Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Why Cryptocurrencies Are Dangerous for Enterprises
When employees mine coins with work computers, much can go wrong. But there are some ways to stay safe.
How to Secure 'Permissioned' Blockchains
At the heart of every blockchain is a protocol that agrees to the order and security of transactions in the next block. Here's how to maintain the integrity of the chain.
OMG: Mirai Botnet Finds New Life, Again
The Mirai botnet refuses to die. This time, it has spawned a new bot called OMG, which Fortinet researchers have seen in the wild, and it's turning IoT devices into proxy servers.
Virtual Private Networks: Why Their Days Are Numbered
As companies move to the cloud and depend less on physical servers and network connections, their reliance on VPNs for security will eventually evolve, if not disappear altogether.
GDPR: The New Price We Pay for Data Privacy
When the EU's GDPR regulations come into effect in May, the rules around how companies and individuals regard data privacy will change forever. Even for those outside Europe, this could be an expensive journey to take.
March Dark Reading Event Calendar Spans BlackOps to SecDevOps
These upcoming webinars will help you comprehend the mysterious machinations inside the minds of hackers and in-house developers.
Security Starts with the User Experience
Preventing a data breach is safer and more cost-effective than dealing with a breach after it has already happened. That means a focus on security in the design phase.
Incident 'Management': What IT Security Can Learn from Public Safety
How a framework developed for fighting California wildfires back in the '70s can fortify first responders to a modern cyberattack.
4 Steps to Make Your Website GDPR Compliant
Three months remain to whip your website into shape before the May 25 GDPR compliance deadline. Here are several steps to help you get there.
Misleading Cyber Foes with Deception Technology
Today's deception products go far beyond the traditional honeypot by catching attackers while they are chasing down non-existent targets inside your networks.
Attackers Sell Growing Number of Legitimate SSL Certificates
Network security applications performing deep packet inspections are increasingly getting duped by these rogue legitimate certificates, according to a new report.
6 Cybersecurity Trends to Watch
Expect more as the year goes on: more breaches, more IoT attacks, more fines…
US Government Leads World in Data Breaches
US government agencies are leading the world when it comes to data breaches, and the issue seems to be getting worse, according to a new report. However, a shift to cloud may help alleviate some problems.
GDPR Non-Compliance: Will Your Enterprise Get Busted?
GDPR enforcement begins May 25 and regulators are likely to focus on particular industries and types of companies, according to attorneys and analysts.
Leveraging Security to Enable Your Business
When done right, security doesn't have to be the barrier to employee productivity that many have come to expect. Here's how.
Equifax, Intel Help Spur SEC to Update Cybersecurity Regulations
The Equifax data breach, along with problems at Intel, has spurred the Securities and Exchange Commission to update its rules about the disclosing of cybersecurity incidents that now puts greater responsibility on CEOs and other company officers.
Enabling Better Risk Mitigation with Threat Intelligence
In order to get the maximum benefit from threat intel you need to be able to operationalize it. Here's how.
It's Not What You Know, It's What You Can Prove That Matters to Investigators
Achieving the data visibility to ensure you can provide auditors with the information they need after a breach, and do so in just a few days, has never been more difficult.
Anatomy of an Attack on the Industrial IoT
How cyber vulnerabilities on sensors can lead to production outage and financial loss.
GDPR Blackmail Looms as a Double-Dip Cyber Attack Plan
Cybercriminals' targeted attacks may also include extortion fees to keep their breaches quiet and out of the view of GDPR enforcers, researchers find.
Security Liability in an 'Assume Breach' World
Cybersecurity today is more than an IT issue. It's a product quality issue, a customer service issue, an operational issue, and an executive issue. Here's why.
Takeaways from the Russia-Linked US Senate Phishing Attacks
The Zero Trust Security approach could empower organizations and protect their customers in ways that go far beyond typical security concerns.
Coldroot RAT Sends Mac Antivirus Down a Maze
A new blog by a Digita Security researchers finds that Coldroot RAT, which specifically targets Mac and macOS users, is still eluding detection from different antivirus engines, even though it's available on GitHub.
Getting Started with IoT Security in Healthcare
There’s a hazard that comes with introducing any new element into patient care whether it's a new drug or a connected device. These four steps will help keep patients safe.
Meltdown/Spectre: The First Large-Scale Example of a 'Genetic' Threat
These vulnerabilities mark an evolutionary leap forward, and companies must make fighting back a priority.
Proactive Threat Hunting: Taking the Fight to the Enemy
Pulling together everything your security team needs to be effective at threat hunting is not easy but it's definitely worthwhile. Here's why.
Cryptocurrency Crime: The Internet's New Wild West
The popularity of Bitcoin and other cryptocurrencies has opened the floodgates to different cybercrimes, scams and outright theft. A pair of reports from Cisco and Digital Shadows paints a portrait of this new Wild West of the Internet.
Microsoft Vulnerabilities More Than Doubled in 2017 – Report
A comprehensive exam by security vendor Avecto found that the number of vulnerabilities in Microsoft's products increased from 234 to 685 between 2016 and 2017.
DDoS Today: No Safety Inside the Perimeter
For years, protecting the perimeter was believed to be the safest way to guard against DDoS. However, the cloud, IoT and new botnets have changed that thinking. Here's how CISOs and security pros should respond.
DoubleDoor IoT Botnet Is a Harbinger of Exploits to Come
NewSky researchers are looking into DoubleDoor, a new type of IoT botnet that combines two exploits together. It also shows what kind of security challenges lie ahead for the enterprise.
Rise of the 'Hivenet': Botnets That Think for Themselves
These intelligent botnet clusters swarm compromised devices to identify and assault different attack vectors all at once.
UK Accuses Russia of Launching NotPetya Attacks
The Kremlin and the Russian military used the NotPetya ransomware attack to target Ukrainian financial, energy and government centers, according to allegations the UK government made this week.
Democracy & DevOps: What Is the Proper Role for Security?
Security experts need a front-row seat in the application development process but not at the expense of the business.
Kaspersky: Phishing Attack Attempts Soared 59% in 2017
There has been dramatic, year-over-year growth in phishing attacks, following only a slight increase in 2016 and a two-digit decline in 2015, according to a report released by Kaspersky Lab.
From DevOps to DevSecOps: Structuring Communication for Better Security
A solid approach to change management can help prevent problems downstream.
Mobile Malware Increases, While Hiding in Porn Sites
Porn and other adult content sites are helping to disguise an increase in mobile malware, which is targeting users embarrassed by their online browsing habits, according to new information from Kaspersky Labs.
The Mirai Botnet Is Attacking Again…
And the spinoff bots — and all their command and control hostnames buried in the morass of digital data — are hilarious.
3 Tips to Keep Cybersecurity Front & Center
In today's environment, a focus on cybersecurity isn't a luxury. It's a necessity, and making sure that focus is achieved starts with the company's culture.
Fileless Malware: Not Just a Threat, but a Super-Threat
Exploits are getting more sophisticated by the day, and cybersecurity technology just isn't keeping up.
Mozilla Leads the Way to Safer Browser Development
Mozilla is looking to make web browsers safer by adding new developer features into Firefox that should make the HTTPS protocol a must-have way to transmit for websites.
The GDPR Clock Is Running Out. Now What?
Many organizations impacted by new European Union data privacy rules that go into effect May 25 are still blind to some of the basics.
Equifax Taps Former Home Depot Security Chief as New CISO
Equifax, the embattled credit monitoring company is hoping the former Home Depot CISO can turn the beleaguered company's security around. After all, he's previously played cleanup man.
Can Android for Work Redefine Enterprise Mobile Security?
Google's new mobility management framework makes great strides in addressing security and device management concerns while offering diverse deployment options. Here are the pros and cons.
Fake News: Could the Next Major Cyberattack Cause a Cyberwar?
In the way it undercuts trust, fake news is a form of cyberattack. Governments must work to stop it.
Better Security Analytics? Clean Up the Data First!
Even the best analytics algorithms using incomplete and unclean data won't yield useful results.
Tracking Bitcoin Wallets as IOCs for Ransomware
By understanding how cybercriminals use bitcoin, threat analysts can connect the dots between cyber extortion, wallet addresses, shared infrastructure, TTPs, and attribution.
Windows 10 Bypassing Passwords With Fujitu's PalmSecure Biometrics
Microsoft is looking to overcome the password dilemma by incorporating Fujitsu's PalmSecure biometric technology into Windows 10.
Back to Basics: AI Isn't the Answer to What Ails Us in Cyber
The irony behind just about every headline-grabbing data breach we've seen in recent years is that they all could have been prevented with simple cyber hygiene.
Forcepoint Finds New Malware Hiding in PoS Machines
The malware, which resembles a LogMeIn service pack, can capture data from credit cards and then reproduce the card or other information. However, Forcepoint believes this strain of malware is still under development.
20 Signs You Need to Introduce Automation into Security Ops
Far too often, organizations approach automation as a solution looking for a problem rather than the other way around.
|
7 New Cybersecurity Vulnerabilities That Could Put Your Enterprise at RiskIn this Dark Reading Tech Digest, we look at the ways security researchers and ethical hackers find critical vulnerabilities and offer insights into how you can fix them before attackers can exploit them.
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Tweet This
17 Comments
