Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Public Safety & Cybersecurity Concerns Elevate Need for a Converged Approach
As public and private spaces are opening up, the need for a converged approach to cybersecurity and physical security is essential, as is integration with health measures and tech.
How Healthcare Organizations Can Combat Ransomware
The days of healthcare organizations relying solely on endpoint security software to stop attacks are over. Here are six ways that healthcare providers can fight the ever-present threat.
Cybercriminals Aim BEC Attacks at Education Industry
Heightened vulnerability comes at a time when the sector has been focusing on setting up a remote workforce and online learning amid the pandemic.
How to Increase Voter Turnout & Reduce Fraud
Digital identity verification has advanced, both technologically and legislatively. Is it the answer to simpler, safer voting?
Rethinking Security for the Next Normal -- Under Pressure
By making a commitment to a unified approach to security, then doing what's necessary to operationalize it, organizations can establish a better security model for the next normal.
MITRE Shield Matrix Highlights Deception & Concealment Technology
The role that these technologies play in the MITRE Shield matrix is a clear indicator that they are an essential part of today's security landscape.
Microsoft's Kubernetes Threat Matrix: Here's What's Missing
With a fuller picture of the Kubernetes threat matrix, security teams can begin to implement mitigation strategies to protect their cluster from threats.
A Pause to Address 'Ethical Debt' of Facial Recognition
Ethical use will require some combination of consistent reporting, regulation, corporate responsibility, and adversarial technology.
Credential-Stuffing Attacks Plague Loyalty Programs
But that's not the only type of web attack cybercriminals have been profiting from.
To Err Is Human: Misconfigurations & Employee Neglect Are a Fact of Life
The cyber kill chain is only as strong as its weakest link, so organizations should reinforce that link with a properly equipped dedicated security team.
Implementing Proactive Cyber Controls in OT: Myths vs. Reality
Debunking the myths surrounding the implementation of proactive cyber controls in operational technology.
Iranian Cyberattack Group Deploys New PowGoop Downloader Against Mideast Targets
Seedworm Group, aka MuddyWater, is also deploying commodity ransomware as part of espionage attacks on companies and government agencies in the Middle East region.
Modern Day Insider Threat: Network Bugs That Are Stealing Your Data
Attacks involving an unmanaged device and no malware expose gaps in cybersecurity that must be addressed.
Trickbot Tenacity Shows Infrastructure Resistant to Takedowns
Both the US Cyber Command and a Microsoft-led private-industry group have attacked the infrastructure used by attackers to manage Trickbot -- but with only a short-term impact.
Microsoft Tops Q3 List of Most-Impersonated Brands
The technology sector was also the most likely targeted industry for brand phishing attacks, according to Check Point's latest report on brand phishing.
Trickbot, Phishing, Ransomware & Elections
The botnet has taken some hits lately, but that doesn't mean the threat is over. Here are some steps you can take to keep it from your door.
7 Tips for Choosing Security Metrics That Matter
Experts weigh in on picking metrics that demonstrate how the security team is handling operational efficiency and reducing risk.
Cybercrime Losses Up 50%, Exceeding $1.8B
Fewer companies are being hit by cyber incidents, but those that do get hit are hit harder and more often.
Prolific Cybercrime Group Now Focused on Ransomware
Cybercriminal team previously associated with point-of-sale malware and data theft has now moved almost completely into the more lucrative crimes of ransomware and extortion.
The Ruthless Cyber Chaos of Business Recovery
Critical technology initiatives leveraging the best of technology solutions are the only way through the cyber chaos of 2020.
Security Firms & Financial Group Team Up to Take Down Trickbot
Microsoft and security firms ESET, Black Lotus Labs, and Symantec collaborated with the financial services industry to cut off the ransomware operation's C2 infrastructure.
A 7-Step Cybersecurity Plan for Healthcare Organizations
With National Cybersecurity Awareness Month shining a spotlight on the healthcare industry, security pros share best practices for those charged with protecting these essential organizations.
The New War Room: Cybersecurity in the Modern Era
The introduction of the virtual war room is a new but necessary shift. To ensure its success, security teams must implement new systems and a new approach to cybersecurity.
10 Years Since Stuxnet: Is Your Operational Technology Safe?
The destructive worm may have debuted a decade ago, but Stuxnet is still making its presence known. Here are steps you can take to stay safer from similar attacks.
3 Months for the Cybercrime Books
From July through September, US law enforcement handed down major indictments or sanctions against foreign threat groups at least six times.
|
Everything You Need to Know About DNS AttacksIt's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask.
Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted.
Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
