one white-hat researcher who stumbled upon it.   Advertise on IT Security News.…

Read more →

Looking to switch things up but not sure how to do it? Security experts share their advice for switching career paths in the industry.   Advertise on IT Security News. Read the complete article: 7 Tips for Infosec Pros Considering…

Read more →

There are many ways to improve your organization’s cybersecurity practices, but the most important principle is to start from the top.   Advertise on IT Security News. Read the complete article: Are We Secure Yet? How to Build a ‘Post-Breach’…

Read more →

There are many ways to improve your organization’s cybersecurity practices, but the most important principle is to start from the top.   Advertise on IT Security News. Read the complete article: Are We Secure Yet? How to Build a “Post-Breach”…

Read more →

A new report from Check Point recaps the cybercrime trends, statistics, and vulnerabilities that defined the security landscape in 2019.   Advertise on IT Security News. Read the complete article: Mobile Banking Malware Up 50% in First Half of 2019

Read more →

The website, WeLeakData.com, claimed to have more than 12 billion records gathered from over 10,000 breaches.   Advertise on IT Security News. Read the complete article: FBI Seizes Domain That Sold Info Stolen in Data Breaches

Read more →

You’ll get the best results when you’re clear on what you want to accomplish from a pen test.   Advertise on IT Security News. Read the complete article: 7 Ways to Get the Most Out of a Penetration Test

Read more →

Fraudulent emails tell recipients their W-2 forms are ready and prompt them to click malicious links.   Advertise on IT Security News. Read the complete article: ADP Users Hit with Phishing Scam Ahead of Tax Season

Read more →

Risks of nation-state attacks go beyond Iran, and the need for awareness and security don’t stop at any national border.   Advertise on IT Security News. Read the complete article: With International Tensions Flaring, Cyber-Risk Is Heating Up for All…

Read more →

Risks of nation-state attacks go beyond Iran, and the need for awareness and security don’t stop at any national border.   Advertise on IT Security News. Read the complete article: With International Tensions Flaring, Cyber Risk is Heating Up for…

Read more →

Malware described by the DHS as among the worst ever continues to evolve and grow, researchers from Cisco Talos, Cofense, and Check Point Software say.   Advertise on IT Security News. Read the complete article: New Attack Campaigns Suggest Emotet…

Read more →

Cybercriminals are evolving their tactics, and the security community anticipates voice and video fraud to play a role in one of the next big data breaches — so start protecting your business now.   Advertise on IT Security News. Read…

Read more →

The only Democratic campaign known to have a CISO loses Mick Baccio due to a “fundamental philosophical difference with campaign management.”   Advertise on IT Security News. Read the complete article: CISO Resigns From Pete Buttigieg Presidential Campaign

Read more →

A “pre-mortem analysis” sheds light on the potential destruction of a cyberattack against major US banks.   Advertise on IT Security News. Read the complete article: NY Fed Reveals Implications of Cyberattack on US Financial System

Read more →

AD is still the single point of authentication for most companies that use Windows. But it has some shortcomings that should be addressed.   Advertise on IT Security News. Read the complete article: Active Directory Needs an Update: Here’s Why

Read more →

Company agrees to set aside a minimum of $380.5 million as breach compensation and spend another $1 billion on transforming its information security over the next five years. The 147 million US consumers affected by the breach have one week…

Read more →

The iPhone can now be used in lieu of a physical security key as a means of protecting Google accounts.   Advertise on IT Security News. Read the complete article: Google Lets iPhone Users Turn Device into Security Key

Read more →

Written off multiple times as obsolete, firewalls continue to elude demise by adding features and ensuring that VPNs keep humming.   Advertise on IT Security News. Read the complete article: Why Firewalls Aren’t Going Anywhere

Read more →

Honeypots are crucial tools for security researchers and security teams. Understanding what they are and what they can do can be critical for making them safe and useful for your organization.   Advertise on IT Security News. Read the complete…

Read more →

Common and evolving strategies include the use of zero-font attacks, homograph attacks, and new tactics for fake attachments.   Advertise on IT Security News. Read the complete article: New Report Spotlights Changes in Phishing Techniques

Read more →

Together, the Travel & Hospitality ISAC and the Retail & Hospitality ISAC intend to improve communications and collaboration about the evolving threat landscape.   Advertise on IT Security News. Read the complete article: ISACs Join Forces to Secure the Travel…

Read more →

Enterprises currently consider the technology a best practice because of its flexibility, scalability, performance, and agility.   Advertise on IT Security News. Read the complete article: How SD-WAN Helps Achieve Data Security and Threat Protection

Read more →

The National Security Agency is publicly acknowledged for its finding and reporting of CVE-2020-0601, marking the start of what it says is a new approach to security.   Advertise on IT Security News. Read the complete article: Microsoft Patches Windows…

Read more →

Many companies are struggling to get a handle on risk exposure because of visibility issues, Radware survey shows.   Advertise on IT Security News. Read the complete article: Cloud Adoption & Technology Change Create Gaps in Enterprise Security

Read more →

The oil & gas company is at the heart of the ongoing US presidential impeachment case.   Advertise on IT Security News. Read the complete article: ‘Fancy Bear’ Targets Ukrainian Oil Firm Burisma in Phishing Attack

Read more →

It’s “not about blocking” but removing them altogether, the company said.   Advertise on IT Security News. Read the complete article: Google: Chrome Will Remove Third-Party Cookies and Tracking

Read more →

Network intruders are staying undetected for an average of 95 days, enabling them to target critical systems and more completely disrupt business.   Advertise on IT Security News. Read the complete article: Attackers Increasingly Focus on Business Disruption

Read more →

How prepared is the energy sector for an escalating attack surface in the operating technology environment? Here are five trends to watch.   Advertise on IT Security News. Read the complete article: Global Predictions for Energy Cyber Resilience in 2020

Read more →

A letter to 25 companies says Consumer Reports will change ratings to reflect stronger security and privacy standards.   Advertise on IT Security News. Read the complete article: Consumer Reports Calls for IoT Manufacturers to Raise Security Standards

Read more →

For nearly six months, an attack group linked to Iran reportedly had access to the network of Bahrain’s national oil company, Bapco, before it executed a destructive payload.   Advertise on IT Security News. Read the complete article: Dustman Attack…

Read more →

Meltdown, Spectre exploits will likely lead to customers making tradeoffs between performance and security of applications, especially virtual and cloud-based apps   Advertise on IT Security News. Read the complete article: Processor Vulnerabilites Put Virtual Workloads at Risk

Read more →

It’s the end of support this week for Windows 7 and Server 2008. But what if you truly can’t migrate off software, even after security updates stop coming?   Advertise on IT Security News. Read the complete article: How to…

Read more →

How some ICS product functions can be weaponized by altering their configurations.   Advertise on IT Security News. Read the complete article: Industrial Control System Features at Risk

Read more →

Windows 7 and Server 2008 will continue to work after Jan. 14, 2020, but will no longer receive security updates.   Advertise on IT Security News. Read the complete article: Microsoft to Officially End Support for Windows 7, Server 2008

Read more →

If you can answer these six questions, you’ll be off to a great start.   Advertise on IT Security News. Read the complete article: What Questions Should I Keep in Mind to Improve My Security Metrics?

Read more →

The attack may have compromised donors’ payment information.   Advertise on IT Security News. Read the complete article: Website Collecting Australian Fire Donations Hit by Magecart

Read more →

Organizations need to apply mitigations for vulnerability in Citrix Application Delivery Controller and Citrix Gateway ASAP, security researchers say.   Advertise on IT Security News. Read the complete article: Exploits Released for As-Yet Unpatched Critical Citrix Flaw

Read more →

Wondering how this guy could be so clumsy? So is he.   Advertise on IT Security News. Read the complete article: An Identity Management Spin on Shaggy’s Hit Song

Read more →

Threat actors will continue to grow enterprise-style businesses that evolve just like their legitimate counterparts.   Advertise on IT Security News. Read the complete article: Will This Be the Year of the Branded Cybercriminal?

Read more →

The Manor Independent School District is investigating a phishing email scam that led to three separate fraudulent transactions.   Advertise on IT Security News. Read the complete article: Texas School District Loses $2.3M to Phishing Attack

Read more →

Tinfoil Security’s dynamic application and API security testing capabilities will be added to Synopsys Software Integrity Group.   Advertise on IT Security News. Read the complete article: Synopsys Buys Tinfoil

Read more →

The approach allowed researchers to use machine learning on encrypted data without first decrypting it.   Advertise on IT Security News. Read the complete article: Major Brazilian Bank Tests Homomorphic Encryption on Financial Data

Read more →

You might not find these measurements on a standard cybersecurity department checklist. But they can help evaluate risks you haven’t even considered yet.   Advertise on IT Security News. Read the complete article: 6 Unique InfoSec Metrics CISOs Should Track…

Read more →