Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
NDSU Offers Nation's First Ph.D. in Cybersecurity Education
The new program focuses on training university-level educators in cybersecurity.
Toyota Customer Information Exposed in Data Breach
The attackers hit dealer sales systems in Japan, according to the automaker.
7 Malware Families Ready to Ruin Your IoT's Day
This latest list of Internet of Things miscreants doesn't limit itself to botnets, like Mirai.
20 Years of STRIDE: Looking Back, Looking Forward
The invention of STRIDE was the key inflection point in the development of threat modeling from art to engineering practice.
UK Watchdog Criticizes Huawei for Lax Software Security, Development
Calling the company's software development practices chaotic and unsustainable, a UK government oversight group calls on the company to make measurable progress toward more secure and sustainable code.
Microsoft Takes Down 99 Hacker-Controlled Websites
A judge granted Microsoft the injunction allowing them to disrupt a network of sites operated by an Iranian-linked group of hackers.
New Android Trojan Targets 100+ Banking Apps
'Gustuff' also designed to steal from cryptocurrency wallets, payment services, e-commerce apps.
40% of Organizations Not Doing Enough to Protect Office 365 Data
Companies could be leaving themselves vulnerable by not using third-party data backup tools, a new report finds.
Man Pleads Guilty to Hacking Apple Accounts of NFL & NBA Players, Rappers
Dozens of pro athletes and musicians fell for a phishing scam that pilfered their Apple accounts and credit cards.
Quantum Computing and Code-Breaking
Prepare today for the quantum threats of tomorrow.
Enterprise Data Encryption Hits All-time High
A new report by the Ponemon Institute shows 45% of organizations have a comprehensive encryption policy in place.
Microsoft Tackles IoT Security with New Azure Updates
The Azure Security Center for IoT provides teams with an overview of IoT devices and helps monitor their security properties.
Everything I Needed to Know About Third-Party Risk Management, I Learned from Meet the Parents
How much do you trust your vendors? You don't have to hook them up to a polygraph machine because there are better ways to establish trust.
Tidying Expert Marie Kondo: Cybersecurity Guru?
The "KonMari" method of decluttering can be a huge step toward greater security, according to a growing number of executives.
Inside Cyber Battlefields, the Newest Domain of War
In his Black Hat Asia keynote, Mikko Hypponen explored implications of "the next arms race" and why cyber will present challenges never before seen in warfare.
6 Things To Know About the Ransomware That Hit Norsk Hydro
In just one week, 'LockerGoga' has cost the Norwegian aluminum maker $40 million as it struggles to recover operations across Europe and North America.
New Shodan Tool Warns Organizations of Their Internet-Exposed Devices
Shodan Monitor is free to members of the popular Internet search engine.
Threat Hunting 101: Not Mission Impossible for the Resource-Challenged
How small and medium-sized businesses can leverage native features of the operating system and freely available, high-quality hunting resources to overcome financial limitations.
GAO Finds Deficiencies in Systems for Handling National Debt
IT systems at the Bureau of the Fiscal Service and the Federal Reserve Bank show vulnerabilities that could lead them open to exploitation and breach.
The 'Twitterverse' Is Not the Security Community
The drama on social media belies the incredible role models, job, training, and networking opportunities found in the real world of traditional cybersecurity.
Russia Regularly Spoofs Regional GPS
The nation is a pioneer in spoofing and blocking satellite navigation signals, causing more than 9,800 incidents in the past three years, according to an analysis of navigational data.
ASUS 'ShadowHammer' Attack Underscores Trusted Third-Party Risks
Taiwanese computer maker says it has fixed issue that allowed attackers to distribute malware via company's automatic software update mechanism.
Small Businesses Turn to Managed Service Providers for Security
The average cost of a cyberattack at an SMB is $54,650, a new study shows.
Insurers Collaborate on Cybersecurity Ratings
A group of insurers will base rates and terms on whether customers purchase technology that has earned a stamp of approval.
Data Privacy Manifestos: Competitive Advantage or the Start of Something Bigger?
Facebook is the latest company to weigh in with a corporate manifesto focused on privacy. Though it's a welcome trend, only time will tell how many follow through.
10 Movies All Security Pros Should Watch
Don't expect to read about any of the classics, like 'War Games' or 'Sneakers,' which have appeared on so many lists before. Rather, we've broadened our horizons with this great mix of documentaries, hacker movies, and flicks based on short stories.
Under Attack: Over Half of SMBs Breached Last Year
Many small and midsize businesses work faster and harder than large enterprises, but they're just as vulnerable to cybercrime.
87% of Cloud Pros Say Lack of Visibility Masks Security
The majority of cloud IT professionals find a direct link between network visibility and business value, new data shows.
Ex-NSA Director Rogers: Insider Threat Prevention a 'Contract'
Ret. Admiral Michael Rogers – who served as head of the NSA and the US Cyber Command from 2014 to 2018 – on how to handle the risk of insiders exposing an organization's sensitive data.
Pwn2Own: Tesla Hack, Broken VMs, and Skewed Economics
In the latest Pwn2Own vulnerability throwdown at the CanSecWest conference, two researchers walk away with the lion's share of rewards—just like the real marketplace.
Attackers Compromise ASUS Software Update Servers to Distribute Malware
ShadowHammer campaign latest to highlight dangers of supply chain attacks.
IT Leaders, Employees Divided on Data Security
Execs and employees have dramatically different ideas of how much information is being lost and why – a gap that puts enterprise data in grave danger.
Dark Reading’s Kelly Jackson Higgins Honored as Top Cybersecurity Journalist
In voting conducted by the SANS Institute, Jackson Higgins is named by peers as one of the top 10 journalists in the industry.
A Glass Ceiling? Not in Privacy
According to a new study, female professionals in the US privacy profession outnumber males 53% to 47%.
Inside Incident Response: 6 Key Tips to Keep in Mind
Experts share the prime window for detecting intruders, when to contact law enforcement, and what they wish they did differently after a breach.
Two Found Guilty in Online Dating, BEC Scheme
Cybercriminals involved in the operation created fake online dating profiles and tricked victims into sending money to phony bank accounts.
Security Lessons from My Game Closet
In an era of popular video games like Fortnite and Minecraft, there is a lot to be learned about risk, luck, and strategy from some old-fashioned board games.
FIN7 Cybercrime Gang Rises Again
The group now employs a new administrative interface for managing its campaigns, as well as documents that link to SQL databases for downloading its code.
Businesses Manage 9.7PB of Data but Struggle to Protect It
What's more, their attempts to secure it may be putting information at risk, a new report finds.
Facebook Employees for Years Could See Millions of User Passwords in Plain Text
2,000 Facebook engineers or developers reportedly made some nine million internal queries for data elements with plain text passwords.
Hacker AI vs. Enterprise AI: A New Threat
Artificial intelligence and machine learning are being weaponized using the same logic and functionality that legitimate organizations use.
SaaS Ecosystem Complexity Ratcheting Up Risk of Insider Threats
Even with common security platforms like CASBs, organizations struggle to deal with the volume of apps and accounts that interact with business-critical data.
Microsoft Brings Defender Security Tools to Mac
Windows Defender becomes Microsoft Defender, and it's available in limited preview for Mac users.
Police Federation of England and Wales Suffers Apparent Ransomware Attack
National Cyber Security Centre and National Crime Agency investigate random attack that locked down the association's data and deleted backups.
What the Transition to Smart Cards Can Teach the US Healthcare Industry
Healthcare information security suffers from the inherent weakness of using passwords to guard information. Chip-based smart cards could change that.
Researchers Seek Out Ways to Search IPv6 Space
Security researchers regularly search IPv4 address space looking for servers with ports exposing vulnerable software. With the massive number of IPv6 addresses, however, they have lost that ability. Can tricks and workarounds save the day?
BEC Scammer Pleads Guilty
Business email compromise (BEC) operation resulted in $100 million in losses to a multinational technology company and a social media firm, according to the US Attorney's Office.
Google Photos Bug Let Criminals Query Friends, Location
The vulnerability, now patched, let attackers query where, when, and with whom victims' photos were taken.
The Insider Threat: It's More Common Than You Think
A new study shows why security teams must look holistically across cybersecurity, compliance, technology, and human resources to truly address the business effects of workforce risk.
Less Than 3% of Recycled Computing Devices Properly Wiped
Researchers find that companies that refurbish or accept old equipment as donations don't necessarily clean them of data as promised.
|
Latest Comment: 'Look, our very own Don Quixote! If only his chivalrous attempt could twart the ransom, we'd be spared the media coverage.'
Navigating the Deluge of Security DataIn this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industry’s conventional wisdom. Here’s a look at what they’re thinking about.
Tweet This
1 Comments
