Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
New Facebook, Instagram Bugs Demonstrate Social Media Risk
Security flaws in Facebook Messenger and Instagram let hackers propagate attacks and steal personal data.
Verizon Report: Businesses Hit with Payment Card Breaches Not Fully PCI-Compliant
Companies struggle to maintain PCI compliance within a year of meeting it, according to a new payment security report by Verizon.
International Firms Struggle to Adapt as China's Cybersecurity Law Takes Shape
After the release of new guidelines on critical information infrastructure, international companies are still searching for clarity on how to comply with the country's new cyber regime.
Ransomware is Going More Corporate, Less Consumer
Cybercriminals on average charge $544 for ransom per device, signaling a new sweet spot for payouts.
St. Jude Pacemaker Gets Firmware Update 'Intended as a Recall'
The devices that were the subject of a vulnerability disclosure debate last summer now have an FDA-approved fix.
'Onliner' Spambot Amassed Hundreds of Millions of Stolen Email Addresses
Massive spambot relying on stolen email addresses, credentials, and SMTP and port information to expand.
Office 365: A Vehicle for Internal Phishing Attacks
A new threat uses internal accounts to spread phishing attacks, making fraudulent emails even harder to detect.
How Hackers Hide Their Malware: Advanced Obfuscation
Hackers continue to develop new ways to break into systems. Here are three of them, along with ways to fight back.
Security Analytics: Making the Leap from Data Lake to Meaningful Insight
Once you've got a lake full of data, it's essential that your analysis isn't left stranded on the shore.
FBI/IRS-Themed Email Scam Spreads Ransomware
Fake IRS and FBI emails are circulating on the Internet that attempt to lure victims into downloading malware that will ultimately hold their data hostage.
How Hackers Hide Their Malware: The Basics
Malware depends on these four basic techniques to avoid detection.
US CERT Warns of Potential Hurricane Harvey Phishing Scams
Be wary of malicious emails purportedly tied to the storm, officials say.
Forcepoint Snaps Up RedOwl
The acquisition aims to bolster Forcepoint's behavioral analytics offerings.
10 Time-Consuming Tasks Security People Hate
Whether it is dealing with false positives, reporting to auditors, or patching software, here's the scut work security people dread.
Cybersecurity: An Asymmetrical Game of War
To stay ahead of the bad guys, security teams need to think like criminals, leverage AI’s ability to find malicious threats, and stop worrying that machine learning will take our jobs.
New Targeted Ransomware Hits Healthcare, Manufacturing
A new ransomware strain, Defray, that focuses on certain verticals in narrow and select attacks is making the rounds in the healthcare, education, manufacturing, and technology sectors.
Apple iOS Exploit Takes Complete Control of Kernel
Researcher demonstrates 'severe' ZIVA exploit at Hack in the Box.
Mac's Biggest Threats Lurk in the Apple App Store
Mac malware is on the rise, especially adware and potentially unwanted programs in the App Store.
GoT & the Inside Threat: Compromised Insiders Make Powerful Adversaries
What Game of Thrones' Arya Stark and the Faceless Men can teach security pros about defending against modern malware and identity theft.
GDPR Compliance Preparation: A High-Stakes Guessing Game
It's difficult to tell if your company is meeting the EU's data privacy and security standards -- or US standards, for that matter.
Suspect in Yahoo Breach Pleads Not Guilty
Karim Baratov enters his plea in US Courts today, after waiving his extradition hearing in Canada last week.
Phish Bait: DMARC Adoption Failures Leave Companies Exposed
More than 90% of Fortune 500 companies leave customers and brand names vulnerable to domain name spoofing as a result of not fully implementing DMARC.
72% of Government Agencies Hit with Security Incidents
The cause of the incidents large fell on human error and employee misuse.
The Changing Face & Reach of Bug Bounties
HackerOne CEO Mårten Mickos reflects on the impact of vulnerability disclosure on today's security landscape and leadership.
Why You Need to Study Nation-State Attacks
Want to know what attacks against businesses will look like soon? Examine nation-state attacks now.
Google Removes 500 Android Apps Following Spyware Scare
Android apps embedded with an advertising software development kit removed after researchers discover its potential for stealing users' caller data.
Battle of the AIs: Don't Build a Better Box, Put Your Box in a Better Loop
Powered by big data and machine learning, next-gen attacks will include perpetual waves of malware, phishes, and false websites nearly indistinguishable from the real things. Here's how to prepare.
Comparing Private and Public Cloud Threat Vectors
Many companies moving from a private cloud to a cloud service are unaware of increased threats.
How to Hack a Robot
Forget 'killer robots:' researchers demonstrate how collaborative robots, or 'cobots,' can be hacked and dangerous.
Tuesday: Spammers' Favorite Day of the Week
Spammers are most active when their targets are online, with the highest level of activity on Tuesday, Wednesday, and Thursday.
The Pitfalls of Cyber Insurance
Cyber insurance is 'promising' but it won't totally protect your company against hacks.
50% of Ex-Employees Can Still Access Corporate Apps
Businesses drive the risk for data breaches when they fail to terminate employees' access to corporate apps after they leave.
Curbing the Cybersecurity Workforce Shortage with AI
By using cognitive technologies, an organization can address the talent shortage by getting more productivity from current employees and improving processes.
Microsoft Report: User Account Attacks Jumped 300% Since 2016
Most of these Microsoft user account compromises can be attributed to weak, guessable passwords and poor password management, researchers found.
Critical Infrastructure, Cybersecurity & the 'Devil’s Rope'
How hackers today are engaging in a modern 'Fence Cutter War' against industrial control systems, and what security professionals need to do about it.
Kill Switches, Vaccines & Everything in Between
The language can be a bit fuzzy at times, but there are real differences between the various ways of disabling malware.
70% of DevOps Pros Say They Didn't Get Proper Security Training in College
Veracode survey shows majority of DevOps pros mostly learn on the job about security.
|
Latest Comment: "I think this year's Cybersecurity Awareness Campaign is too much! I'll clean up after a cyber incident, but I will not clean up after a ...
Navigating the Deluge of Security DataIn this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industry’s conventional wisdom. Here’s a look at what they’re thinking about.
Tweet This
1 Comments
