Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Strata Identity Raises $11M in Series A Round
The series A round of funding, led by Menlo Ventures, will help Strata scale its distributed identity technology.
7 Things We Know So Far About the SolarWinds Attacks
Two months after the news first broke, many questions remain about the sophisticated cyber-espionage campaign.
SolarWinds Attack Reinforces Importance of Principle of Least Privilege
Taking stock of least-privilege policies will go a long way toward hardening an organization's overall security posture.
Digital Identity Is the New Security Control Plane
Simplifying the management of security systems helps provide consistent protection for the new normal.
COVID-19's Acceleration of Cloud Migration & Identity-Centric Security
Here are some tips for updating access control methods that accommodate new remote working norms without sacrificing security.
HelpSystems Acquires Data Security Firm Vera
The purchase is intended to increase London-based HelpSystems' file collaboration security capabilities.
White Ops Announces Its Acquisition
A group including Goldman Sachs Merchant Banking Division, ClearSky Security, and NightDragon has purchased the human verification technology company.
Corporate Credentials for Sale on the Dark Web: How to Protect Employees and Data
It's past time to retire passwords in favor of other methods for authenticating users and securing systems.
Why I'd Take Good IT Hygiene Over Security's Latest Silver Bullet
Bells and whistles are great, but you can stay safer by focusing on correct configurations, posture management, visibility, and patching.
Evidence-Based Trust Gets Black Hat Europe Spotlight
An FPGA-based system could change the balance of power between hardware attackers and defenders within IT security.
Apple Issues Security Updates
Vulnerabilities found in three most recent versions of macOS.
Credential Stuffing Fills E-commerce Pipeline in 2020
There were 1.3 billion attacks in the third quarter alone, according to new analysis from Arkose Labs.
Barracuda to Acquire Fyde for Zero-Trust Capabilities
Plans call for expanding the Barracuda CloudGen SASE platform.
Claroty Details Vulnerabilities in Schneider PLCs
The vulnerabilities in a common line of programmable logic controllers could allow attackers to gain control of industrial equipment.
Cloud Usage, Biometrics Surge As Remote Work Grows Permanent
A new report reveals organizations are increasing their adoption of biometric authentication and disallowing SMS as a login method.
FTC Announces Consent Agreement With Zoom
The agreement covers Zoom's misleading statements on security for its audio and video calling.
7 Online Shopping Tips for the Holidays
The holidays are right around the corner, and that means plenty of online shopping. These tips will help keep you safe.
How to Increase Voter Turnout & Reduce Fraud
Digital identity verification has advanced, both technologically and legislatively. Is it the answer to simpler, safer voting?
6 Ways Passwords Fail Basic Security Tests
New data shows humans still struggle with password creation and management.
Neural Networks Help Users Pick More-Secure Passwords
Typically, blocklists are used to prevent users from picking easily guessable patterns, but a small neural network can do the same job and suggests that complex password requirements are not necessary.
Credential-Stuffing Attacks Plague Loyalty Programs
But that's not the only type of web attack cybercriminals have been profiting from.
Modern Day Insider Threat: Network Bugs That Are Stealing Your Data
Attacks involving an unmanaged device and no malware expose gaps in cybersecurity that must be addressed.
Businesses Rethink Endpoint Security for 2021
The mass movement to remote work has forced organizations to rethink their long-term plans for endpoint security. How will things look different next year?
Building the Human Firewall
Cybersecurity was a challenge before COVID-19 sent millions of employees home to work from their own devices and networks. Now what?
Online Voting Is Coming, but How Secure Will It Be?
It's time for state governments to act as leaders, adopt digital ID standards, enable new online voting systems, and provide broad-based access to all communities for the benefit of all.
Why MSPs Are Hacker Targets, and What To Do About It
Managed service providers are increasingly becoming the launching pad of choice for ransomware and other online malfeasance.
'Father of Identity Theft' Sentenced to 207 Months
James Jackson was convicted of mail fraud, aggravated identity theft, access device fraud, and theft of mail last year.
MFA-Minded Attackers Continue to Figure Out Workarounds
While MFA can improve overall security posture, it's not a "silver bullet" -- and hacks continue.
Research Finds Nearly 800,000 Access Keys Exposed Online
The keys were primarily for access to databases and cloud services.
Zoom Brings Two-Factor Authentication to All Users
This marks the latest step Zoom has taken to improve user security as more employees work from home.
7 Cybersecurity Priorities for Government Agencies & Political Campaigns
As election season ramps up, organizations engaged in the process must strengthen security to prevent chaos and disorder from carrying the day. Here's how.
Top 5 Identity-Centric Security Imperatives for Newly Minted Remote Workers
In the wake of COVID-19, today's remote workforce is here to stay, at least for the foreseeable future. And with it, an increase in identity-related security incidents.
Don't Forget Cybersecurity on Your Back-to-School List
School systems don't seem like attractive targets, but they house lots of sensitive data, such as contact information, grades, health records, and more.
Deep Fake: Setting the Stage for Next-Gen Social Engineering
Humans are susceptible to normalcy bias, which may leave us vulnerable to disinformation that reinforces our beliefs.
Twitter Hack: The Spotlight that Insider Threats Need
The high profile attack should spur serious board-level conversations around the importance of insider threat prevention.
Office 365's Vast Attack Surface & All the Ways You Don't Know You're Being Exploited Through It
Mandiant incident response managers Josh Madeley and Doug Bienstock describe how thoroughly Microsoft 365 (formerly known as Office 365) extends into corporate networks, describe both sophisticated and simple attacks they’ve detected, and suggest mitigations as businesses rely more heavily on the cloud.
Pandemic Credential Stuffing: Cybersecurity's Ultimate Inside Job
How stolen credentials for services like Zoom and password reuse practices threaten to compromise other accounts and applications.
Back to Basics with Cloud Permissions Management
By using the AAA permissions management framework for cloud operations, organizations can address authentication, authorization, and auditing.
3 Things Wilderness Survival Can Teach Us About Email Security
It's a short hop from shows like 'Naked and Afraid' and 'Alone' to your email server and how you secure it
The Telehealth Attack Surface
Amid the surge in digital healthcare stemming from the coronavirus pandemic, security is taking a backseat to usability.
CSO's Guide to 'Employee-First' Security Operations During COVID-19 & Beyond
As the work-at-home environment continues to inform new ways of doing business, it's important that security teams remain flexible and ready for change.
What Government Contractors Need to Know About NIST, DFARS Password Reqs
Organizations that fail to comply with these rules can get hit with backbreaking fines and class-action lawsuits.
Americans Care About Security But Don't Follow Through
Most Americans say they're very concerned about online security but still behave in insecure ways, according to a new survey.
Identité Comes Out of Stealth
Startup emerges with three-factor, no-password authentication.
Microsoft Identity VP Shares How and Why to Ditch Passwords
Passwords are on their way out, says Joy Chik, who offers guidance for businesses hoping to shift away from them.
Zoom Acquires Keybase, Plans for End-to-End Encrypted Chats
The company's first acquisition to date is part of a 90-day plan to improve security in its video communications platform.
Pandemic Could Accelerate Passwordless Authentication
As we celebrate another World Password Day, security pros are hopeful that when we move out of the stay-at-home period, companies will continue to focus on digital technologies – and ditching passwords.
Breach Hits GoDaddy SSH Customers
The October 2019 breach left some customer data open to hacking eyes.
Best Practices for Managing a Remote SOC
Experts share what it takes to get your security analysts effectively countering threats from their home offices.
Industrial Networks' Newest Threat: Remote Users
We know remote working isn't going away anytime soon, so it's crucial we be extra vigilant about security for industrial networks and critical infrastructure.
|
Latest Comment: This comment is waiting for review by our moderators.
2021 Top Enterprise IT TrendsWe've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Tweet This
0 Comments
