Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
WannaCry Has IoT in Its Crosshairs
The wide variety of devices attached to the Internet of Things offers a rich target for purveyors of ransomware.
My Journey Toward SAP Security
When applications are critical to the business's core functions, the CISO and their staff better get the security right.
7 Non-Technical Skills Threat Analysts Should Master to Keep Their Jobs
It's not just technical expertise and certifications that enable analysts to build long-term careers in cybersecurity.
New Google Search Hacks Push Viruses & Porn
Three incidents demonstrate how cybercriminals leverage the scourge of black-hat search engine optimization to manipulate search results.
Time for CEOs to Stop Enabling China's Blatant IP Theft
Protecting intellectual property in the name of US economic and national security should be part of every company's fiduciary duty.
Strategic Cyber Warfare Heats Up
It's "anything goes," according to renowned hacker the Grugq, who drew a bright line between cyberwar and cyber warfare at this week's virtual Disclosure Conference.
Fake Data and Fake Information: A Treasure Trove for Defenders
Cybersecurity professionals are using false data to deceive cybercriminals, enabling them to protect networks in new and innovative ways.
DHS Partners with Industry to Offer State, Local Gov'ts Cybersecurity Aid
The US Department of Homeland Security teams up with Akamai and the Center for Internet Security to provide state and local governments with cybersecurity through DNS for free.
New Threat Activity by Lazarus Group Spells Trouble for Orgs
The North Korea-backed group has launched several campaigns to raise revenue for cash-strapped nation's missile program, security experts say.
Is China the World's Greatest Cyber Power?
While the US, Russia, Israel, and several European nations all have sophisticated cyber capabilities, one threat intelligence firm argues that China's aggressive approach to cyber operations has made it "perhaps the world's greatest cyber power."
How CISOs Can Play a New Role in Defining the Future of Work
Rather than just reacting to security issues in the COVID-19 era, CISOs are now in a position to be change agents alongside their C-suite peers.
Three Easy Ways to Avoid Meow-like Database Attacks
The largest problem facing database security today is the disconnect between security teams and DBAs beginning from the moment of configuration and continuing throughout the database lifecycle.
Large Ad Network Collects Private Activity Data, Reroutes Clicks
A Chinese mobile advertising firm has modified code in the software development kit included in more than 1,200 apps, maliciously collecting user activity and performing ad fraud, says Snyk, a software security firm.
Average Cost of a Data Breach in 2020: $3.86M
When companies defend themselves against cyberattacks, time is money.
74 Days From the Presidential Election, Security Worries Mount
With pandemic measures continuing and political divisions deepening, security experts express concern about the security and integrity of the November election.
'Next-Gen' Supply Chain Attacks Surge 430%
Attackers are increasingly seeding open source projects with compromised components.
Post-Pandemic Digitalization: Building a Human-Centric Cybersecurity Strategy
COVID-19 won't be the last major disruption of its kind. Instead, it is a glimpse into what may be to come as digitalization continues to affect all aspects of our lives.
Smart-Lock Hacks Point to Larger IoT Problems
Two recent reports on smart-locks vulnerabilities show that IoT vendors have a bigger job to do in ensuring their products are safely deployed and configured.
Newly Patched Alexa Flaws a Red Flag for Home Workers
Alexa could serve as an entry point to home and corporate networks. Security experts point to the need for manufacturers to work closely with enterprise security teams to spot and shut down IoT device flaws.
The IT Backbone of Cybercrime
Like their counterparts who run legitimate businesses, cybercriminals need hosting and cybersecurity protection, too.
7 Ways to Keep Your Remote Workforce Safe
These tips will help you chart a course for a security strategy that just may become part of the normal way organizations will function over the next several years.
Kr00k, KRACK, and the Seams in Wi-Fi, IoT Encryption
Black Hat talk expands on research that uncovered more weaknesses in Wi-Fi chips allowing for the unauthorized decryption of traffic.
How to Help Spoil the Cybercrime Economy
Cybercrime increasingly is turning into a commodity. Stolen PII data and hijacked cloud accounts especially propel the spread, research shows.
IoT Security During COVID-19: What We've Learned & Where We're Going
Vigilance and ongoing training combined with an integrated security framework are key aspects of a successful strategy in the fight against the latest crop of pandemic opportunists.
Dark Reading Video News Desk Returns to Black Hat
UPDATED: Coming to you prerecorded from in front of carefully arranged bookcases around the world ...!
Why Satellite Communication Eavesdropping Will Remain A Problem
Oxford PhD candidate James Pavur shows that SATCOM security has still made no progress since previous Black Hat disclosures, and discusses the physical and economic limitations that slow make it unlikely to improve anytime soon.
Russian Election Interference: What’s Next?
Nate Beach-Westmoreland gives a look back at the past 10 years of Russian election interference and disinformation campaigns. What can we learn from the past and what should we expect as the 2020 US presidential election approaches?
Retooling the SOC for a Post-COVID World
Residual work-from-home policies will require changes to security policies, procedures, and technologies.
Dark Web Travel Fraudsters Left Hurting From Lockdowns
Shadow travel businesses that depend on loyalty program fraud have been impacted just like the legitimate travel orgs they prey on.
Using the Attack Cycle to Up Your Security Game
Like the universe, the attack surface is always expanding. Here's how to keep up and even get ahead.
Technical Challenges of IoT Cybersecurity in a Post-COVID-19 World
Effective management of vulnerabilities can be done only when information about supply chain dependencies is accurate and recent.
The Future's Biggest Cybercrime Threat May Already Be Here
Current attacks will continue to be refined, and what may seem a weakness now could turn out to be a disaster.
Autonomous IT: Less Reacting, More Securing
Keeping data secure requires a range of skills and perfect execution. AI makes that possible.
Deepfakes & James Bond Research Project: Cool but Dangerous
Open source software for creating deepfakes is getting better and better, to the chagrin of researchers
8 Cybersecurity Themes to Expect at Black Hat USA 2020
Here are the trends and topics that'll capture the limelight at this year's virtual event.
North Korea's Lazarus Group Developing Cross-Platform Malware Framework
The APT group, known for its attack on Sony Pictures in 2014, has created an "advanced malware framework" that can launch and manage attacks against systems running Windows, MacOS, and Linux.
Cybersecurity Lessons from the Pandemic
How does cybersecurity support business and society? The pandemic shows us.
Leading Through Uncertainty: Be Proactive in Your Dark Web Intelligence Strategy
Having a strong Dark Web intelligence posture helps security teams understand emerging vulnerability trends.
What Organizations Need to Know About IoT Supply Chain Risk
Here are some factors organizations should consider as they look to limit the risk posed by risks like Ripple20.
Third-Party IoT Vulnerabilities: We Need a Cybersecurity Paradigm Shift
The only entities equipped to safeguard Internet of Things devices against risks are the IoT device manufacturers themselves.
Crypto-Primer: Encryption Basics Every Security Pro Should Know
With so many choices for encrypting data and communication, it's important to know the pros and cons of different techniques.
Decoding the Verizon DBIR Report: An Insider's Look Beyond the Headlines
To truly understand cybersecurity trends, we must look beyond the headlines and ask more of the data. What you learn might surprise you.
4 Security Tips as the July 15 Tax-Day Extension Draws Near
We're continuing to see cybercriminals take advantage of COVID-19, and the extension of Tax Day will be the next technique used in their sophisticated method of attacks.
Using Adversarial Machine Learning, Researchers Look to Foil Facial Recognition
For privacy-seeking users, good news: Computer scientists are finding more ways to thwart facial and image recognition. But there's also bad news: Gains will likely be short-lived.
Pen Testing ROI: How to Communicate the Value of Security Testing
There are many reasons to pen test, but the financial reasons tend to get ignored.
Framing the Security Story: The Simplest Threats Are the Most Dangerous
Don't be distracted by flashy advanced attacks and ignore the more mundane ones.
How to Assess More Sophisticated IoT Threats
Securing the Internet of Things requires diligence in secure development and hardware design throughout the product life cycle, as well as resilience testing and system component analysis.
Another COVID-19 Side Effect: Rising Nation-State Cyber Activity
While financial institutions and government remain popular targets, COVID-19 research organizations are now also in the crosshairs.
3 Ways to Flatten the Health Data Hacking Curve
With more people working from home, health data security is more challenging but vitally important. These tips can help safeguard healthcare data.
7 Tips for Effective Deception
The right decoys can frustrate attackers and help detect threats more quickly.
|
Special Report: Computing's New NormalThis special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Tweet This
0 Comments
