Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Retail Security Threat Season is in Full Swing
Christmas shopping season is over, but shopping -- and threats to retailers and their customers -- is still going strong.
Avoiding Micro-Segmentation Pitfalls: A Phased Approach to Implementation
Micro-segmentation is very achievable. While it can feel daunting, you can succeed by proactively being aware of and avoiding these roadblocks.
17 Things We Should Have Learned in 2017 But Probably Didn't
The worm has returned and the Yahoos have all been exposed, but did 2017 teach us any genuinely new lessons we shouldn't already have known?
The Disconnect Between Cybersecurity & the C-Suite
Most corporate boards are not taking tangible actions to shape their companies' security strategies or investment plans, a PwC study shows.
The Financial Impact of Cyber Threats
Determining the financial impact of specific IT vulnerabilities is a good way to prioritize remediation and prevent attacks.
Nasties Abound: Symantec's Q3 Threat Report
Symantec's Threat Report from the 2017 Q3 shows that malware writers are busier than ever.
2017 Security Predictions through the Rear Window
If you're going to forecast the future, go big.
Cloud Security Is a Shared Responsibility
In the answer to a question from a recent webinar, editor Curtis Franklin looks at who's responsible for data security in the cloud.
Block Threats Faster: Pattern Recognition in Exploit Kits
When analysts investigate an indicator of compromise, our primary goal is to determine if it is malicious as quickly as possible. Identifying attack patterns helps you mitigate quicker.
Digital Forensics & the Illusion of Privacy
Forensic examiners don't work for bounties. They do what is required to catch criminals, pedophiles, or corporate embezzlers, and now their important security research is finally being acknowledged.
The Hard Work of Pointing Fingers
Pointing the finger at a perpetrator is difficult. Pointing it at the right perpetrator is even harder. That doesn't stop many organizations from trying.
Why Network Visibility Is Critical to Removing Security Blind Spots
You can't secure what you can't see. Here are four ways to shine a light on the dark spaces of your corporate infrastructure.
Be a More Effective CISO by Aligning Security to the Business
These five steps will you help marshal the internal resources you need to reduce risk, break down barriers, and thwart cyber attacks.
IoT Security Is a Matter of Life & Death
When the IoT enters the hospital room, its security becomes a matter of literal life and death.
Breach Reveals Data on All US Households
Information on every US household has now been stolen. What does that mean for IT security?
Security Worries? Let Policies Automate the Right Thing
By programming 'good' cybersecurity practices, organizations can override bad behavior, reduce risk, and improve the bottom line.
Dirty Practices Make for Difficult Security
Data hygiene is low on the priority list for most IT users, and IT security departments end up cleaning up the mess.
Comprehensive Endpoint Protection Requires the Right Cyber Threat Intelligence
CTI falls into three main categories -- tactical, operational, and strategic -- and answers questions related to the "who, what, and why" of a cyber attack.
Picker Mentality Supercharges Malware
The picker mentality, reusing code and techniques that have worked before, is making malware stronger and more difficult to defend against.
Security for the Broken Business
What is the IT security's responsibility when the business itself is intrinsically secure? The first step may be to point out the obvious.
Advanced Deception: How It Works & Why Attackers Hate It
While cyberattacks continue to grow, deception-based technology is providing accurate and scalable detection and response to in-network threats.
Is Your Security Workflow Backwards?
The pace at which information security evolves means organizations must work smarter, not harder. Here's how to stay ahead of the threats.
Office 365 Flaw Could Lead to 'Stealthy Admin' Headaches
A recently discovered flaw in Microsoft's Office 365 suite could meant that a business's so-called "stealthy admins" could compromise security without even realizing it.
Russian DNS Gobbling Up Internet Traffic
BGPMON researchers have found that Russian DNS servers redirected Internet traffic through Russia several times earlier this month. The question is whether it's a test or a harbinger of things to come.
Why Hackers Are in Such High Demand, and How They're Affecting Business Culture
White hat hackers bring value to organizations and help them defend against today's advanced threats.
Is a Good Offense the Best Defense Against Hackers?
A proposed new law could make it legal for companies to hack back against attacker. But will it work?
Automation Could Be Widening the Cybersecurity Skills Gap
Sticking workers with tedious jobs that AI can't do leads to burnout, but there is a way to achieve balance.
How Good Privacy Practices Help Protect Your Company Brand
Follow these five guidelines to keep your organization's data protected.
Kaspersky Names WannaCry 'Vulnerability of the Year'
Of all the breaches, malware and ransomware that security researchers saw this year, WannaCry had the greatest effect, according to Kaspersky Labs.
enSilo Researchers: Your NTFS Transactions Belong to Us
A pair of researchers from enSilo have disclosed how they created a new vulnerability within Windows-based systems that can compromise NTFS transactions, and the worst part is that security vendors are not prepared.
5 Reasons the Cybersecurity Labor Shortfall Won't End Soon
The number of unfilled jobs in our industry continues to grow. Here's
why.
What Slugs in a Garden Can Teach Us About Security
Design principles observed in nature serve as a valuable model to improve organizations' security approaches.
Startup Attivo Advocates for 'Deceptive' Security Protection
When it comes to security, how deceptive should enterprises be to thwart cybercriminals? Attivo Networks and a number of other security startups are advocating a different approach.
Ransomware Meets 'Grey's Anatomy'
Fictional Grey Sloan Memorial Hospital is locked out of its electronic medical records, but in the real world, healthcare organizations face even greater risks.
Equifax Breach Points to Similar Security Concerns – Report
The Equifax breach earlier this year exposed more than 140 million personal records, shocking many people. However, a new Fortinet report shows that the vulnerabilities used in that attack are becoming more common.
Why Third-Party Security Is your Security
Managing third-party risk isn't just a good idea, in many cases, it's the law. This security framework can help you minimize the threat.
Cyberattack: It Can't Happen to Us (Until It Does)
Just because your small or medium-sized business isn't as well known as Equifax or Yahoo doesn't mean you're immune to becoming a cybercrime victim.
Crypto Wars: The Show That Never Ends
The German Interior Ministry is spearheading an effort to create a new law that would require tech companies to provide backdoors for a range of devices. It's the latest salvo in the war over encryption.
Improve Signal-to-Noise Ratio with 'Content Curation:' 5 Steps
By intelligently managing signatures, correlation rules, filters and searches, you can see where your security architecture falls down, and how your tools can better defend the network.
The Security Risk Lurking in the Board of Directors
Corporate boards are a significant security concern, according to new research from Palo Alto Networks. However, there are ways for CSOs to mitigate this internal threat.
The Rising Dangers of Unsecured IoT Technology
As government regulation looms, the security industry must take a leading role in determining whether the convenience of the Internet of Things is worth the risk and compromise of unsecured devices.
Device Servers May Have Leaked Telnet Passwords for Years
A security researcher has found that servers that connect older, industrial hardware to the Internet have been leaking Telnet passwords, possibly for years.
Wearables Bring Privacy & Security Headaches to the Enterprise
A new generation of wearables is creating a new level of vulnerability for business networks.
Identity Issues: A Friday Haiku
Identity matters; the real question is how to figure out who you really are.
Email Bug Shows Flaws in Reporting System
When one of the world's most commonly used email applications doesn't have a bug-reporting system, things get very public very quickly.
Deception: Why It's Not Just Another Honeypot
The technology has made huge strides in evolving from limited, static capabilities to adaptive, machine learning deception.
|
7 New Cybersecurity Vulnerabilities That Could Put Your Enterprise at RiskIn this Dark Reading Tech Digest, we look at the ways security researchers and ethical hackers find critical vulnerabilities and offer insights into how you can fix them before attackers can exploit them.
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Tweet This
17 Comments
