Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
6 Small-Business Password Managers
The right password manager can help bring enterprise-class security to small businesses. Here are a half-dozen candidates to strengthen your access management.
A Realistic Threat Model for the Masses
For many people, overly restrictive advice about passwords and other security practices is doing more harm than good. Here's why.
Twitter Slip-Up Spills MFA Phone Numbers, Emails to Advertisers
Email addresses and phone numbers provided to secure user accounts were accidentally shared with marketers.
10 Steps to Assess SOC Maturity in SMBs
Facing a system and organization controls audit doesn't have to be stressful for small and midsize businesses if they follow these guidelines.
The Future of Account Security: A World Without Passwords?
First step: Convince machines that we are who we say we are with expanded biometrics, including behaviors, locations, and other information that makes "us" us.
IBM Announces Quantum Safe Encryption
Techniques too tough for quantum computing solutions will be part of public cloud and tape storage encryption.
Who Gets Privileged Access & How to Enforce It
Let's begin by re-evaluating IT infrastructures to determine who has access to what, why, and when.
BioStar 2 Leak Exposes 23GB Data, 1M Fingerprints
Thousands of organizations, including banks, governments, and the UK Metropolitan Police, use the biometric security tool to authenticate users.
It's (Still) the Password, Stupid!
The best way to protect your identity in cyberspace is the simplest: Use a variety of strong passwords, and never, ever, use "123456" no matter how easy it is to type.
Mimecast Rejected Over 67 Billion Emails. Here's What It Learned
New research warns that security pros must guard against updates to older malware and more manipulative social-engineering techniques.
Fighting Back Against Mobile Fraudsters
The first step toward identifying and preventing mobile fraud threats is acknowledging that mobile security requires a unique solution.
Capital One: What We Should Learn This Time
Where Capital One went wrong, what the bank did right, and more key takeaways from the latest mega-breach.
Black Hat: A Summer Break from the Mundane and Controllable
Enjoy the respite from the security tasks that await you back at home. Then prepare yourself for the uphill battles to come. Here's how.
Google Cloud Debuts New Security Capabilities
Updates include Advanced Protection Program for the enterprise and general availability of password vaulted apps in Cloud Identity and G Suite.
8 Legit Tools and Utilities That Cybercriminals Commonly Misuse
Threat actors are increasingly 'living off the land,' using publicly available management and administration tools to conceal malicious activity.
A Password Management Report Card
New research on password management tools identifies the relative strengths and weaknesses of 12 competing offerings.
Competing Priorities Mean Security Risks for Small Businesses
Small business IT professionals are trying to balance multiple priorities and finding that the balance often leaves the company with serious security risks.
Insider Threats: An M&A Dealmaker's Nightmare
Because data has never been more portable, taking it has never been easier. And that's a huge problem during mergers and acquisitions.
Intelligent Authentication Market Grows to Meet Demand
Confidence in user identity is critical to prevent fraud and theft, and companies are looking for new ways to get the necessary assurance.
The Case for Encryption: Fact vs. Fiction
The common belief that encryption enables bad behavior primarily used by thieves, international terrorists, and other villainous characters is simply not true. Here's why.
Office 365 Multifactor Authentication Done Right
Why the ubiquitous nature of Office 365 poses unique challenges for MFA-based security and how organizations can protect themselves.
How Hackers Emptied Church Coffers with a Simple Phishing Scam
Cyber thieves aren't bound by a code of ethics. They look for weak targets and high rewards, which is exactly what Saint Ambrose Catholic offered.
The Evolution of Identity
How data and technology can help businesses make the right fraud decisions, protect people's identities, and create an improved customer experience.
Apple Pledges Privacy, Beefs Up Security
The company hits back at the data economy — and fellow tech giants Facebook and Google — by announcing its own single sign-on service. A host of other iterative security improvements are on their way as well.
FirstAm Leak Highlights Importance of Verifying the Basics
The Fortune 500 giant in the real estate industry missed a basic vulnerability in its website, leaving as many as 885 million sensitive records accessible to attackers. The fix: teaching developers the top 10 security issues and frequent testing.
8 Ways to Authenticate Without Passwords
Passwordless authentication has a shot at becoming more ubiquitous in the next few years. We take a look at where things stand at the moment.
Introducing the Digital Transformation Architect
Bet-the-company transformation that expands the attack surface requires close alignment and leadership across executive, IT and security teams.
78% of Consumers Say Online Companies Must Protect Their Info
Yet 68% agree they also must do more to protect their own information.
The Big E-Crime Pivot
Criminals have begun to recognize that enterprise ransomware offers tremendous financial advantage over the more traditional tactics of wire fraud and account takeover.
Why Are We Still Celebrating World Password Day?
Calls to eliminate the password abound on this World Password Day – and the technology to change is ready. So why can't we get off our password habit?
World Password Day or Groundhog Day?
Despite decades trying to fortify our passwords with bolt-on solutions, attackers have always found ways to defeat them. Here are four reasons why.
California Consumer Privacy Act: 4 Compliance Best Practices
Companies that get ahead of the January 2020 data privacy deadline can minimize the risk of sanctions and also gain a competitive advantage in the marketplace.
A Rear-View Look at GDPR: Compliance Has No Brakes
With a year of Europe's General Data Protection Regulation under our belt, what have we learned?
Will the US Adopt a National Privacy Law?
Probably not before the 2020 election. But keep an eye on this Congress as legislators debate how to define personal data and what limits to place on how companies use it.
4 Tips to Protect Your Business Against Social Media Mistakes
Don't let social media become the go-to platform for cybercriminals looking to steal sensitive corporate information or cause huge reputational damage.
In Security, All Logs Are Not Created Equal
Prioritizing key log sources goes a long way toward effective incident response.
Credential-Stuffing Attacks Behind 30 Billion Login Attempts in 2018
Using e-mail addresses and passwords from compromised sites, attackers most often targeted retail sites, video-streaming services, and entertainment companies, according to Akamai.
TLS 1.3: A Good News/Bad News Scenario
Stronger encryption standards are improving the privacy of data in motion, but enterprises will need to adapt their security architectures to maintain visibility into network traffic.
Stealing Corporate Funds Still Top Goal of Messaging Attacks
Cybercriminals focus on collecting credentials, blackmailing users with fake sextortion scams, and convincing privileged employees to transfer cash. The latter still causes the most damage, and some signs suggest it is moving to mobile.
Shifting Attacks Put Increasing ID Fraud Burden on Consumers
Card-present fraud is down, but attackers continue to find new strategies, and consumers are paying the price.
Debunking 5 Myths About Zero Trust Security
Rather than "trust but verify," a zero trust model assumes that attackers will inevitably get in — if they aren't already. However, several misconceptions are impeding its adoption.
4 Ways At-Work Apps Are Vulnerable to Attack
Collaboration applications make users and IT teams more efficient. But they come with an added cost: security.
Startup Armor Scientific Launches Multifactor Identity System
Company aims to replace usernames and passwords by combining GPS location, biometrics, and keys issued through a blockchain-based network.
The Anatomy of a Lazy Phish
A security engineer breaks down how easy it is for unskilled attackers to trick an unsuspecting user to submit credentials to a phishing site.
Privacy Ops: The New Nexus for CISOs & DPOs
No longer can privacy be an isolated function managed by legal or compliance departments with little or no connection to the organization's underlying security technology.
A Dog's Life: Dark Reading Caption Contest Winners
What do a telephony protocol, butt-sniffing, and multifactor authentication have in common? A John Klossner cartoon! And the winners are ...
New Chrome Extension Takes Aim at Password Security
Google adds 'Password Checkup' feature that alerts users if their online credentials have been compromised.
8 Cybersecurity Myths Debunked
The last thing any business needs is a swarm of myths and misunderstandings seeding common and frequent errors organizations of all sizes make in safeguarding data and infrastructure.
Why Privacy Is Hard Work
For Data Privacy Day, let's commit to a culture of privacy by design, nurtured by a knowledgeable team that can execute an effective operational compliance program.
Credential Compromises by the Numbers
Recent statistics show just how much credential stealing has become a staple in the attacker playbook.
|
Latest Comment: How do you like our new spear phishing email solution?
7 Threats & Disruptive Forces Changing the Face of CybersecurityThis Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Assessing Cybersecurity Risk in Today's Enterprise
Security leaders are struggling to understand their organizations’ risk exposure. While many are confident in their security strategies and processes, they’re also more concerned than ever about getting breached. Download this report today and get insights on how today's enterprises assess and perceive the risks they face in 2019!
Tweet This
1 Comments
