Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
A Safer IoT Future Must Be a Joint Effort
We're just at the beginning of an important conversation about the future of our homes and cities, which must involve both consumers and many players in the industry
6 Questions to Ask Once You’ve Learned of a Breach
With GDPR enacted and the California Consumer Privacy Act on the near horizon, companies have to sharpen up their responses. Start by asking these six questions.
The Fight Against Synthetic Identity Fraud
Advanced data and innovative technology will help organizations more easily identify abnormal behavior and tell legitimate customers apart from "fake" ones.
Data Is the New Copper
Data breaches fuel a complex cybercriminal ecosystem, similar to copper thefts after the financial crisis.
AI Is Everywhere, but Don't Ignore the Basics
Artificial intelligence is no substitute for common sense, and it works best in combination with conventional cybersecurity technology. Here are the basic requirements and best practices you need to know.
From Spyware to Ninja Cable
Attackers don't need sophisticated James Bondian hardware to break into your company. Sometimes a $99 device will do.
Why Businesses Fail to Address DNS Security Exposures
Increasing awareness about the critical importance of DNS security is the first step in improving the risk of being attacked. It's time to get proactive.
Automation: Friend of the SOC Analyst
Faced by increasingly sophisticated threats, organizations are realizing the benefits of automation in their cybersecurity programs.
It's Not Healthy to Confuse Compliance with Security
Healthcare organizations should be alarmed by the frequency and severity of cyberattacks. Don't assume you're safe from them just because you're compliant with regulations.
Unsecured IoT: 8 Ways Hackers Exploit Firmware Vulnerabilities
As new Internet of Things products enter the market, speed shouldn't trump concerns about security.
Cryptography & the Hype Over Quantum Computing
It's not time to move to post-quantum cryptography yet -- too many things are still up in the air. But you can start to become prepared by making sure your infrastructure is agile.
Capital One Breach: What Security Teams Can Do Now
Knowing the methods of the attacker, as laid out in the federal indictment, allow us to prevent similar attacks.
Who Gets Privileged Access & How to Enforce It
Let's begin by re-evaluating IT infrastructures to determine who has access to what, why, and when.
Towns Across Texas Hit in Coordinated Ransomware Attack
The state government and cybersecurity groups have mobilized to respond to a mass ransomware attack that simultaneously hit 22 different towns statewide.
The Mainframe Is Seeing a Resurgence. Is Security Keeping Pace?
The old-school technology is experiencing new popularity, but too many people assume mainframes are inherently secure.
Why Companies Fail to Learn from Peers' Mistakes (and How They Can Change)
Far too often, there's a new breach in the headlines. Companies need to start learning some obvious lessons.
Microservices Flip App Security on Its Head
With faster application deployment comes increased security considerations.
History Doesn't Repeat Itself in Cyberspace
The 10th anniversary of the US Cyber Command is an opportunity to prepare for unknowns in the rapidly changing cybersecurity landscape.
2019 Pwnie Award Winners (And Those Who Wish They Weren't)
This year's round-up includes awards into two new categories: most under-hyped research and epic achievement.
Security Flaws Discovered in 40 Microsoft-Certified Device Drivers
Attackers can use vulnerable drivers to escalate privilege and execute malicious code in every part of the system.
Dark Reading News Desk Live at Black Hat USA 2019
Watch right here for 40 video interviews with speakers and sponsors. Streaming live from Black Hat USA Wednesday and Thursday 2 p.m. to 6 p.m. Eastern.
Enterprises Must Be Wary of Ransomware Targeting Network File Shares & Cloud Assets
New research shows that criminals are evolving ransomware attacks against servers, network hosts, and IaaS cloud assets in search of bigger payoffs from businesses.
Boeing 787 On-Board Network Vulnerable to Remote Hacking, Researcher Says
Boeing disputes IOActive findings ahead of security firm's Black Hat USA presentation.
New Speculative Execution Vulnerability Gives CISOs a New Reason to Lose Sleep
The vulnerability, dubbed SWAPGS, is an undetectable threat to data security, similar in some respects to Spectre and Meltdown.
When Perceived Cybersecurity Risk Outweighs Reality
Teams need to manage perceived risks so they can focus on fighting the real fires.
Mimecast Rejected Over 67 Billion Emails. Here's What It Learned
New research warns that security pros must guard against updates to older malware and more manipulative social-engineering techniques.
Demystifying New FIDO Standards & Innovations
Staying on top of the latest cybersecurity risks and preferred attack methods can feel impossible, but standards like FIDO2 are designed to help relieve the burden.
Why the Network Is Central to IoT Security
Is there something strange about your network activity? Better make sure all of your IoT devices are under control.
BlueKeep Exploits Appear as Security Firms Continue to Worry About Cyberattack
The lack of an attack has puzzled some security experts, but the general advice remains that companies should patch their vulnerable systems more quickly.
CISOs Must Evolve to a Data-First Security Program
Such a program will require effort and reprioritization, but it will let your company fight modern-day threats and protect your most important assets.
Answer These 9 Questions to Determine if Your Data Is Safe
Data protection regulations are only going to grow tighter. Make sure you're keeping the customer's best interests in mind.
Business Email Compromise: Thinking Beyond Wire Transfers
As BEC continues to drive record-high losses, cybercriminals devise new tactics for swindling corporate targets out of millions.
Calculating the Value of Security
What will it take to align staff and budget to protect the organization?
For Real Security, Don't Let Failure Be Your Measure of Success
For too long, we've focused almost exclusively on keeping out the bad guys rather than what to do when they get in (and they will).
How Attackers Infiltrate the Supply Chain & What to Do About It
With some security best practices, enterprises can significantly reduce the chances that a potential supply chain attack will affect business operations.
Is Machine Learning the Future of Cloud-Native Security?
The nature of containers and microservices makes them harder to protect. Machine learning might be the answer going forward.
Most Organizations Lack Cyber Resilience
Despite increasing threats, many organizations continue to run with only token cybersecurity and resilience.
The Security of Cloud Applications
Despite the great success of the cloud over the last decade, misconceptions continue to persist. Here's why the naysayers are wrong.
Persistent Threats Can Last Inside SMB Networks for Years
The average dwell time for riskware can be as much as 869 days.
Coast Guard Warns Shipping Firms of Maritime Cyberattacks
A commercial vessel suffered a significant malware attack in February, prompting the US Coast Guard to issues an advisory to all shipping companies: Here be malware.
Cloud Security and Risk Mitigation
Just because your data isn't on-premises doesn't mean you're not responsible for security.
US Military Warns Companies to Look Out for Iranian Outlook Exploits
Microsoft patched a serious vulnerability in the Microsoft Outlook client in 2017, but an Iranian group continues to exploit the flaw.
Cybersecurity Experts Worry About Satellite & Space Systems
As nation-states and rogue actors increasingly probe critical infrastructure, policy and technology experts worry that satellite and space systems are on the front lines.
How GDPR Teaches Us to Take a Bottom-Up Approach to Privacy
Looking at underlying security needs means organizations are more likely to be in compliance with privacy regulations.
How to Avoid Becoming the Next Riviera Beach
Be prepared by following these five steps so you don't have to pay a ransom to get your data back.
Companies on Watch After US, Iran Claim Cyberattacks
With the cyber conflict between the United States and Iran ramping up, companies traditionally targeted by the countries — such as those in the oil and gas and financial industries — need to bolster their security efforts, experts say.
Never Trust, Always Verify: Demystifying Zero Trust to Secure Your Networks
The point of Zero Trust is not to make networks, clouds, or endpoints more trusted; it's to eliminate the concept of trust from digital systems altogether.
Pledges to Not Pay Ransomware Hit Reality
While risk analysts and security experts continue to urge companies to secure systems against ransomware, they are now also advising that firms be ready to pay.
Patrolling the New Cybersecurity Perimeter
Remote work and other developments demand a shift to managing people rather than devices.
The Hunt for Vulnerabilities
A road map for improving the update process will help reduce the risks from vulnerabilities.
|
Latest Comment: "He's too shy to invite me out face to face!"
7 Threats & Disruptive Forces Changing the Face of CybersecurityThis Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Here’s some insight on what's working – and what isn't – in the data center.
Tweet This
0 Comments
