Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
How To Create A Risk 'Pain Chart'
Consultant John Pironti outlines how to execute a risk-based approach to defending corporate assets.
Why Are Security Pros Blasé About Compliance?
A survey of 500 IT and security decision makers in the UK and US shows that a majority are in the dark about regulatory requirements for their business organization.
CryptoWall More Pervasive, Less Profitable Than CryptoLocker
The former CryptoLocker wannabe has netted 625,000 infected systems and more than $1 million in ransoms.
Feds Investigating Breaches At JPMorgan, Other Banks
JPMorgan working with FBI, US Secret Service to determine scope of breach, but other newly reported intrusions at financial firms may not be related.
Backoff, Dairy Queen, UPS & Retail's Growing PoS Security Problem
Retail brands are trying to pass the buck for data security to banks and franchisees, say some experts.
10 Common Software Security Design Flaws
Google, Twitter, and others identify the most common software design mistakes -- compiled from their own organizations -- that lead to security woes and how to avoid them.
How I Hacked My Home, IoT Style
It didn’t take long to find a score of vulnerabilities in my home entertainment, gaming, and network storage systems.
Online Tools For Bug Disclosure Abound
What's driving the bounty of software vulnerability disclosure offerings today from Bugcrowd, HackerOne, and Synack.
Sony, XBox Victims Of DDoS, Hacktivist Threats
Hacktivists from Anonymous and from a presumed Islamic extremist group targeted a variety of online gaming services.
Top 5 Reasons Your Small Business Website is Under Attack
There is no such thing as “too small to hack.” If a business has a website, hackers can exploit it.
27 Million South Koreans Victimized In Online Gaming Heist
16 suspects arrested in South Korea as authorities pursue additional suspects, including a Chinese hacker.
Breach of Homeland Security Background Checks Raises Red Flags
"We should be burning down the house over this," says a GRC expert.
All In For The Coming World of 'Things'
At a Black Hat round table, experts discuss the strategies necessary to lock down the Internet of Things, the most game-changing concept in Internet history.
Healthcare Industry, Feds Talk Information Sharing
Representatives from the healthcare industry as well as government discuss importance of threat intelligence-sharing in light of the Community Health Systems breach.
JP Morgan Targeted In New Phishing Campaign
Double-whammy 'Smash and Grab' hits targets with two ways to steal credentials.
Flash Poll: CSOs Need A New Boss
Only one out of four respondents to our flash poll think the CSO should report to the CIO.
Hacker Or Military? Best Of Both In Cyber Security
How radically different approaches play out across the security industry.
51 UPS Stores' Point-of-Sale Systems Breached
Customers will not receive individual breach notifications.
Heartbleed Not Only Reason For Health Systems Breach
Community Health Systems' bad patching practices are nothing compared to its poor encryption, network monitoring, fraud detection, and data segmentation, experts say.
Website Attack Attempts Via Vegas Rose During Black Hat, DEF CON
Data snapshot from Imperva shows major jump in malicious activity during security and hacker conferences in Sin City.
US, German Researchers Build Android Security Framework
The Android Security Modules (ASM) framework aims to streamline and spread security features, updates to Android devices.
Debugging The Myths Of Heartbleed
Does Heartbleed really wreak havoc without a trace? The media and many technical sites seemed convinced of this, but some of us were skeptical.
Q&A: DEF CON At 22
DEF CON founder Jeff Moss, a.k.a. The Dark Tangent, reflects on DEF CON's evolution, the NSA fallout, and wider security awareness.
Nuclear Regulatory Commission Compromised 3 Times In Past 3 Years
Unnamed actors try to swipe privileged credentials.
Access Point Pinched From Black Hat Show WLAN
A few apparent pranks, practice DDoS attacks, and other mischievous activities were spotted on the Black Hat USA wireless network in Las Vegas this month.
Why John McAfee Is Paranoid About Mobile
Mobile apps are posing expanding risks to both enterprises and their customers. But maybe being paranoid about mobile is actually healthy for security.
Community Health Systems Breach Atypical For Chinese Hackers
Publicly traded healthcare organization's stock goes up as breach notifications go out.
Pakistan The Latest Cyberspying Nation
A look at Operation Arachnophobia, a suspected cyber espionage campaign against India.
Hacker Couture: As Seen At Black Hat USA, BSides, DEF CON
'Leet tattoos, piercings, mega-beards, (the real) John McAfee, and even a cute puppy were among the colorful sights in Las Vegas this month.
Cloud Apps & Security: When Sharing Matters
Sharing documents and data is happening all over the cloud today but not all sharing activity carries equal risk.
Identity And Access Management Market Heats Up
The past few weeks have seen a number of acquisitions and investments surrounding cloud and on-premises IAM vendors.
SuperValu Food Stores Reports Network Intrusion
The company is investigating whether data was breached, but it is already offering customers identity theft protection.
Infographic: 70 Percent of World's Critical Utilities Breached
New research from Unisys and Ponemon Institute finds alarming security gaps in worldwide ICS and SCADA systems within the last 12 months.
Test Drive: GFI LanGuard 2014
LanGuard worked well in the lab and may prove more beneficial to IT operations than security teams.
Traffic To Hosting Companies Hijacked In Crypto Currency Heist
Attacker likely a current or former ISP employee, researchers say.
Stuxnet Exploits Still Alive & Well
Exploits continue abusing a four-year-old bug used in the Stuxnet attack, Kaspersky Lab says.
Why Patching Makes My Heart Bleed
Heartbleed was a simple mistake that was allowed to propagate through "business as usual" patching cycles and change management. It could easily happen again.
Tech Insight: Hacking The Nest Thermostat
Researchers at Black Hat USA demonstrated how they were able to compromise a popular smart thermostat.
Cyberspies Target Chinese Ethnic Group
Academic researchers study phishing emails targeting the World Uyghur Congress (WUC), which represents the Uyghur ethnic group residing in China and in exile.
Internet Of Things Security Reaches Tipping Point
Public safety issues bubble to the top in security flaw revelations.
NSA Collected More Records Than Court Allowed
New documents show the Foreign Intelligence Surveillance Court is stumped by the NSA's "systemic overcollection."
Time To Broaden CompSci Curriculum Beyond STEM
Having a visual arts background may not be the traditional path for a career in infosec, but it’s a skill that makes me no less effective in analyzing malware patterns -- and often faster.
Security Holes Exposed In Trend Micro, Websense, Open Source DLP
Researchers Zach Lanier and Kelly Lum at Black Hat USA took the wraps off results of their security testing of popular data loss prevention software.
UK Reconsidering Biometrics
Parliament is looking for answers about biometrics' privacy, security, future uses, and whether or not legislation is ready for what comes next.
6 Biometric Factors That Are Working Today
From fingerprints to wearable ECG monitors, there are real options in the market that may relegate the despised password to the dustbin of history.
CloudBot: A Free, Malwareless Alternative To Traditional Botnets
Researchers take advantage of cloud service providers' free trials and lousy anti-automation controls to use cloud instances like bots.
Closing The Skills Gap Between Hackers & Defenders: 4 Steps
Improvements in security education, budgets, tools, and methods will help our industry avoid more costly and dangerous attacks and data breaches in the future.
Small IoT Firms Get A Security Assist
BuildItSecure.ly, an initiative where researchers vet code for small Internet of Things vendors, in the spotlight at DEF CON 22.
Researcher Finds Potholes In Vehicle Traffic Control Systems
Hundreds of thousands of road traffic sensors and repeater equipment are at risk of attack, researcher says.
Automakers Openly Challenged To Bake In Security
An open letter sent to automobile manufacturer CEOs asks carmakers to adopt a proposed five-star cyber safety program.
|
The State of Cybersecurity Incident ResponseIn this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
0 Comments
