Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Is the Web Supply Chain Next in Line for State-Sponsored Attacks?
Attackers go after the weak links first, and the Web supply chain provides an abundance of weak links to target.
Pay-or-Get-Breached Ransomware Schemes Take Off
In 2020, ransomware attackers moved quickly to adopt so-called "double extortion" schemes, with more than 550 incidents in the fourth quarter alone.
Why North Korea Excels in Cybercrime
North Korea is laser-focused on boosting its cyber capabilities, and it's doing a remarkable job of it.
7 Steps to Secure a WordPress Site
Many companies operate under the assumption that their WordPress sites are secure -- and that couldn't be anything further from the truth.
SolarWinds Attack, Cyber Supply Chain Among Priorities for Biden Administration
During Senate confirmation hearings, the nominees for Secretary of Homeland Security and Director of National Intelligence pledged to focus on cybersecurity.
A Security Practitioner's Guide to Encrypted DNS
Best practices for a shifting visibility landscape.
Virtual Pen-Testing Competition Tasks College Students With Running a Red Team Operation
Aimed at developing offensive cyber talent, last weekend's sixth annual Collegiate Penetration Testing Competition brought out some of the brightest from RIT and Stanford, among other universities.
The Data-Centric Path to Zero Trust
Data is an organization's most valuable asset, so a data-centric approach would provide the best value for organizations, now and in the future.
Malware Developers Refresh Their Attack Tools
Cisco analyzes the latest version of the LokiBot malware for stealing credentials, finding that its developers have added more misdirection and anti-analysis features.
Even Small Nations Have Jumped into the Cyber Espionage Game
While the media tends to focus on the Big 5 nation-state cyber powers, commercial spyware has given smaller countries sophisticated capabilities, as demonstrated by a "zero-click" iMessage exploit that targeted journalists last year.
China's APT Groups May Be Looking to Cash In
Two campaigns have resulted in encrypted drives and ransom notes, suggesting that some China-linked nation-state advanced persistent threat groups have added financial gain as a motive, researchers say.
|
Everything You Need to Know About DNS AttacksIt's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask.
Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted.
Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
