News & Commentary

Laptops from Dell, HP, Asus, Acer and Lenovo all had at least one vulnerability that could result in complete compromise of system, Duo Security report says.

Dark Reading At 10 Years: Learning From The Best

Commentary | 5/31/2016 |

Kudos to the Dark Reading community for strengthening the security industry with all its passion and opinions.

Wekby 'Pisloader' Abuses DNS

News | 5/31/2016 |

New malware family 'pisloader' uses DNS requests for command and control.

10 Sea-Changing IT Security Trends Of The Last 10 Years

News | 5/31/2016 |

A look at ten of the megatrends that have shaped IT security -- and in some cases, enterprise business -- over the last decade.

Adobe Flash: 6 Tips For Blocking Exploit Kits

Slideshows | 5/31/2016 |

While Adobe does a good job patching exploits, there are additional steps security staffs can take to hedge their bets.

Insiders Involved In Bangladesh Bank Cyber Theft?

Quick Hits | 5/31/2016 |

Government-ordered probe points to bank officials' possible involvement -- report to be released soon.

No Cybersecurity Exec In Nearly Half Of Companies, UAE Survey Finds

Quick Hits | 5/31/2016 |

New DarkMatter survey exposes security concerns and issues.

How Security And IT Teams Can Get Along: 4 Ways

News | 5/31/2016 |

Security managers need to change the conversation with IT teams, showing how to secure critical assets without stifling innovation and business processes.

Ultimate Guide To DDoS Protection: Strategies And Best Practices

Commentary | 5/30/2016 |

3 comments

To be in the best position to defend against DDoS, companies need to protect against a range of exploitable vulnerabilities -- and have the tools to detect and react to attacks.

SWIFT Proposes New Measures For Bolstering Its Security

News | 5/27/2016 |

5 comments

Measures come amid news that up to 12 banks may have fallen victim to attacks attempting to steal millions via the SWIFT network.

Ultimate Guide To DDoS Protection: DDoS Is A Business Problem

Commentary | 5/27/2016 |

In the first of a two-part series, we examine the impact DDoS attacks have on business continuity – and why it is so much more than a network security problem.

FBI Report: Deconstructing The Wide Scope Of Internet Crime

Slideshows | 5/27/2016 |

Hottest crimes reported to IC3 last year include ransomware and email scams via business email compromise and all account compromise attacks.

USB-Charging 'Handshake' Exposes Smartphones To Infection

Quick Hits | 5/27/2016 |

Research by security firm says phone details can be accessed and malware transferred when device is plugged into computer.

More Banks May Have Been Hacked Via SWIFT

Quick Hits | 5/27/2016 |

FireEye said to investigate breaches similar to that of Bangladesh Bank, of around 12 financial institutions, mostly out of in Southeast Asia.

DNS Management Provider Hit With Sophisticated, 'Precise' DDoS Attacks

News | 5/27/2016 |

NS1 CEO says other DNS providers also have been attacked over the past few months.

What's At Risk When CISOs Say 'No'

News | 5/26/2016 |

Employee satisfaction and hundreds of billions in revenue when CISOs don't look for creative ways to secure innovative change.

A Wish List For The Security Conference Stage

Commentary | 5/26/2016 |

All the world may be a stage, but in the theater of cybersecurity, we need a more relevant dialogue of fresh ideas, novel approaches, and new ways of thinking.

Bangladesh Reopens 2013 Cold Case Of Bank Theft Via SWIFT

Quick Hits | 5/26/2016 |

Authorities cite similarities in Sonali Bank hack with February's $81 million central bank theft.

Millennials Could Learn From Baby Boomers When It Comes To Security

News | 5/26/2016 |

New reports show baby boomers have their millennial children beat when it comes to information security.

‘Guccifer’ Pleads Guilty To Hacking US Politicians

Quick Hits | 5/26/2016 |

Romanian hacker, extradited to the US, breached emails of 100 high-profile Americans and publicized their personal information.

Unsung (And Under-Sung) Heroes Of Security

News | 5/25/2016 |

You've heard of the cybersecurity rock stars, but there are plenty of other major contributors to the industry who deserve kudos. In celebration of Dark Reading's 10th anniversary, meet a few of these folks.

New Internet Of Things Security-Certification Program Launched

News | 5/25/2016 |

ICSA Labs now offers a security testing program for IoT products, following the recently announced 'CyberUL' security certification program.

A Newer Variant Of RawPOS: An In-Depth Look

Commentary | 5/25/2016 |

There's no silver bullet for RawPOS prevention, but you can impede RawPOS's ability to execute successfully by understanding how it works.

1 Security Incident x 4 Tools x 8 Roles = 8 Days

Partner Perspectives | 5/25/2016 |

Collaboration can significantly improve this equation.

Apple Rehires Security Expert Jon Callas

Quick Hits | 5/25/2016 |

Move seen as attempt to strengthen encryption features of Apple devices following face-off with FBI.

4 Signs Security Craves More Collaboration

News | 5/25/2016 |

New Intel Security report finds that companies look to work together across departmental lines to remediate security incidents.

APWG: Phishing Attacks Jump 250% From Oct Through March

Quick Hits | 5/25/2016 |

Quarterly and monthly totals are the highest since the Anti-Phishing Working Group began tracking phishing in 2004.

GSA May Offer Bug Bounty Program For Federal Agencies

News | 5/24/2016 |

Researchers will be eligible for bounties of up to $3,500 for discovering bugs in federal agency systems.

Attackers Clobbering Victims With One-Two Punch Of Ransomware And DDoS

News | 5/24/2016 |

7 comments

Encrypted systems now being added to botnets in the latest incarnations of ransomware attacks, with experts expecting this to become standard practice.

Employee Negligence The Cause Of Many Data Breaches

News | 5/24/2016 |

Enterprise privacy and training programs lack the depth to change dangerous user behavior, Experian study finds.

Poor Airport Security Practices Just Don’t Fly

Commentary | 5/24/2016 |

Five lessons learned the hard way by the Tampa International Airport about bringing third parties into a security environment.

How To Manage And Control End User Access

Slideshows | 5/24/2016 |

12 comments

A look at the perils of manual user-access provisioning and ways to streamline and better manage the process via automation.

NBA Players' Financial Data Exposed In BEC Email Scam

Quick Hits | 5/24/2016 |

NBA franchise employee mistakenly emails 2015 tax data of NBA team fraudster, say sources.

Google To Eliminate Passwords For Android Apps

Quick Hits | 5/24/2016 |

7 comments

Project Abacus, in last stage of trial, will employ secure biometrics to unlock devices.

Why Microsoft's New Office 2016 Macro Control Feature Matters

News | 5/23/2016 |

Resurgence in macro attacks result in Microsoft adding new protections from macro abuse.

G7 Global Finance Leaders Push Cybersecurity Framework

Quick Hits | 5/23/2016 |

At G7 meeting, US Treasury official says cybercrime issues 'not going away.'

$13 Million Stolen From Japan ATMs Via Stolen S. African Bank Data

Quick Hits | 5/23/2016 |

4 comments

Coordinated fraudsters hit ATMs at 1,400 Japanese 7-Eleven stores -- before lunch.

What Europe Tells Us About The Future Of Data Privacy

Commentary | 5/23/2016 |

Recent initiatives offer new strategies for balancing technology, security, and organizational policy goals. Here are three approaches worth considering.

TeslaCrypt Ransomware Group Pulls Plug, Releases Decrypt Key

News | 5/20/2016 |

But don’t be surprised if group revives campaign or launches another one, security researchers say.

5 Tips for Protecting Firmware From Attacks

Slideshows | 5/20/2016 |

Don’t let hackers take advantage of holes in firmware. Here’s how to stop them.

Closing the Gender Gap in Cybersecurity: 3 Critical Steps

Commentary | 5/20/2016 |

9 comments

Women in security need to step up as industry role models and set the example for future generations. Here’s how.

Cyber Security A Major Risk To US Financial System: SEC Chief

Quick Hits | 5/20/2016 |

Mary Jo White believes that despite preparedness, procedures in place to fight cyberattacks are inadequate.

Bangladesh Official’s Computer Hacked To Carry Out $81 Million Theft

Quick Hits | 5/20/2016 |

Bangladeshi diplomat shares FBI report with Philippine inquiry panel on Bangladesh Bank theft.

Epic Security #FAILS Of The Past 10 Years

News | 5/19/2016 |

3 comments

In honor of Dark Reading's 10-year anniversary, a look at ten of the biggest failed security trends, technologies, and tactics.

OPM Breach: ‘Cyber Sprint’ Response More Like A Marathon

News | 5/19/2016 |

Sixty-five percent of federal security execs surveyed in new (ISC)2 report say that government still can’t detect ongoing cyber attacks.

IoT Security By The Numbers

Slideshows | 5/19/2016 |

Some recent stats on adoption rates and perceptions about risks surrounding the Internet of Things.

5 Reasons Enterprises Still Worry About Cloud Security

News | 5/19/2016 |

Cloud spending and adoption has been on the rise for years, but the gap in cloud security confidence still causes pause with enterprises.

Why Security Investigators Should Care About Forensic Research

Commentary | 5/19/2016 |

Despite the promise of expanded visibility into the user trail behind a data breach, the security industry has largely ignored the meticulous advances of forensic researchers. Privacy is just one reason for the snub.

Looking Forward: A Skilled Security Talent Shortage Looms

Partner Perspectives | 5/19/2016 |