Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Operational Technology: Why Old Networks Need to Learn New Tricks
Cybercriminals are maximizing their opportunity by targeting older vulnerabilities in OT environments. It's time to fight back.
Microsoft Shuts Down 50 Domains Used by North Korean Hacking Group
'Thallium' nation-state threat group used the domains to target mostly US victims.
How AI and Cybersecurity Will Intersect in 2020
Understanding the new risks and threats posed by increased use of artificial intelligence.
Fraud in the New Decade
Like any enterprise that wants to survive, fraudsters and hackers will continue to build on past successes to fuel future growth
The Coolest Hacks of 2019
A FaceTime fail, weaponized sound, a 'Prying Eye,' and a wearable fingerprint ring, were among the more novel and odd hacks this year.
Mac Malware Breaks Into Top 5 Threats of 2019 – Malwarebytes Labs
Of the top 25 detections across all platforms, six were Mac threats, the researchers discovered.
As Hackers Target Mobile Payment Apps, Here's How to Keep Them at Bay
A little vigilance helps retailers reduce and prevent three of the most common kinds of mobile app fraud
Defensive Wish List for 2020: Faster Responses to Threats
Security professionals recommend technology to detect attacks that have already infiltrated a network.
'Honoring' CCPA's Binding Principles Nationally Won't Be Easy
Even companies with the reach, capital, and innovative capacity of Microsoft or Google will struggle to adhere to the tenets of California's new consumer privacy law.
Ransomware Situation Goes From Bad to Worse
New malware distribution techniques and functionality updates are sure to put more pressure on enterprise organizations in 2020.
New Botnet Uses DHT as Its Foundation
Security researchers at 360 Netlab have been watching a new botnet they call Mozi for the last four months. It's a new P2P botnet with implementation that is based on the Distributed Hash Table protocol.
The Night Before 'Breachmas'
What does identity management have to do with Charles Dickens' classic 'A Christmas Carol'? A lot more than you think.
IoT Security: How Far We've Come, How Far We Have to Go
As organizations fear the proliferations of connected devices on enterprise networks, the private and public sector come together to address IoT vulnerabilities.
Citrix Urges Firms to Harden Configurations After Flaw Report
A vulnerability in two of the company's appliances opens 80,000 networks up for exploitation.
5G Security Rests on an Unstable Base
Positive Technologies has issued a report on the emerging security problems of 5G signaling networks.
Mastercard Announces Plan to Purchase RiskRecon
The acquisition is expected to close in the first quarter of 2020.
Former NY Hospital Employee Admits to Stealing Colleagues' Data
Richard Liriano pleads guilty to compromising hospital computers and co-workers' email accounts, as well as stealing personal files and photos.
2020 & Beyond: The Evolution of Cybersecurity
As new technologies disrupt the industry, remember that security is a process, not a goal. Educate yourself on how you can best secure your corner of the Web.
20 Vulnerabilities to Prioritize Patching Before 2020
Researchers list the top 20 vulnerabilities currently exploited by attack groups around the world.
Crystal Ball: The Top 3 Global Cybersecurity Threats for 2020
In the year ahead, organizations of all sizes must prepare for the unknown so they have the flexibility to withstand unexpected, high-impact cybersecurity events.
F5 Pays $1 Billion for Shape
The acquisition adds fraud detection and prevention to the application delivery company's tool collection.
Research Team Demonstrates Perfect Secrecy Implementation
The technique is notable because it can be implemented using low-cost, standard hardware components.
New Orleans to Boost Cyber Insurance to $10M Post-Ransomware
Mayor LaToya Cantrell anticipates the recent cyberattack to exceed its current $3 million cyber insurance policy.
6 Traits to Develop for Cybersecurity Success
Cultivate these half-dozen qualities and watch your career soar.
Happier Holidays as Ad Threat Declines
DEVCON report finds that the number of ad-threat JavaScript attacks in the US diminished year-over-year, but what attacks there were increased in sophistication.
Ambiguity Around CCPA Will Lead to a Slow Start in 2020
But longer term, compliance to California's new privacy law represents an opportunity for companies to increase customer trust and market share.
China-Based Cyber Espionage Group Targeting Orgs in 10 Countries
Dozens of organizations across multiple sectors have become victims of APT20 in the past two years.
Patch Management: How to Prioritize an Underserved Vulnerability
Why is one of the biggest problems in cybersecurity also one that CISOs largely ignore? Here are three reasons and a road map to a modern approach.
Global Cyber Alliance Launches New Security Efforts for Election Officials
The Craig Newmark Trustworthy Internet and Democracy Program will develop security toolkits -- and enhance existing ones -- ahead of the 2020 presidential election.
Privacy Requirements & Penalties Grow, Causing Firms to Struggle
Between Europe's and California's privacy laws, companies have a complex landscape to navigate in 2020. Even data-mature industries, such as financial services, see problems ahead.
Google Cloud External Key Manager Now in Beta
Cloud EKM is designed to separate data at rest from encryption keys stored in a third-party management system.
How a Password-Free World Could Have Prevented the Biggest Breaches of 2019
If history has taught us anything, it's that hackers can (and will) compromise passwords. Innovation in authentication technology is poised to change that in the coming year.
RST Gets Fixed
Peleg Hadar of SaveBreach Labs has posted about the vulnerability he found in Intel's Rapid Storage Technology Service.
5 Security Resolutions to Prevent a Ransomware Attack in 2020
Proactively consider tools to detect anomalous behavior, automatically remediate, and segment threats from moving across the network.
Microsoft Issues Out-of-Cycle SharePoint Update
The update repairs vulnerabilities that could lead to very effective phishing messages.
Worried About Magecart? Here's How to Check for It
Researchers share how everyday users can check for malicious code on e-commerce websites.
Trading Online? Steps to Take to Avoid Getting Phished
From an IT manager’s perspective, any employee using such a mobile app on a phone they also use for business opens up risks to the corporate network.
Few Firms Use Segmentation, Despite Security Benefits
Network segmentation is considered a key security control to prevent attackers from easily accessing critical assets from compromised, but unprivileged, computers. So why aren't more companies doing it?
Your First Month as a CISO: Forming an Information Security Program
It's easy to get overwhelmed in your new position, but these tips and resources will help you get started.
'Password' Falls in the Ranks of Favorite Bad Passwords
Facebook, Google named worst password breach offenders.
7 Tips to Keep Your Family Safe Online Over the Holidays
Security experts offer key cyber advice for family members.
15 Million Patient Records Exposed Attack on Canadian Lab
A cyberattack against LifeLabs exposed personal information on patients in Ontario and British Columbia.
Facebook Fixes WhatsApp Group Chat Security Issue
Flaw allowed attackers to repeatedly crash group chat and force users to uninstall and reinstall app, Check Point says.
Higher Degree, Higher Salary? Not for Some Security Pros
Turns out, skill beats experience and an academic degree doesn't guarantee higher compensation for five security positions.
Talking to the Board about Cybersecurity
A chief financial officer shares five winning strategies for an effective board-level conversation about right-sizing risk.
Don't Make Security Training a 'One-and-Done'
How to move beyond one-off campaigns and build a true security awareness program.
Siemens Contractor Sentenced for Writing 'Logic Bombs'
David Tinley, 62, rigged software he wrote for the company starting in 2014 and into 2016, causing the programs to fail.
Data Security Startup Satori Cyber Launches with $5.25M Seed Round
Satori Cyber aims to help businesses better protect and govern their information with its Secure Data Access Cloud.
TrickBot Drops an Anchor
New threat has been used in campaigns against financial, manufacturing, and retail businesses across the US and Europe.
Financial Services Breaches Less Common, More Damaging, Than Those in Other Sectors
While far less common than breaches in other industry sectors, financial services breaches were more than twice as expensive, per record exposed, than the average for tech businesses.
|
Improving Enterprise Cybersecurity With XDREnterprises are looking at eXtended Detection and Response technologies to improve their abilities to detect, and respond to, threats. While endpoint detection and response is not new to enterprise security, organizations have to improve network visibility, expand data collection and expand threat hunting capabilites if they want their XDR deployments to succeed. This issue of Tech Insights also includes: a market overview for XDR from Omdia, questions to ask before deploying XDR, and an XDR primer.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
