Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
What Meltdown and Spectre Mean for Mobile Device Security
Here are four tips to keep your mobile users safe from similar attacks.
3 Ways to Maximize Security and Minimize Business Challenges
The best strategy for choosing security tools and architecting networks is to focus on staffing and resources, risk tolerance, and business change.
Rubella Macro Builder Crimeware Kit Price Drops to $40
Crime might not pay, but it also doesn't have to be expensive to try. Flashpoint researchers have found that the monthly fee for the Rubella Macro Builder crimeware kit dropped to $40 on the underground market.
'Zero Login:' The Rise of Invisible Identity
Will new authentication technologies that recognize users on the basis of their behaviors finally mean the death of the despised password?
Researchers Detail Self-Learning System That Secures IoT Devices
Researchers from several universities have published a new paper describing what they believe is a better way to protect and secure IoT devices and sensors.
Why Hackers Love Healthcare
The migration of valuable data to the cloud is piquing the interest of cybercrimimals. But there are ways to fight back.
Orangeworm Malware Burrows Into Healthcare Industry
A group of cybercriminals, known collectively as Orangeworm, are using their own malware and a custom backdoor called Kwampirs in highly targeted attacks against healthcare organizations, according to Symantec.
Europe and Asia Take on More DDoS Attacks
While North American targets have historically been on the receiving end of the majority of DDoS attacks since their inception, that trend changed in 2017.
Despite Risks, Nearly Half of IT Execs Don't Rethink Cybersecurity after an Attack
A recent survey reveals a troubling degree of security inertia lurking among scores of organizations. But there are a few bright spots.
Why Information Integrity Attacks Pose New Security Challenges
To fight information integrity attacks like the ones recently perpetrated by bots on the FCC's website, we need to change our stance and look for the adversaries hiding in plain sight.
Microsoft: Tech Support Scams on the Rise
A recent report from Microsoft shows that the number of scams using tech support as a cover is on the increase. However, many times it's up to consumers and companies to protect themselves.
Cloud Misconceptions Are Pervasive Across Enterprises
Shadow IT is rampant at many organizations that rely upon cloud-delivered tools and services to enable remote work, according to a new study. Here's what security teams need to do about it.
5 New Network Attack Techniques That Will Keep You Awake at Night
You can't trust anything -- not the cloud, not hardware, not industrial control systems. Take nothing for granted, advise the experts, and trust nothing.
Deconstructing the Possibilities and Realities of Enterprise IoT Security
Organizations are rushing to leverage Internet of Things solutions but struggle to design the information technology architectures that will lock down the data these devices create.
Smartphones Remain the Most Vulnerable of Endpoints
The nature of mobile devices, especially smartphones, continues to make them the most vulnerable of endpoint devices. Here's why enterprise security teams need to stay vigilante.
It's Time to Take GitHub Threats Seriously
There's a good chance your company has projects on the source code management system, but the casual way many developers use GitHub creates security issues.
Cybercrime: More Like Facebook's Model Than Traditional Criminal Enterprise
As the global economy has changed, so has cybercrime, which resembles something much closer to how Facebook works than a traditional criminal enterprise, according to a new report.
Digital Identity Makes Headway Around the World
The US is lagging behind the digital ID leaders.
It's the People: 5 Reasons Why SOC Can't Scale
There are always more security alerts and threats to respond, but the answer isn't to simply throw more money at the SOC to hire additional Tier 1 and Tier 2 security analysts.
IDS & IPS: Two Essential Security Measures
To protect business networks, one line of security isn't enough.
Biometrics Are Coming & So Are Security Concerns
Could these advanced technologies be putting user data at risk?
Login With Facebook & Watch Your Personal Data Leak
A common feature on many popular websites allows users to login with their Facebook profile. However, a trio of Princeton researchers show that this feature allows personal information to leak and be collected.
Cyber Attacks Have Doubled, but Security Is Getting Better at Blocking Them
In a survey, Accenture said the number of targeted attacks like ransomware and DDoS are growing, but organizations are getting better and faster at detecting them.
How to Protect Industrial Control Systems from State-Sponsored Hackers
US-CERT recently issued an alert about Russian threat activity against infrastructure sectors. Is there a way to fight back?
Microsoft Security Is Channeling the Terminator
In its own way of channeling the Terminator and Skynet, Microsoft is looking to add more layers of artificial intelligence into its Windows Defender ATP to further reduce remediation and increase automation of security.
Researchers Discover Second rTorrent Vulnerability Campaign
This time attackers appears to have spoofed the Recording Industry Association of America (RIAA) and New York University (NYU) user-agents.
In Wake of Spectre & Meltdown, Intel Shifts Memory Scanning to GPU
At the RSA Conference this week, Intel introduced several silicon-level security technologies, including moving memory scanning from the CPU to the GPU, as part of its larger 'security-first' strategy following the Spectre and Meltdown issues.
The Role of KPIs in Incident Response
Using KPIs can have a positive impact on the tactical and strategic functions of a security operations program.
How to Leverage Artificial Intelligence for Cybersecurity
AI and predictive analytics should be used to augment a company’s security team, not replace it. Here's why.
Alert Warns Russian Actors Are Targeted Unsecured Network Devices
A join statement from UK and US law enforcement and security agencies are warning that Russian actors are targeting older and unpatched network infrastructure as part of an ongoing cyberespionage campaign.
Why We Need Privacy Solutions That Scale Across Borders
New privacy solutions are becoming scalable, smarter, and easier to address compliance across industries and geographies.
Endpoint Security: 3 Big Obstacles to Overcome
Two recent reports highlight three major challenges in enterprise endpoint security.
Ransomware: Still a Security Threat & Still Evolving
While ransomware may have faded from the headlines a bit during the first four months of 2018, a bevy of reports from Verizon, Symantec and Webroot find that not only does it remain a top security threat, but it continues to evolve as well.
'PowerHammer' Exploit Can Steal Computer Data Across Electrical Lines
Researchers at Ben-Gurion University have created a new exploit called 'PowerHammer' that can steal data from PCs and other systems through electrical lines.
How GDPR Forces Marketers to Rethink Data & Security
The European regulation is making marketing technology companies re-examine their security, and that's a good thing.
Data Breach Increase Shows Endpoints Are Under Attack
The stats and factoids from the latest edition of Verizon's annual Data Breach Investigation Report make clear enterprise endpoints have been far too vulnerable and that explains why data breaches are on the rise.
Federal Agency Data Under Siege
Seventy-one percent of IT security professionals in US federal agencies have reported breaches in their organizations.
Misconfigured Routers Could Be Used for Botnets, Espionage
A recent white paper released by Akamai finds that thousands of misconfigured routers using older UPnP protocols could be turned into malicious botnets or used for espionage.
Beyond Bitcoin: How Blockchain Can Benefit IoT Security
As the market for the Internet of Things grows, security concerns are increasing. However, a new study shows that blockchain technology can go beyond protecting cryptocurrency to help lock down IoT devices and sensors better than other methods.
The Good, the Bad & the Disruptive: Bots on the Wild, Wild Web
Not all bots are bad -- some are downright helpful -- so you can't block them entirely.
Microsegmentation: Strong Security in Small Packages
A deep dive into how organizations can effectively devise and implement microsegmentation in a software-defined networking data center.
How Attackers Can Exploit rTorrent with Monero Cryptocurrency Miner
As cryptomining campaigns become more profitable, cybercriminals are becoming more creative about finding new ways to extend their operations.
Billions of Business Files & Data Are Exposed Online to Anyone
A report from Digital Shadows finds that more than a billion files, including sensitive data and intellectual property, are exposed to the greater Internet. Much of this is due to antiquated technology.
Avoiding the Ransomware Mistakes that Crippled Atlanta
What made Atlanta an easy target was its outdated use of technology: old computers running on non-supported platforms, which are also a characteristic of many municipalities and most major cities.
Stopping Cyber Madness: Why the Private Sector Must Lead the Fight
The government's ability to help secure the Internet will be limited given the light speed of the Internet versus the slower pace of government. That's why stopping the madness begins with the private sector.
Hack Back: An Eye for an Eye Could Make You Blind
Attackers have had almost zero consequences or cost for stealing data from innocent victims. But what if we could hack their wallets, not their systems?
Bastille's ATI System Warning Raises Its Own Alarm
Bastille Networks made a splash by notifying ATI Systems that its warning systems have a significant vulnerability. However, the timing of the notice leaves a question about motives when public safety is at risk.
IoT Malware-on-the-Fly Expected to Rise
Researchers discover a new Mirai-variant IoT botnet that appears linked to IoTroop or Reaper botnet, allowing attackers to easily update malicious code on the fly.
Pairing Policy & Technology: BYOD That Works for Your Enterprise
An intelligent security policy coupled with the right technology can set you up for success with BYOD.
20 Ways to Increase the Efficiency of the Incident Response Workflow
Despite all the good intentions of some great security teams, we are still living in a "cut-and-paste" incident management world.
|
Latest Comment: The superior method of sandboxing called "sandcastling" involves having the user detonate the malware.
Special Report: Computing's New Normal, a Dark Reading PerspectiveThis special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Tweet This
17 Comments
