Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Microsoft's Records Management Tool Aims to Simplify Data Governance
Records Management is intended to help businesses manage security and data governance as more struggle to handle increased amounts of data and regulatory requirements.
Researchers Find Baby Banking Trojan, Watch It Grow
EventBot is an Android information stealer on its way to becoming a very capable piece of malware.
Researchers Find Vulnerabilities in Popular Remote Learning Plug-ins
As more students move to online learning platforms, vulnerability researchers are revealing security flaws in some common software plug-ins.
Rapid7 Announces Plan to Buy DivvyCloud
The purchase will boost Rapid7's multicloud capabilities.
New Startup Accurics Tackles Cloud Infrastructure Security
Accurics offers a free product to prevent "drift" between infrastructure defined through code and infrastructure running in the cloud.
Top 10 Cyber Incident Response Mistakes and How to Avoid Them
From lack of planning to rushing the closure of incidents, these mistakes seriously harm IR effectiveness.
Cloud Services Are the New Critical Infrastructure. Can We Rely on Them?
If cloud services vendors successfully asked themselves these three questions, we'd all be better off.
Paay Misconfiguration Leaves Transaction Data Exposed
The New York-based credit-card processor left a server without password protection for approximately three weeks.
Communication, Cloud & Finance Apps Most Vulnerable to Insider Threat
Businesses say customer data, financial data, and intellectual property are the types of data most vulnerable to insider attacks.
IBM Cloud Data Shield Brings Confidential Computing to Public Cloud
The Cloud Data Shield relies on confidential computing, which protects data while it's in use by enterprise applications.
Automated Bots Are Increasingly Scraping Data & Attempting Logins
The share of bot traffic to online sites declines, but businesses are seeing an overall increase in automated scraping of data, login attempts, and other detrimental activity.
7 Steps to Avoid the Top Cloud Access Risks
Securing identities and data in the cloud is challenging, but a least-privilege access approach helps.
COVID-Themed Phishing Messages Fill Phishing Filters on Gmail
In the past week, Google says it identified more than 18 million daily phishing messages featuring coronavirus themes.
10 Standout Security M&A Deals from Q1 2020
The first quarter of 2020 brought investments in enterprise IoT and endpoint security, as well as billion-dollar investments from private equity firms.
Neglected Infrastructure, Invasive Tech to Plague Infosec in 2022
Researchers outline cybersecurity threats they predict businesses will face in two years as technology evolves.
Arxan Technologies Joins New Software Company Digital.ai
The application security provider teams up with CollabNet VersionOne and XebiaLabs to create Digital.ai, a new enterprise DevOps platform.
Slack's Incoming Webhooks Can Be Weaponized in Phishing Attacks
Researchers report how attackers could weaponize a feature in the Slack collaboration platform to access corporate data and messages.
Cybersecurity Prep for the 2020s
The more things change, the more they stay the same. Much of the world is still behind on the basics.
TikTok Vulnerability Leaves Users Open to Fake News
A vulnerability in the way TikTok requests and receives video content could leave users streaming video from bogus servers.
Apple Is Top Pick for Brand Phishing Attempts
Ten percent of all brand phishing attempts in the first quarter of 2020 tried to deceive victims by imitating the Apple brand.
You're One Misconfiguration Away from a Cloud-Based Data Breach
Don't assume that cyberattacks are all you have to worry about. Misconfigurations should also be a top cause of concern.
7 Ways COVID-19 Has Changed Our Online Lives
The pandemic has driven more of our personal and work lives online – and for the bad guys, business is booming. Here's how you can protect yourself.
Network Data Shows Spikes, Vulnerability of Work-at-Home Shift
Traffic on the public Internet has grown by half this year, and videoconferencing bandwidth has grown by a factor of five, all driven by remote-work edicts.
Only 40% of Small Business Owners Have a Cybersecurity Policy
Small business owners are concerned about cyberattacks targeting remote workers but lack the resources to invest in security.
Zscaler to Buy Cloudneeti
The security service provider adds cloud security "posture" management with the deal.
Zoom, Microsoft & NTT Data Leaders Share Work-from-Home Security Tips
Tech leaders encourage organizations to maintain security awareness training and offer advice on how to protect their information.
Microsoft Releases COVID-19 Security Guidance
Information includes tips on how to keep IT systems infection-free.
Why Threat Hunting with XDR Matters
Extended detection response technology assumes a breach across all your endpoints, networks, SaaS applications, cloud infrastructure, and any network-addressable resource.
Misconfigured Containers Again Targeted by Cryptominer Malware
An attack group is searching for insecure containers exposing the Docker API and then installing a program that attempts to mine cryptocurrency. It's not the first time.
Want to Improve Cloud Security? It Starts with Logging
Remedying the "garbage in, garbage out" problem requires an understanding of what is causing the problem in the first place.
|
Everything You Need to Know About DNS AttacksIt's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask.
Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted.
Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
