Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Google Uncovers Massive iPhone Attack Campaign
A group of hacked websites has been silently compromising fully patched iPhones for at least two years, Project Zero reports.
Google Announces New, Expanded Bounty Programs
The company is significantly expanding the bug-bounty program for Google Play and starting a program aimed at user data protection.
Google Cloud Releases Beta of Managed Service to Microsoft AD
Managed Service for Microsoft Active Directory was built to help admins handle cloud-based workloads.
Malware Found in Android App with 100M Users
CamScanner, a legitimate app used to scan and manage documents, was found executing payloads on Android devices.
Imperva Customer Database Exposed
A subset of customers for the company's Incapsula web application firewall had their email addresses, hashed/salted passwords, and more open to unauthorized access, Imperva announced.
CrowdStrike Launches Fund for Early-Stage Endpoint Security Startups
It's goal is to accelerate delivery of third-party apps that add on and extend the company's Falcon cloud-hosted services.
WannaCry Remains No. 1 Ransomware Weapon
Of all of the ransomware variants spotted targeting victims in the first half of 2019, the infamous WannaCry was by far the most prevalent, according to Trend Micro's detection data.
6 Ways Airlines and Hotels Can Keep Their Networks Secure
As recent news can attest, travel and hospitality companies are prime targets for cybercriminals. Here are six privacy and security tips that can help lock down privacy and security.
More Than Half of Social Media Login Attempts Are Fraud
Overall, account registrations for tech companies are four times more likely to be malicious than legitimate, a new report states.
IBM Announces Quantum Safe Encryption
Techniques too tough for quantum computing solutions will be part of public cloud and tape storage encryption.
VMware to Buy Carbon Black for $2.1B
Virtual machine giant's big cloud move includes plans to shell out $2.7 billion in stock transactions for Pivotal Software.
Capital One Breach: What Security Teams Can Do Now
Knowing the methods of the attacker, as laid out in the federal indictment, allow us to prevent similar attacks.
Microsoft Tops Phishers' Favorite Brands as Facebook Spikes
Microsoft remains the favorite brand to spoof in phishing campaigns, but more attackers are impersonating Facebook.
Threat Intelligence Gateways: A Useful Adjunct to Overworked Perimeter Security
Comparative research shows the relative strengths and weaknesses of five TIG vendors and which kinds of security organization will reap the most benefit.
LinkedIn Details Features of Fight Against Fakes
A recent blog post explains how the social network is fighting to protect its users from interactions with fake accounts.
Splunk Buys SignalFx for $1.05 Billion
Deal will yield 'one platform that can monitor the entire enterprise application lifecycle,' Splunk CEO says.
MoviePass Leaves Credit Card Numbers, Personal Data Exposed Online
Thousands of customers' credit card numbers, MoviePass card numbers, and sensitive data were left in an unprotected database.
'Box Shield' Brings New Security Controls
New controls and threat detection capabilities built into Box aim to prevent accidental data leakage and misuse.
New Confidential Computing Consortium Includes Google, Intel, Microsoft
The Linux Foundation plans to form a community to "define and accelerate" the adoption of confidential computing.
7 Big Factors Putting Small Businesses At Risk
Small organizations still face a long list of security threats. These threats and vulnerabilities should be top of mind.
Cyberthreats Against Financial Services Up 56%
Financial institutions interacting with customers online must prepare for a broader, more sophisticated variety of threats.
US Chamber of Commerce, FICO Report National Risk Score of 688
While the score was up for large businesses and down for small firms, the report urges all to prioritize third-party risk management.
European Central Bank Website Hit by Malware Attack
The website was infected with malware that stole information on subscribers to a bank newsletter.
7 Biggest Cloud Security Blind Spots
Cloud computing boon is for innovation, yet security organizations find themselves running into obstacles.
Why Companies Fail to Learn from Peers' Mistakes (and How They Can Change)
Far too often, there's a new breach in the headlines. Companies need to start learning some obvious lessons.
Microservices Flip App Security on Its Head
With faster application deployment comes increased security considerations.
Microsoft Patches Wormable RCE Vulns in Remote Desktop Services
Similar to the now-patched 'BlueKeep' vulnerability, two flaws fixed today could let malware spread across vulnerable computers.
700K Guest Records Stolen in Choice Hotels Breach
Cybercriminals reportedly stole the information from an exposed MongoDB database on a third-party server.
History Doesn't Repeat Itself in Cyberspace
The 10th anniversary of the US Cyber Command is an opportunity to prepare for unknowns in the rapidly changing cybersecurity landscape.
DEF CON Voting Village: It's About 'Risk'
DHS, security experts worry about nation-state or other actors waging a disruptive or other attack on the 2020 election to sow distrust of the election process.
Dark Reading News Desk Live at Black Hat USA 2019
Watch right here for 40 video interviews with speakers and sponsors. Streaming live from Black Hat USA Wednesday and Thursday 2 p.m. to 6 p.m. Eastern.
Enterprises Must Be Wary of Ransomware Targeting Network File Shares & Cloud Assets
New research shows that criminals are evolving ransomware attacks against servers, network hosts, and IaaS cloud assets in search of bigger payoffs from businesses.
Microsoft Opens Azure Security Lab, Raises Top Azure Bounty to $40K
Microsoft has invited security experts to 'come and do their worst' to mimic cybercriminals in the Azure Security Lab.
Capital One: What We Should Learn This Time
Where Capital One went wrong, what the bank did right, and more key takeaways from the latest mega-breach.
|
Everything You Need to Know About DNS AttacksIt's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask.
Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted.
Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
