Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
@jack Got Hacked: Twitter CEO's Tweets Hijacked
Twitter CEO Jack Dorsey's Twitter account was, apparently, hijacked for roughly 20 minutes and used for a racist rant.
New Credential-Theft Attack Weaponizes DNS
The recently discovered campaign sends stolen data out of the network as part of a DNS query.
Google Uncovers Massive iPhone Attack Campaign
A group of hacked websites has been silently compromising fully patched iPhones for at least two years, Project Zero reports.
Overburdened SOC Analysts Shift Priorities
Many SOC analysts are starting to shut off high-alert features to keep pace with the volume, new study shows.
To Navigate a Sea of Cybersecurity Solutions, Learn How to Fish
Three steps for relieving the pressure of picking the right tools.
7 Breaches & Hacks That Throw Shade on Biometric Security
Stolen fingerprints, fake hands, voice synthetization, and other nefarious techniques show biometrics has plenty of challenges.
Cisco Maxes Out Its CVE Severity
Cisco had to take itself to the virtual woodshed this week after issuing a security advisory about its IOS XE operating system.
Retadup Worm Squashed After Infecting 850K Machines
An operation involving French law enforcement, the FBI, and Avast forces Retadup to delete itself from victim machines.
Google Announces New, Expanded Bounty Programs
The company is significantly expanding the bug-bounty program for Google Play and starting a program aimed at user data protection.
Bug Bounties Continue to Rise, but Market Has Its Own 1% Problem
The average payout for a critical vulnerability has almost reached $3,400, but only the top bug hunters of a field of 500,000 are truly profiting.
Google Cloud Releases Beta of Managed Service to Microsoft AD
Managed Service for Microsoft Active Directory was built to help admins handle cloud-based workloads.
New Botnet Targets Android Set-Top Boxes
ARES has already infected thousands of devices and is growing, IoT security firm says.
AV Vendor & French Gendarmerie Take Down a Transnational Worm
The good guys got lucky this time.
Privacy 2019: We're Not Ready
To facilitate the innovative use of data and unlock the benefits of new technologies, we need privacy not just in the books but also on the ground.
Facebook Patches Second Account-Takeover Flaw in Instagram
The password-recovery mechanism once again puts users of the photo- and video-sharing platform at risk.
Magecart Shops for Victims as E-Commerce Market Grows
In 2.5 hours of research, one security expert uncovered more than 80 actively compromised ecommerce websites.
TrickBot Comes to Cellular Carriers
A new malicious campaign seeks cell account PINs from victims.
Fancy Bear Dons Plain Clothes to Try to Defeat Machine Learning
An analysis of a sample published by the US government shows Russian espionage group APT28, also known as Fancy Bear, has stripped down its initial infector in an attempt to defeat ML-based defenses.
Malware Found in Android App with 100M Users
CamScanner, a legitimate app used to scan and manage documents, was found executing payloads on Android devices.
Securing Our Infrastructure: 3 Steps OEMs Must Take in the IoT Age
Security has lagged behind adoption of the Internet of Things. The devices hold much promise, but only if a comprehensive security model is constructed.
Imperva Customer Database Exposed
A subset of customers for the company's Incapsula web application firewall had their email addresses, hashed/salted passwords, and more open to unauthorized access, Imperva announced.
CrowdStrike Launches Fund for Early-Stage Endpoint Security Startups
It's goal is to accelerate delivery of third-party apps that add on and extend the company's Falcon cloud-hosted services.
New 'Lyceum' Threat Group Eyes Critical Infrastructure
Researchers report Lyceum, otherwise known as Hexane, has targeted organizations in South Africa and the Middle East.
Enterprise Firms Are Simplifying & Securing Networks With a More Flexible Network Edge
Distributed enterprises are on a digital transformation journey. As a result, enterprises are turning to secure SD-WAN to deploy a robust networking ecosystem that accelerates their digital transformation.
WannaCry Remains No. 1 Ransomware Weapon
Of all of the ransomware variants spotted targeting victims in the first half of 2019, the infamous WannaCry was by far the most prevalent, according to Trend Micro's detection data.
Unsecured IoT: 8 Ways Hackers Exploit Firmware Vulnerabilities
As new Internet of Things products enter the market, speed shouldn't trump concerns about security.
6 Ways Airlines and Hotels Can Keep Their Networks Secure
As recent news can attest, travel and hospitality companies are prime targets for cybercriminals. Here are six privacy and security tips that can help lock down privacy and security.
Consumers Urged to Secure Their Digital Lives
Security options for consumers improve as Internet of Things devices invade homes and data on consumers proliferates online.
NSA to Share Added Security for Firmware Functions
Most people think of the National Security Agency as the home of operational intelligence gathering. But many people are unaware of the research that it has done and released to the public.
Apple Releases Emergency Patch for iPhone Jailbreak Flaw
iOS version 12.4.1 fixes the "use after free" vulnerability.
More Than Half of Social Media Login Attempts Are Fraud
Overall, account registrations for tech companies are four times more likely to be malicious than legitimate, a new report states.
3 Arrested in Transnational Fraud Indictments
According to the indictments, the accused impersonated government officials when they demanded money from their victims.
IRS Alerts Taxpayers to New Email Scam
A spoofed IRS.gov link leads victims to a fraudulent Web page where they are prompted to download malware.
Cryptography & the Hype Over Quantum Computing
It's not time to move to post-quantum cryptography yet -- too many things are still up in the air. But you can start to become prepared by making sure your infrastructure is agile.
IBM Announces Quantum Safe Encryption
Techniques too tough for quantum computing solutions will be part of public cloud and tape storage encryption.
80 Charged in Massive BEC Operation Bust
A group of mostly Nigerian nationals attempted to steal $46 million through business email compromise and romance scams, the FBI reports.
VMware to Buy Carbon Black for $2.1B
Virtual machine giant's big cloud move includes plans to shell out $2.7 billion in stock transactions for Pivotal Software.
Nuclear Plant Security Compromised by Financially Motivated Insiders
Equipment at a nuclear power plant in Ukraine was used to mine cryptocurrency.
Newly Registered Domains Mean New Problems – Palo Alto
Why NRDs should matter to the security community.
Capital One Breach: What Security Teams Can Do Now
Knowing the methods of the attacker, as laid out in the federal indictment, allow us to prevent similar attacks.
10 Low-Cost (or Free!) Ways to Boost Your Security AI Skills
The following hardware and software options will amplify your know-how about artificial intelligence and how to apply it to security — without busting any budgets.
New Malware Variant Targets Old Adobe, Office Vulnerabilities
Criminals appear to have developed it knowing some users have not patched or updated to newer versions, Trend Micro says.
|
2021 Top Enterprise IT TrendsWe've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Tweet This
0 Comments
