Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Pro-ISIS Hacking Groups Growing, Unifying, But Still Unskilled
Flashpoint report outlines the patchwork of hacking groups and the validity of their claims to fame.
'Dogspectus' Breaks New Ground For Android Ransomware
Blue Coat says it's the first Android ransomware that installs without user interaction
Crowdsourcing The Dark Web: A One-Stop Ran$om Shop
Say hello to Ran$umBin, a new kind of ransom market dedicated to criminals and victims alike.
Malware At Root Of Bangladesh Bank Heist Lies To SWIFT Financial Platform
Customized malware hid $81 million of wire transfers until the money had been safely laundered.
Microsoft: Keep Calm But Vigilant About Ransomware
Though a growing problem, ransomware is still nowhere as prevalent as other threats, Microsoft says.
SpyEye Creators Sentenced To Long Prison Terms
FBI found that arrest halted the release of nasty SpyEye 2.0.
MIT AI Researchers Make Breakthrough On Threat Detection
New artificial intelligence platform offers 3x detection capabilities with 5x fewer false positives.
8 Active APT Groups To Watch
Ever wonder who's behind some of the attacks we hear about in the news? Here are eight advanced persistent threat (APT) groups that operate some of the most successful and well-known malware campaigns worldwide.
5 Steps to Improve Your Software Supply Chain Security
Organizations that take control of their software supply chains will see tremendous gains in developer productivity, improved quality, and lower risk.
Java Deserialization: Running Faster Than a Bear
Software components that were once good can sour instantly when new vulnerabilities are discovered within them. When that happens, the bears are coming, and you have to respond quickly.
Zero-Day Discoveries A Once-A-Week Habit
Symantec threat report shows growth in zero-day vulns to enable more targeted attacks.
Imagining The Ransomware Of The Future
Cisco Talos Lab paints a dark picture of what ransomware could have in store next.
Dridex Malware Now Used For Stealing Payment Card Data
An analysis of Dridex infrastructure shows dangerous changes, potentially new operators.
Adobe Issues Emergency Updates For Zero-Day Flaw in Flash Player
Memory corruption flaw is being exploited in the wild to distribute ransomware samples like Locky and Cerber.
7 Lessons From The Panama Papers Leak
Hopefully your organization isn't hiding as many dark secrets as Mossack Fonseca, but the incident still brings helpful hints about data security, breach response, and breach impact.
Panama Papers Leak Exposes Tax Evasion -- And Poor Data Security, Data Integrity Practices
Whether an insider leak or an outsider hack, an exposure of 11.5 million documents definitely falls under the infosec umbrella.
Ransomware Authors Break New Ground With Petya
Instead of encrypting files on disk, Petya goes for the jugular by encrypting the entire disk instead, says F-Secure.
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
