Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
ADP Users Hit with Phishing Scam Ahead of Tax Season
Fraudulent emails tell recipients their W-2 forms are ready and prompt them to click malicious links.
Phishing Today, Deepfakes Tomorrow: Training Employees to Spot This Emerging Threat
Cybercriminals are evolving their tactics, and the security community anticipates voice and video fraud to play a role in one of the next big data breaches -- so start protecting your business now.
Google Lets iPhone Users Turn Device into Security Key
The iPhone can now be used in lieu of a physical security key as a means of protecting Google accounts.
Client-Side JavaScript Risks & the CCPA
How California's new privacy law increases the liability for securing Web-facing user data, and what enterprises can do to mitigate their risk.
CCPA Kickoff: What Businesses Need to Know
The California Consumer Privacy Act is in full effect, prompting organizations to think about how they'll remain compliant.
'Honoring' CCPA's Binding Principles Nationally Won't Be Easy
Even companies with the reach, capital, and innovative capacity of Microsoft or Google will struggle to adhere to the tenets of California's new consumer privacy law.
The Night Before 'Breachmas'
What does identity management have to do with Charles Dickens' classic 'A Christmas Carol'? A lot more than you think.
IoT Security: How Far We've Come, How Far We Have to Go
As organizations fear the proliferations of connected devices on enterprise networks, the private and public sector come together to address IoT vulnerabilities.
Google Cloud External Key Manager Now in Beta
Cloud EKM is designed to separate data at rest from encryption keys stored in a third-party management system.
How a Password-Free World Could Have Prevented the Biggest Breaches of 2019
If history has taught us anything, it's that hackers can (and will) compromise passwords. Innovation in authentication technology is poised to change that in the coming year.
5 Security Resolutions to Prevent a Ransomware Attack in 2020
Proactively consider tools to detect anomalous behavior, automatically remediate, and segment threats from moving across the network.
7 Tips to Keep Your Family Safe Online Over the Holidays
Security experts offer key cyber advice for family members.
Younger Generations Drive Bulk of 2FA Adoption
Use of two-factor authentication has nearly doubled in the past two years , pointing to a new wave of acceptance.
Only 53% of Security Pros Have Ownership of Workforce IAM
Most practitioners report an increase in identities, but many don't have control over how those identities are protected from a range of attacks.
Password-Cracking Teams Up in CrackQ Release
The open source platform aims to make password-cracking more manageable and efficient for red teams.
Navigating Security in the Cloud
Underestimating the security changes that need to accompany a shift to the cloud could be fatal to a business. Here's why.
A Security Strategy That Centers on Humans, Not Bugs
The industry's fixation on complex exploits has come at the expense of making fundamentals easy and intuitive for end users.
5 Cybersecurity CISO Priorities for the Future
Seven chief information security officers share their pain points and two-year spending plans.
6 Small-Business Password Managers
The right password manager can help bring enterprise-class security to small businesses. Here are a half-dozen candidates to strengthen your access management.
A Realistic Threat Model for the Masses
For many people, overly restrictive advice about passwords and other security practices is doing more harm than good. Here's why.
Twitter Slip-Up Spills MFA Phone Numbers, Emails to Advertisers
Email addresses and phone numbers provided to secure user accounts were accidentally shared with marketers.
10 Steps to Assess SOC Maturity in SMBs
Facing a system and organization controls audit doesn't have to be stressful for small and midsize businesses if they follow these guidelines.
The Future of Account Security: A World Without Passwords?
First step: Convince machines that we are who we say we are with expanded biometrics, including behaviors, locations, and other information that makes "us" us.
IBM Announces Quantum Safe Encryption
Techniques too tough for quantum computing solutions will be part of public cloud and tape storage encryption.
Who Gets Privileged Access & How to Enforce It
Let's begin by re-evaluating IT infrastructures to determine who has access to what, why, and when.
BioStar 2 Leak Exposes 23GB Data, 1M Fingerprints
Thousands of organizations, including banks, governments, and the UK Metropolitan Police, use the biometric security tool to authenticate users.
It's (Still) the Password, Stupid!
The best way to protect your identity in cyberspace is the simplest: Use a variety of strong passwords, and never, ever, use "123456" no matter how easy it is to type.
Mimecast Rejected Over 67 Billion Emails. Here's What It Learned
New research warns that security pros must guard against updates to older malware and more manipulative social-engineering techniques.
Fighting Back Against Mobile Fraudsters
The first step toward identifying and preventing mobile fraud threats is acknowledging that mobile security requires a unique solution.
Capital One: What We Should Learn This Time
Where Capital One went wrong, what the bank did right, and more key takeaways from the latest mega-breach.
Black Hat: A Summer Break from the Mundane and Controllable
Enjoy the respite from the security tasks that await you back at home. Then prepare yourself for the uphill battles to come. Here's how.
Google Cloud Debuts New Security Capabilities
Updates include Advanced Protection Program for the enterprise and general availability of password vaulted apps in Cloud Identity and G Suite.
8 Legit Tools and Utilities That Cybercriminals Commonly Misuse
Threat actors are increasingly 'living off the land,' using publicly available management and administration tools to conceal malicious activity.
A Password Management Report Card
New research on password management tools identifies the relative strengths and weaknesses of 12 competing offerings.
Competing Priorities Mean Security Risks for Small Businesses
Small business IT professionals are trying to balance multiple priorities and finding that the balance often leaves the company with serious security risks.
Insider Threats: An M&A Dealmaker's Nightmare
Because data has never been more portable, taking it has never been easier. And that's a huge problem during mergers and acquisitions.
Intelligent Authentication Market Grows to Meet Demand
Confidence in user identity is critical to prevent fraud and theft, and companies are looking for new ways to get the necessary assurance.
The Case for Encryption: Fact vs. Fiction
The common belief that encryption enables bad behavior primarily used by thieves, international terrorists, and other villainous characters is simply not true. Here's why.
Office 365 Multifactor Authentication Done Right
Why the ubiquitous nature of Office 365 poses unique challenges for MFA-based security and how organizations can protect themselves.
How Hackers Emptied Church Coffers with a Simple Phishing Scam
Cyber thieves aren't bound by a code of ethics. They look for weak targets and high rewards, which is exactly what Saint Ambrose Catholic offered.
The Evolution of Identity
How data and technology can help businesses make the right fraud decisions, protect people's identities, and create an improved customer experience.
Apple Pledges Privacy, Beefs Up Security
The company hits back at the data economy — and fellow tech giants Facebook and Google — by announcing its own single sign-on service. A host of other iterative security improvements are on their way as well.
FirstAm Leak Highlights Importance of Verifying the Basics
The Fortune 500 giant in the real estate industry missed a basic vulnerability in its website, leaving as many as 885 million sensitive records accessible to attackers. The fix: teaching developers the top 10 security issues and frequent testing.
8 Ways to Authenticate Without Passwords
Passwordless authentication has a shot at becoming more ubiquitous in the next few years. We take a look at where things stand at the moment.
Introducing the Digital Transformation Architect
Bet-the-company transformation that expands the attack surface requires close alignment and leadership across executive, IT and security teams.
78% of Consumers Say Online Companies Must Protect Their Info
Yet 68% agree they also must do more to protect their own information.
The Big E-Crime Pivot
Criminals have begun to recognize that enterprise ransomware offers tremendous financial advantage over the more traditional tactics of wire fraud and account takeover.
Why Are We Still Celebrating World Password Day?
Calls to eliminate the password abound on this World Password Day – and the technology to change is ready. So why can't we get off our password habit?
World Password Day or Groundhog Day?
Despite decades trying to fortify our passwords with bolt-on solutions, attackers have always found ways to defeat them. Here are four reasons why.
California Consumer Privacy Act: 4 Compliance Best Practices
Companies that get ahead of the January 2020 data privacy deadline can minimize the risk of sanctions and also gain a competitive advantage in the marketplace.
|
Latest Comment: This comment is waiting for review by our moderators.
The Year in Security: 2019This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
![[Just Released] How Enterprises are Attacking the Cybersecurity Problem](https://dsimg.ubm-us.net/asset/413163/625983/report%20thumbnail.PNG)
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Tweet This
7 Comments
