Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
WhatsApp Founder to Depart Facebook Amid Privacy, Encryption Dispute
Jan Koum also plans to step down from Facebook's board of directors.
Old Worm, New Tricks: FacexWorm Targets Crypto Platforms
Malicious Chrome extension FacexWorm has reappeared with new capabilities, targeting cryptocurrency platforms and lifting user data.
Speed at Which New Drupal Flaw Was Exploited Highlights Patching Challenges
In the rush to patch, organizations can create fresh problems for themselves.
Slack Releases Open Source SDL Tool
After building an SDL tool for their own use, Slack has released it on Github under an open source license.
10 Security Innovators to Watch
Startups in the RSA Conference Innovation Sandbox competed for the title of "Most Innovative."
What Meltdown and Spectre Mean for Mobile Device Security
Here are four tips to keep your mobile users safe from similar attacks.
Insider Threats Cost Enterprises More Than $8M Every Year – Report
Insider threats, whether it's an employee with malicious intent or a worker is simply careless, can cost enterprises more than $8 million over the course of 12 months to clean up, according to a new report.
3 Ways to Maximize Security and Minimize Business Challenges
The best strategy for choosing security tools and architecting networks is to focus on staffing and resources, risk tolerance, and business change.
Rubella Macro Builder Crimeware Kit Price Drops to $40
Crime might not pay, but it also doesn't have to be expensive to try. Flashpoint researchers have found that the monthly fee for the Rubella Macro Builder crimeware kit dropped to $40 on the underground market.
More Than 1M Children Victims of Identity Fraud in 2017
Total fraud against kids amounted to $2.6 billion and more than $540 million in out-of-pocket costs to families, a new report finds.
'Don't Extort Us': Uber Clarifies its Bug Bounty Policy
Updated parameters should help avoid future extortion incidents.
Reno Man Created 8,000 Fake Online Accounts via Stolen Identities
Kenneth Gilbert Gibson pleaded guilty to creating more than 8,000 fraudulent online accounts to launch a $3.5M fraud operation.
'Zero Login:' The Rise of Invisible Identity
Will new authentication technologies that recognize users on the basis of their behaviors finally mean the death of the despised password?
North Korea-Linked 'Operation GhostSecret' Found in 17 Countries
A new report out this week from McAfee has identified a new North Korea-linked cyber operation called 'GhostSecret,' which appears to be active in 17 different countries and targeting a number of different industries.
Researchers Detail Self-Learning System That Secures IoT Devices
Researchers from several universities have published a new paper describing what they believe is a better way to protect and secure IoT devices and sensors.
North Korea Ramps Up 'Operation GhostSecret' Cyber Espionage Campaign
Critical infrastructure, entertainment, finance, healthcare, telecoms, among recent targets of the Lazarus Group, aka Hidden Cobra.
Routing Security Gets Boost with New Set of MANRS for IXPs
The Internet Society debuts a new mutually agreed norms initiative for IXPs.
How Microsoft, Amazon, Alphabet Are Reshaping Security
Tech's biggest giants are shifting the cybersecurity landscape as they incorporate security into their products and services.
12 Trends Shaping Identity Management
As IAM companies try to stretch 'identity context' into all points of the cybersecurity market, identity is becoming 'its own solar system.'
MyEtherWallet DNS Attack Offers Opt-In Lessons
Attackers poisoned BGP route tables to redirect Amazon's Route 53 name servers to their malicious servers.
New Phishing Attack Targets 550M Email Users Worldwide
In an attempt to steal financial data, the attack bribes users with coupons in exchange for taking an online quiz.
Why Hackers Love Healthcare
The migration of valuable data to the cloud is piquing the interest of cybercrimimals. But there are ways to fight back.
Orangeworm Malware Burrows Into Healthcare Industry
A group of cybercriminals, known collectively as Orangeworm, are using their own malware and a custom backdoor called Kwampirs in highly targeted attacks against healthcare organizations, according to Symantec.
Europe and Asia Take on More DDoS Attacks
While North American targets have historically been on the receiving end of the majority of DDoS attacks since their inception, that trend changed in 2017.
US Healthcare Firms Among Dozens Hit in 'Orangeworm' Cyberattack Campaign
Attackers target healthcare organizations in apparent data theft mission, but could do far more damage, according to Symantec researchers.
Cryptocurrency Theft Uses Old Exploit to Highjack AWS Traffic
Earlier this week, attackers stole about $150,000 worth of cryptocurrency by exploiting a flaw in Domain Name System servers that allowed the group to hijack AWS traffic for about two hours.
The Default SAP Configuration That Every Enterprise Needs to Fix
Nine out of ten organizations are vulnerable to a 13-year-old flaw that puts their most critical business systems at risk of complete criminal takeover.
Free New Tool for Building Blockchain Skills
Blockchain CTF helps pros build skills with simulations.
Yahoo to Pay SEC Fine of $35 Million
While Yahoo senior management and legal team knew of the breach, the company failed to conduct due diligence for disclosing it to investors, the agency rules.
Google Adds Security Features to Gmail Face-lift
A redesigned Gmail brings new security measures to improve data protection and applications for artificial intelligence.
Despite Risks, Nearly Half of IT Execs Don't Rethink Cybersecurity after an Attack
A recent survey reveals a troubling degree of security inertia lurking among scores of organizations. But there are a few bright spots.
'Webstresser' DDoS Attack Site Shut Down in International Operation
Investigators arrested the admins of Webstresser, the world's largest DDoS marketplace reportedly responsible for more than four million attacks.
Why Information Integrity Attacks Pose New Security Challenges
To fight information integrity attacks like the ones recently perpetrated by bots on the FCC's website, we need to change our stance and look for the adversaries hiding in plain sight.
Low-Cost Crimeware Kit Gaining Popularity in Underground Markets
At $150 for a three-month subscription, Rubella Malware Builder presents a threat to enterprises, Flashpoint says.
Microsoft: Tech Support Scams on the Rise
A recent report from Microsoft shows that the number of scams using tech support as a cover is on the increase. However, many times it's up to consumers and companies to protect themselves.
Diversity: It's About Inclusion
Unrealistic entry-level job requirements, black-hoodie hacker image problems are among the 'uncomfortable conversations' needed to remedy cybersecurity's diversity gap.
Cloud Misconceptions Are Pervasive Across Enterprises
Shadow IT is rampant at many organizations that rely upon cloud-delivered tools and services to enable remote work, according to a new study. Here's what security teams need to do about it.
5 New Network Attack Techniques That Will Keep You Awake at Night
You can't trust anything -- not the cloud, not hardware, not industrial control systems. Take nothing for granted, advise the experts, and trust nothing.
Latest News from RSAC 2018
Check out Dark Reading's updated, exclusive coverage of the news and security themes that dominated RSA Conference 2018 in San Francisco.
SEC Slaps Yahoo Successor With $35M Fine for 2014 Data Breach
The SEC has hit Yahoo's successor, Altaba, with a $35 million fine related to the company's 2014 data breach.
Coviello: Modern Security Threats are 'Less About the Techniques'
Today's attack surface is broader, more open, and demands a proactive approach to security, according to former RSA chairman Art Coviello.
Deconstructing the Possibilities and Realities of Enterprise IoT Security
Organizations are rushing to leverage Internet of Things solutions but struggle to design the information technology architectures that will lock down the data these devices create.
MEDantex Healthcare Transcription Firm Accidentally Exposes Medical Records
Exposed data likely the result of a flawed system rebuild after a recent ransomware attack on the company.
Ukrainian Energy Ministry Website Suffers Ransomware Attack
Attackers sent a message in English demanding ransom in Bitcoin.
Smartphones Remain the Most Vulnerable of Endpoints
The nature of mobile devices, especially smartphones, continues to make them the most vulnerable of endpoint devices. Here's why enterprise security teams need to stay vigilante.
Cybersecurity Buzz Phrase Bingo
The RSA Conference expo was chock full of vendors showing off their wares with language as colorful as the blinky lights on a SOC dashboard.
'Stresspaint' Targets Facebook Credentials
New malware variant goes after login credentials for popular Facebook pages.
It's Time to Take GitHub Threats Seriously
There's a good chance your company has projects on the source code management system, but the casual way many developers use GitHub creates security issues.
Atlanta's Ransomware Attack Cost Around $2.6M – Report
A report indicates that Atlanta spent a little over $2.6 million to defend itself against the SamSam ransomware attack that crippled city services earlier this year.
SunTrust Investigation Shows Continuing Threats Posed by Insiders
SunTrust Banks investigate a possible data theft by an employee that could have exposed the personal information of 1.5 million customers. The incident shows insider threats remain a significant security issue.
|
The State of Cybersecurity Incident ResponseIn this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
0 Comments
