Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Accounting Scams Continue to Bilk Businesses
Yes, ransomware is plaguing businesses and government organizations, but impersonators inserting themselves into financial workflows — most often via e-mail — continue to enable big paydays.
Social Media: Corporate Cyber Espionage's Channel of Choice
Proactive defense and automation can help your company deal with scale and prioritize risks in order to more efficiently fight cyber espionage.
Disclosure Does Little to Dissuade Cyber Spies
In the past, outing nation-state cyber espionage groups caused a few to close up shop, but nowadays actors are more likely to switch to new infrastructure and continue operations.
To Secure Multicloud Environments, First Acknowledge You Have a Problem
Multicloud environments change rapidly. Organizations need a security framework that is purpose-built for the cloud and that aligns with their digital transformation strategy.
8 Trends in Vulnerability and Patch Management
Unpatched flaws continue to be a major security issue for many organizations.
Why Cloud-Native Applications Need Cloud-Native Security
Today's developers and the enterprises they work for must prioritize security in order to reap the speed and feature benefits these applications and new architectures provide.
5 Things the Hoodie & the Hard Hat Need to Know About Each Other
Traditionally, the worlds of IT (the hoodie) and OT (the hard hat) have been separate. That must change.
State of SMB Insecurity by the Numbers
SMBs still perceive themselves at low risk from cyberthreats — in spite of attack statistics that paint a different pictur
Schadenfreude Is a Bad Look & Other Observations About Recent Disclosures
The debate about whether Android or iOS is the more inherently secure platform misses the larger issues that both platforms are valuable targets and security today is no guarantee of security tomorrow.
Federal CIOs Zero In on Zero Trust
Here's how federal CIOs can begin utilizing the security concept and avoid predictable obstacles.
Why Bricking Vulnerable IoT Devices Comes with Unintended Consequences
Infosec vigilantism can cause serious harm in the era of industrial IoT and connected medical devices.
The Connected Cybercrime Ecosystem & the Impact of the Capital One Breach
A company's security battle is not between that company and a specific fraudster; rather, it's between the company and connected cybercriminal ecosystem.
How the Software-Defined Perimeter Is Redefining Access Control
In a world where traditional network boundaries no longer exist, VPNs are showing their age.
Utilities' Operational Networks Continue to Be Vulnerable
More than half of utilities have suffered an outage or data loss in the last 12 months, but only a minority of organizations seem ready for an attack that could affect operations, a survey finds.
For Cybersecurity to Be Proactive, Terrains Must Be Mapped
As in any battle, understanding and exploiting the terrain often dictates the outcome.
Beyond the Horde: The Uptick in Targeted Attacks (And How to Fight Back)
We're seeing a dramatic rise in targeted attacks, but following these guidelines can help your enterprise stay safe.
Cybercrime: AI's Growing Threat
Cyberecurity incidents expected to rise by nearly 70% and cost $5 trillion annually by 2024.
Common Pitfalls of Security Monitoring
We need technology, but we can’t forget the importance of humans working methodically to make it effective.
Quantum-Safe Cryptography: The Time to Prepare Is Now
Quantum computing is real and it's evolving fast. Is the security industry up to the challenge?
Controlling Data Leakage in Cloud Test-Dev Environments
The focus on digital transformation and compressing development release cycles is appealing, but that means security can be left behind. How should security practitioners address this challenge?
'Harvesting Attacks' & the Quantum Revolution
Stockpiles of stolen information sitting in foreign databases are ready to be exposed the minute there's a working quantum computer in five to ten years. The time to act is now.
A Safer IoT Future Must Be a Joint Effort
We're just at the beginning of an important conversation about the future of our homes and cities, which must involve both consumers and many players in the industry
6 Questions to Ask Once You’ve Learned of a Breach
With GDPR enacted and the California Consumer Privacy Act on the near horizon, companies have to sharpen up their responses. Start by asking these six questions.
The Fight Against Synthetic Identity Fraud
Advanced data and innovative technology will help organizations more easily identify abnormal behavior and tell legitimate customers apart from "fake" ones.
Data Is the New Copper
Data breaches fuel a complex cybercriminal ecosystem, similar to copper thefts after the financial crisis.
AI Is Everywhere, but Don't Ignore the Basics
Artificial intelligence is no substitute for common sense, and it works best in combination with conventional cybersecurity technology. Here are the basic requirements and best practices you need to know.
From Spyware to Ninja Cable
Attackers don't need sophisticated James Bondian hardware to break into your company. Sometimes a $99 device will do.
Why Businesses Fail to Address DNS Security Exposures
Increasing awareness about the critical importance of DNS security is the first step in improving the risk of being attacked. It's time to get proactive.
Automation: Friend of the SOC Analyst
Faced by increasingly sophisticated threats, organizations are realizing the benefits of automation in their cybersecurity programs.
It's Not Healthy to Confuse Compliance with Security
Healthcare organizations should be alarmed by the frequency and severity of cyberattacks. Don't assume you're safe from them just because you're compliant with regulations.
Unsecured IoT: 8 Ways Hackers Exploit Firmware Vulnerabilities
As new Internet of Things products enter the market, speed shouldn't trump concerns about security.
Cryptography & the Hype Over Quantum Computing
It's not time to move to post-quantum cryptography yet -- too many things are still up in the air. But you can start to become prepared by making sure your infrastructure is agile.
Capital One Breach: What Security Teams Can Do Now
Knowing the methods of the attacker, as laid out in the federal indictment, allow us to prevent similar attacks.
Who Gets Privileged Access & How to Enforce It
Let's begin by re-evaluating IT infrastructures to determine who has access to what, why, and when.
Towns Across Texas Hit in Coordinated Ransomware Attack
The state government and cybersecurity groups have mobilized to respond to a mass ransomware attack that simultaneously hit 22 different towns statewide.
The Mainframe Is Seeing a Resurgence. Is Security Keeping Pace?
The old-school technology is experiencing new popularity, but too many people assume mainframes are inherently secure.
Why Companies Fail to Learn from Peers' Mistakes (and How They Can Change)
Far too often, there's a new breach in the headlines. Companies need to start learning some obvious lessons.
Microservices Flip App Security on Its Head
With faster application deployment comes increased security considerations.
History Doesn't Repeat Itself in Cyberspace
The 10th anniversary of the US Cyber Command is an opportunity to prepare for unknowns in the rapidly changing cybersecurity landscape.
2019 Pwnie Award Winners (And Those Who Wish They Weren't)
This year's round-up includes awards into two new categories: most under-hyped research and epic achievement.
Security Flaws Discovered in 40 Microsoft-Certified Device Drivers
Attackers can use vulnerable drivers to escalate privilege and execute malicious code in every part of the system.
Dark Reading News Desk Live at Black Hat USA 2019
Watch right here for 40 video interviews with speakers and sponsors. Streaming live from Black Hat USA Wednesday and Thursday 2 p.m. to 6 p.m. Eastern.
Enterprises Must Be Wary of Ransomware Targeting Network File Shares & Cloud Assets
New research shows that criminals are evolving ransomware attacks against servers, network hosts, and IaaS cloud assets in search of bigger payoffs from businesses.
Boeing 787 On-Board Network Vulnerable to Remote Hacking, Researcher Says
Boeing disputes IOActive findings ahead of security firm's Black Hat USA presentation.
New Speculative Execution Vulnerability Gives CISOs a New Reason to Lose Sleep
The vulnerability, dubbed SWAPGS, is an undetectable threat to data security, similar in some respects to Spectre and Meltdown.
When Perceived Cybersecurity Risk Outweighs Reality
Teams need to manage perceived risks so they can focus on fighting the real fires.
Mimecast Rejected Over 67 Billion Emails. Here's What It Learned
New research warns that security pros must guard against updates to older malware and more manipulative social-engineering techniques.
Demystifying New FIDO Standards & Innovations
Staying on top of the latest cybersecurity risks and preferred attack methods can feel impossible, but standards like FIDO2 are designed to help relieve the burden.
Why the Network Is Central to IoT Security
Is there something strange about your network activity? Better make sure all of your IoT devices are under control.
BlueKeep Exploits Appear as Security Firms Continue to Worry About Cyberattack
The lack of an attack has puzzled some security experts, but the general advice remains that companies should patch their vulnerable systems more quickly.
|
Latest Comment: How do you like our new spear phishing email solution?
7 Threats & Disruptive Forces Changing the Face of CybersecurityThis Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Assessing Cybersecurity Risk in Today's Enterprise
Security leaders are struggling to understand their organizations’ risk exposure. While many are confident in their security strategies and processes, they’re also more concerned than ever about getting breached. Download this report today and get insights on how today's enterprises assess and perceive the risks they face in 2019!
Tweet This
1 Comments
