Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Boldest Cybersecurity Predictions For 2016
Forget the boring, safe predictions -- here instead are the most interesting, cringe-worthy, humorous, or otherwise shocking predictions for the coming year.
Tor Project To Launch Bug Bounty Program
Open Technology Fund will sponsor program and HackerOne will manage it
The Changing Face Of Encryption: What You Need To Know Now
Encryption today is now an absolute must and the fact that it is difficult does not change the fact that you have to use it.
Users No Longer Need to Jailbreak Apple iOS To Load Rogue Apps
'DarkSideLoader' app stores can side-load apps and circumvent official app stores on any iOS device.
5 Tips For Getting The Most Out Of Your Firewall
Despite concerns over the effectiveness of perimeter technologies, firewalls remain a staple in the enterprise security arsenal.
The Fraud Tsunami Heads To The Sharing Economy
When it comes to cyberfraud, online marketplaces like AirBnB can expect an uphill battle in the wake of the rollout of new chip card technology in 2016.
15 Cybersecurity Lessons We Should Have Learned From 2015, But Probably Didn't
Another infosec year is almost in the books. What did all the breaches, vulnerabilities, trends, and controversies teach us?
Tech Gifts That Security Pros Will Probably Return
Insecure gifts that CISOs and other security pros are likely returning as we speak.
Giant Mystery Database Of US Voters Leaked
No organization will take responsibility for the database that includes 191 million voter registration records.
The Rise Of Community-Based Information Security
The more vendors, service providers, and companies’ band together to fight security threats, the more difficult it will become for attacks to succeed.
Security Vendors Report Uptick in Whaling, Phishing Scams
Expect to see an increase in attempts by cyber crooks to trick businesses and individuals to part with their money say Mimecast, Kaspersky Labs.
Survey: When Leaving Company, Most Insiders Take Data They Created
Most employees believe they own their work, and take strategy documents or intellectual property with them as they head out the door.
A Hidden Insider Threat: Visual Hackers
Ponemon experiment shows how low-tech white-hat hackers, posing as temps, captured information from exposed documents and computer screens in nearly nine out of ten attempts.
2015 Ransomware Wrap-Up
Here's a rundown of the innovative ransomware that frightened users and earned attackers big bucks this year.
Torrenting Still A Thorn In Enterprise Networks
A quarter of enterprises still see torrenting activity and among those, 43 percent of apps contain malicious elements.
The Industrial Cyber Myth: It’s No Fantasy
As threats become more sophisticated, the industry is still playing catch-up.
9 Coolest Hacks Of 2015
Cars, guns, gas stations, and satellites, all got '0wned' by good hackers this year in some of the most creative yet unnerving hacks.
Oracle Settles FTC Charges That It Deceived Users About Java Security Updates
Oracle will have to be more forthright and communicate the truth via social media and anti-virus companies going forward.
Yellow Alert Sounded For Juniper Vulns, Feds Called In
SANS ISC raises infosec alert level and FBI investigates potential nation-state activity leading to backdoor vulnerabilities in Juniper ScreenOS products.
Security Tech: It’s Not What You Buy, It’s How You Deploy
Good information security depends on a holistic strategy, not on an elite lineup of discretely moving parts.
10 Funny Twitter Feeds For Security Geeks
These must-follow Twitter feeds offer plenty of cybersecurity humor to keep infosec pros giggling even when the attacks keep coming.
Juniper Discovers Unauthorized Code In Its Firewall OS
'Troubling' incident exposes code designed to decrypt VPN communication and enable remote administrative control of devices.
When RATs Become a Social Engineer’s Best Friend
Hacking humans in the banking industry through rogue help desks is becoming a significant problem.
90% Of Industries, Not Just Healthcare, Have Disclosed PHI In Breaches
New Verizon PHI report finds that organizations' workers comp and wellness programs are also vulnerable repositories for personal health information.
Validating Supply Chain Cybersecurity
How to identify risks, understand downstream effects, and prepare for incidents.
The InfoSec Gender Divide: Practical Advice For Empowering Women
There is no one-size-fits-all approach for women to succeed in IT security. What you need is a roadmap and a little help from your friends.
Security Talent Gap Threatens Adoption Of Analytics Tools
Finding qualified personnel with the right skillsets to configure and operate analytics platforms is a big challenge today, but workforce development, training, and more intuitive technology could help.
SQL Injection, XSS Flaws Found In Network Management System Products
Patches available for two flaws, pending for four others.
An Ill ‘Wynd’ Blowing But No Safe Harbor
What will state-of-the-art for cybersecurity look like in 2016? The regulatory headwinds on both sides of the Atlantic portend big changes.
The End Of Passwords?
IT professionals believe they won't exist in 10 years, but this prediction's been on tap for a decade already.
Detecting the Undetectable: Windows Registry Attacks
Fileless attacks are becoming more sophisticated, requiring a team of defenses.
Macro Malware Is Back
Social engineering drives macro malware levels to six-year highs.
Investigating Mobile Banking Attacks
Poor mobile app back-end security coding puts consumer information at risk.
To Better Defend Yourself, Think Like A Hacker
As attacks become more sophisticated and attackers more determined, organizations need to adopt an offensive approach to security that gets inside the head of the hacker.
The CISO's New Best Friend & New Boss
What does the rise of the chief data officer and the digital risk officer mean for the chief information security officer?
Internet Of Things Christmas Security Survival Guide
Here's how CISOs, security researchers, and all security-minded folks in between can channel their healthy paranoia into helpful ways of protecting friends and family from IoT gifts.
Twitter Says Nation-State Hackers Targeted Some Accounts
Social media giant warns a small number of users that attackers appear to have been after their information.
Making Security Everyone’s Job, One Carrot At A Time
These five user education strategies will turn employee bad behavior into bulletproof policies that protect data and systems.
Latentbot: A Ghost in the Internet
Malware’s multiple layers of obfuscation make it almost invisible FireEye says,
How ‘Digital Forensic Readiness’ Reduces Business Risk
These six real-world scenarios show how to turn reactive investigative capabilities into proactive, problem-solving successes.
FBI Tweaks Stance On Encryption BackDoors, Admits To Using 0-Day Exploits
FBI retreats a step, but makes stand on end-to-end encryption. Meanwhile, European Union gets ready with a rougher, tougher replacement for Safe Harbor.
Spy Banker Trojan Being Hosted On Google Cloud
Spy Banker spreading through Brazil via malicious links posted on social networks.
The Lizard Squad: Cyber Weapon or Business?
Even a hacker with the noblest intentions can run afoul of the law by not following six important do’s and don’ts.
Sea Craft Voyage Data Systems Vulnerable To Tampering, Spying
Remote attackers could snoop on or corrupt the systems that collect and store radar images, vessels' position and speed, and audio recorded in the ships' bridge or engine room.
The Employee Password Habits That Could Hurt Enterprises
While education and efforts around online credentials are improving, password hygiene still has problems
‘Re-innovating’ Static Analysis: 4 Steps
Before we pronounce the death of static analysis, let’s raise the bar with a modern framework that keeps pace with the complexity and size found in today’s software.
Known Security Flaw Found In More Antivirus Products
A vulnerability discovered earlier this year in AVG software also spotted in Intel McAfee, Kaspersky Lab AV products.
Retailers Inadequately Secured Against Risks From Temporary Workers
Retailers recognize temps are higher-risk, but have lower visibility into their activity.
Iranian Groups Conducting Sophisticated Surveillance On Middle Eastern Targets
Two groups have been using backdoor threats to spy on targeted individuals, Symantec says.
How CISOs Can Reframe The Conversation Around Security: 4 Steps
Security professionals often complain that people are the weak link in the data security system. But in reality, they could be your biggest asset and ally.
|
How Enterprises are Attacking the Cybersecurity ProblemConcerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
0 Comments
