Pre-Loaded Laptop Software Comes With Security Risks
Laptops from Dell, HP, Asus, Acer and Lenovo all had at least one vulnerability that could result in complete compromise of system, Duo Security report says.
Dark Reading At 10 Years: Learning From The Best
Kudos to the Dark Reading community for strengthening the security industry with all its passion and opinions.
Wekby 'Pisloader' Abuses DNS
New malware family 'pisloader' uses DNS requests for command and control.
10 Sea-Changing IT Security Trends Of The Last 10 Years
A look at ten of the megatrends that have shaped IT security -- and in some cases, enterprise business -- over the last decade.
Adobe Flash: 6 Tips For Blocking Exploit Kits
While Adobe does a good job patching exploits, there are additional steps security staffs can take to hedge their bets.
Insiders Involved In Bangladesh Bank Cyber Theft?
Government-ordered probe points to bank officials' possible involvement -- report to be released soon.
No Cybersecurity Exec In Nearly Half Of Companies, UAE Survey Finds
New DarkMatter survey exposes security concerns and issues.
How Security And IT Teams Can Get Along: 4 Ways
Security managers need to change the conversation with IT teams, showing how to secure critical assets without stifling innovation and business processes.
Ultimate Guide To DDoS Protection: Strategies And Best Practices
To be in the best position to defend against DDoS, companies need to protect against a range of exploitable vulnerabilities -- and have the tools to detect and react to attacks.
SWIFT Proposes New Measures For Bolstering Its Security
Measures come amid news that up to 12 banks may have fallen victim to attacks attempting to steal millions via the SWIFT network.
Ultimate Guide To DDoS Protection: DDoS Is A Business Problem
In the first of a two-part series, we examine the impact DDoS attacks have on business continuity – and why it is so much more than a network security problem.
FBI Report: Deconstructing The Wide Scope Of Internet Crime
Hottest crimes reported to IC3 last year include ransomware and email scams via business email compromise and all account compromise attacks.
USB-Charging 'Handshake' Exposes Smartphones To Infection
Research by security firm says phone details can be accessed and malware transferred when device is plugged into computer.
More Banks May Have Been Hacked Via SWIFT
FireEye said to investigate breaches similar to that of Bangladesh Bank, of around 12 financial institutions, mostly out of in Southeast Asia.
DNS Management Provider Hit With Sophisticated, 'Precise' DDoS Attacks
NS1 CEO says other DNS providers also have been attacked over the past few months.
What's At Risk When CISOs Say 'No'
Employee satisfaction and hundreds of billions in revenue when CISOs don't look for creative ways to secure innovative change.
A Wish List For The Security Conference Stage
All the world may be a stage, but in the theater of cybersecurity, we need a more relevant dialogue of fresh ideas, novel approaches, and new ways of thinking.
Bangladesh Reopens 2013 Cold Case Of Bank Theft Via SWIFT
Authorities cite similarities in Sonali Bank hack with February's $81 million central bank theft.
Millennials Could Learn From Baby Boomers When It Comes To Security
New reports show baby boomers have their millennial children beat when it comes to information security.
‘Guccifer’ Pleads Guilty To Hacking US Politicians
Romanian hacker, extradited to the US, breached emails of 100 high-profile Americans and publicized their personal information.
Unsung (And Under-Sung) Heroes Of Security
You've heard of the cybersecurity rock stars, but there are plenty of other major contributors to the industry who deserve kudos. In celebration of Dark Reading's 10th anniversary, meet a few of these folks.
New Internet Of Things Security-Certification Program Launched
ICSA Labs now offers a security testing program for IoT products, following the recently announced 'CyberUL' security certification program.
A Newer Variant Of RawPOS: An In-Depth Look
There's no silver bullet for RawPOS prevention, but you can impede RawPOS's ability to execute successfully by understanding how it works.
1 Security Incident x 4 Tools x 8 Roles = 8 Days
Collaboration can significantly improve this equation.
Apple Rehires Security Expert Jon Callas
Move seen as attempt to strengthen encryption features of Apple devices following face-off with FBI.
4 Signs Security Craves More Collaboration
New Intel Security report finds that companies look to work together across departmental lines to remediate security incidents.
APWG: Phishing Attacks Jump 250% From Oct Through March
Quarterly and monthly totals are the highest since the Anti-Phishing Working Group began tracking phishing in 2004.
GSA May Offer Bug Bounty Program For Federal Agencies
Researchers will be eligible for bounties of up to $3,500 for discovering bugs in federal agency systems.
Attackers Clobbering Victims With One-Two Punch Of Ransomware And DDoS
Encrypted systems now being added to botnets in the latest incarnations of ransomware attacks, with experts expecting this to become standard practice.
Employee Negligence The Cause Of Many Data Breaches
Enterprise privacy and training programs lack the depth to change dangerous user behavior, Experian study finds.
Poor Airport Security Practices Just Don’t Fly
Five lessons learned the hard way by the Tampa International Airport about bringing third parties into a security environment.
How To Manage And Control End User Access
A look at the perils of manual user-access provisioning and ways to streamline and better manage the process via automation.
NBA Players' Financial Data Exposed In BEC Email Scam
NBA franchise employee mistakenly emails 2015 tax data of NBA team fraudster, say sources.
Google To Eliminate Passwords For Android Apps
Project Abacus, in last stage of trial, will employ secure biometrics to unlock devices.
Why Microsoft's New Office 2016 Macro Control Feature Matters
Resurgence in macro attacks result in Microsoft adding new protections from macro abuse.
G7 Global Finance Leaders Push Cybersecurity Framework
At G7 meeting, US Treasury official says cybercrime issues 'not going away.'
$13 Million Stolen From Japan ATMs Via Stolen S. African Bank Data
Coordinated fraudsters hit ATMs at 1,400 Japanese 7-Eleven stores -- before lunch.
What Europe Tells Us About The Future Of Data Privacy
Recent initiatives offer new strategies for balancing technology, security, and organizational policy goals. Here are three approaches worth considering.
TeslaCrypt Ransomware Group Pulls Plug, Releases Decrypt Key
But don’t be surprised if group revives campaign or launches another one, security researchers say.
5 Tips for Protecting Firmware From Attacks
Don’t let hackers take advantage of holes in firmware. Here’s how to stop them.
Closing the Gender Gap in Cybersecurity: 3 Critical Steps
Women in security need to step up as industry role models and set the example for future generations. Here’s how.
Cyber Security A Major Risk To US Financial System: SEC Chief
Mary Jo White believes that despite preparedness, procedures in place to fight cyberattacks are inadequate.
Bangladesh Official’s Computer Hacked To Carry Out $81 Million Theft
Bangladeshi diplomat shares FBI report with Philippine inquiry panel on Bangladesh Bank theft.
Epic Security #FAILS Of The Past 10 Years
In honor of Dark Reading's 10-year anniversary, a look at ten of the biggest failed security trends, technologies, and tactics.
OPM Breach: ‘Cyber Sprint’ Response More Like A Marathon
Sixty-five percent of federal security execs surveyed in new (ISC)2 report say that government still can’t detect ongoing cyber attacks.
IoT Security By The Numbers
Some recent stats on adoption rates and perceptions about risks surrounding the Internet of Things.
5 Reasons Enterprises Still Worry About Cloud Security
Cloud spending and adoption has been on the rise for years, but the gap in cloud security confidence still causes pause with enterprises.
Why Security Investigators Should Care About Forensic Research
Despite the promise of expanded visibility into the user trail behind a data breach, the security industry has largely ignored the meticulous advances of forensic researchers. Privacy is just one reason for the snub.
Looking Forward: A Skilled Security Talent Shortage Looms
The skilled security workforce crisis will continue for the foreseeable future, even as expert systems are deployed.
LinkedIn: More Than 100 Million Member Accounts Exposed In 2012 Breach
LinkedIn data theft is likely to be much worse than expected with additional data being released now.
|