Risk Management & Compliance News, Analysis, ...

Network Computing Darkreading

Advertise

About Us

Risk

News & Commentary

Microsoft Rolls Out AI-based Security Risk Detection Tool

Kelly Sheridan, Associate Editor, Dark Reading

News

Microsoft Security Risk Detection leverages artificial intelligence to root out bugs in software before it's released.

By Kelly Sheridan Associate Editor, Dark Reading, 7/21/2017

2 comments | Read | Post a Comment

Latest Comment: Joe Stanganelli, This may be the way to go, considering that testing often involves anticipating...

Dark Reading News Desk Live at Black Hat USA 2017

Commentary

Over 40 interviews streaming live right from Black Hat USA, July 26-27, from 2 p.m. - 7 p.m. Eastern Time (11 - 4 P.T.).

By Dark Reading Staff , 7/21/2017

2 comments | Read | Post a Comment

Healthcare Industry Lacks Awareness of IoT Threat, Survey Says

Dawn Kawamoto, Associate Editor, Dark Reading

News

Three-quarters of IT decision makers report they are "confident" or "very confident" that portable and connected medical devices are secure on their networks.

By Dawn Kawamoto Associate Editor, Dark Reading, 7/20/2017

0 comments | Read | Post a Comment

Major Online Criminal Marketplaces AlphaBay and Hansa Shut Down

News

International law enforcement operations result in AlphaBay, the largest online marketplace for selling illegal goods from malware to herion, and Hansa, going dark.

By Dawn Kawamoto Associate Editor, Dark Reading, 7/20/2017

0 comments | Read | Post a Comment

BEC Attacks Far More Lucrative than Ransomware over Past 3 Years

News

BEC fraud netted cyberthieves five times more profit than ransomware over a three-year period, according to Cisco's midyear report released today.

By Dawn Kawamoto Associate Editor, Dark Reading, 7/20/2017

0 comments | Read | Post a Comment

Online Courses Projected to Drive Credit Card Fraud to $24B by 2018

News

An underground ecosystem provides cybercriminals with online tutorials, tools, and credit card data they need to commit fraud.

By Kelly Sheridan Associate Editor, Dark Reading, 7/19/2017

0 comments | Read | Post a Comment

98% of Companies Favor Integrating Security with DevOps

News

A majority of companies are either planning or have launched an integrated DevOps and security team, a new report shows.

By Dawn Kawamoto Associate Editor, Dark Reading, 7/19/2017

0 comments | Read | Post a Comment

New Cyber Readiness Institute Aims to Improve Risk Management

Quick Hits

The nonprofit will bring together senior leaders of global companies to discuss best practices for managing security employees, processes, and tech.

By Dark Reading Staff , 7/19/2017

1 Comment | Read | Post a Comment

Latest Comment: RyanSepe, This sounds like a good idea but is CRI going to act as a regulatory entity...

Most Office 365 Admins Rely on Recycle Bin for Data Backup

News

Nearly 66% of Office 365 administrators use Recycle Bin to back up their data, a practice that could leave data lost and unrecoverable.

By Kelly Sheridan Associate Editor, Dark Reading, 7/19/2017

5 comments | Read | Post a Comment

Latest Comment: Shantaram, Useful and interesting article. Thanks. Just continue composing this kind of...

Catastrophic Cloud Attack Costs Would Rival that of Hurricane Damages

News

Lloyd's of London estimates multi-billion-dollar loss figures in worst-case scenarios of a major zero-day exploit or massive cloud outage.

By Dawn Kawamoto Associate Editor, Dark Reading, 7/19/2017

0 comments | Read | Post a Comment

Zero-Day Exploit Surfaces that May Affect Millions of IoT Users

Quick Hits

A zero-day vulnerability dubbed Devil's Ivy is discovered in a widely used third-party toolkit called gSOAP.

By Dark Reading Staff , 7/18/2017

0 comments | Read | Post a Comment

Apple iOS Malware Growth Outpaces that of Android

News

Number of iOS devices running malicious apps more than tripled in three consecutive quarters, while infected Android devices remained largely flat, report shows.

By Dawn Kawamoto Associate Editor, Dark Reading, 7/18/2017

0 comments | Read | Post a Comment

FBI Issues Warning on IoT Toy Security

Quick Hits

IoT toys are more than fun and games and can potentially lead to a violation of children's privacy and safety, the Federal Bureau of Investigation warned Monday.

By Dark Reading Staff , 7/17/2017

1 Comment | Read | Post a Comment

Latest Comment: Joe Stanganelli, This issue has been gradually building up attention-getting for a while now...

AsTech Offers a $5 Million Security Breach Warranty

Quick Hits

AsTech expands its warranty program with a guarantee it will find Internet application vulnerabilities or it will pay up to $5 million if there is a breach.

By Dark Reading Staff , 7/14/2017

0 comments | Read | Post a Comment

US Voters Consider Russia the Largest Security Risk to Elections

Quick Hits

Nearly half of US voters believe Russia is the largest security risk for elections in the nation, according to a survey.

By Dark Reading Staff , 7/13/2017

5 comments | Read | Post a Comment

Latest Comment: Joe Stanganelli, Indeed. Cybersecurity of actual voting systems is important, and cybersecurity...

Verizon Suffers Cloud Data Leak Exposing Data on Millions of Customers

News

Six million of Verizon's US customers had their personal and account information exposed, including PIN numbers.

By Dawn Kawamoto Associate Editor, Dark Reading, 7/12/2017

6 comments | Read | Post a Comment

Latest Comment: Shantaram, Joe, I am absolutely agree with you, it's really right words

How Active Intrusion Detection Can Seek and Block Attacks

News

Researchers at Black Hat USA will demonstrate how active intrusion detection strategies can help administrators detect hackers who are overly reliant on popular attack tools and techniques.

By Kelly Sheridan Associate Editor, Dark Reading, 7/12/2017

0 comments | Read | Post a Comment

Dealing with Due Diligence

Eldon Sprickerhoff, Founder and Chief Security Strategist, eSentire

Commentary

Companies will find themselves evaluating third-party cybersecurity more than ever -- and being subject to scrutiny themselves. Here's how to handle it.

By Eldon Sprickerhoff Founder and Chief Security Strategist, eSentire, 7/12/2017

2 comments | Read | Post a Comment

Latest Comment: douglasagray, Another framework to look at is the Software Engineering Institute, Carnegie...

US Government Limits Purchase of Kaspersky Lab Software

Quick Hits

Kaspersky Lab has been deleted from lists of approved vendors that government agencies use to buy tech products, the result of growing cybersecurity concerns.

By Dark Reading Staff , 7/12/2017

0 comments | Read | Post a Comment

HyTrust Raises $36M, Buys DataGravity for Policy Enforcement

Quick Hits

Cloud security firm HyTrust closed $36 million in Series E funding and purchased DataGravity to automate policy enforcement for workload data.

By Dark Reading Staff , 7/11/2017

0 comments | Read | Post a Comment

More Stories

Current Conversations

Posted by Joe Stanganelli

This may be the way to go, considering that testing often involves anticipating all the things that can go wrong -- and inevitably missing many of them.I'm aware of one tester whose very first test was to roll a Coke can...

In reply to: Testing & Murphy's Law
Post Your Own Reply

Posted by Shantaram

Joe, I am absolutely agree with you, it's really right words

In reply to: 192.168.1.1">Re: 192.168.1.1
Post Your Own Reply

Posted by Shantaram

Useful and interesting article. Thanks. Just continue composing this kind of articles

In reply to: 192.168.0.1">Re: 192.168.0.1
Post Your Own Reply

Posted by NishantG025

This comment is waiting for review by our moderators.

In reply to: Pending Review
Post Your Own Reply

Posted by NishantG025

This comment is waiting for review by our moderators.

In reply to: Pending Review
Post Your Own Reply

Posted by PrivateFreedoms

This comment is waiting for review by our moderators.

In reply to: Pending Review
Post Your Own Reply

Posted by MENTIS Saarathy

Does it make sense? Less than one-third unprepared means 2/3rds are prepared

In reply to: Title of this article
Post Your Own Reply

Posted by RyanSepe

This sounds like a good idea but is CRI going to act as a regulatory entity?

In reply to: "Workforce Requirements"
Post Your Own Reply

Posted by bluvg

While O365 backup is an important discussion to have, this seems perhaps self-serving when Barracuda just released their SharePoint backup solution only a few months ago (Oct 2016). Did it only become important because they...

In reply to: Self-serving?
Post Your Own Reply

Posted by Joe Stanganelli

@Charlie: Chalk that up, I suspect, to a combination of bureaucracy and "CYA" processes. ;)

In reply to: Re: Two weeks of unnecessary exposure?
Post Your Own Reply

Posted by dmstork

While the key takeaway is valid (admins should have a valid plan to restore data with private cloud SaaS/IaaS solutions), there are some nuances to be made: -SharePoint Online Recycle bin retention is 93 days not 30 -SharePoint...

In reply to: Some nuances
Post Your Own Reply

Posted by REISEN1955

Insane practice. I proudly saved one of my 501C3 accounts from a horrible Cryptolocker attack in January of 2014 - ransomware from executive director's machine to server at 1:45 am. Everything encrypted. Because...

In reply to: Re: Recycle bins, really?
Post Your Own Reply

More Conversations

Products & Releases

88% of Retailers Believe They are at Risk of Data Threats

Check Point Teams with Microsoft Intune to Secure Enterprise Mobility

Bay Dynamics Announces Technology Partnership with Symantec to Detect and Stop Insider Threats

Less than One-Third of Companies Unprepared to Meet EU GDPR

States Pledge to Meet Cyber Threats

Flashpoint Announces $28 Million Series C Led by Georgian Partners

HPE Software Boosts Security in its Backup Suite

RiskLens Secures $5 Million Series A Equity Investment

More Products & Releases

PR Newswire

Webinars

[Cyberattacks] Using Data as Your First Line of Defense

[Best Practices] Managing Multiple Clouds

The Real Impact of a Data Security Breach

Webinar Archives

Dark Reading Live EVENTS

INsecurity - For the Defenders of Enterprise Security

A Dark Reading Conference
While “red team” conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the “blue team” will be the focus.

Learn More

White Papers

Big Data Network Traffic Intelligence

Data Mgmt: What You Need to Know & Why

Customer Analytics: Taking the First Step

Modernizing Your Analytics Environment

Gartner's Magic Quadrant for Application Security Testing (AST)

More White Papers

Video

All Risk Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

Security Vulnerabilities: The Next Wave

Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?

Download This Issue!

Subscribe Now!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

[Strategic Security Report] Assessing Cybersecurity Risk

As cyber attackers become more sophisticated and enterprise defenses become more complex, many enterprises are faced with a complicated question: what is the risk of an IT security breach? This report delivers insight on how today's enterprises evaluate the risks they face. This report also offers a look at security professionals' concerns about a wide variety of threats, including cloud security, mobile security, and the Internet of Things.

Download Now!

The Impact of a Security Breach 2017

0 comments

[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem

0 comments

New Best Practices for Secure App Development

0 comments

More Reports

Slideshows

Best of Black Hat: 20 Epic Talks in 20 Years

0 comments | Read | Post a Comment

IoT Security Incidents Rampant and Costly

0 comments

Desperately Seeking Security: 6 Skills Most In Demand