Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
BazaLoader Attackers Create Fake Movie Streaming Site to Trick Victims
The BazaLoader infection chain includes a live call center and "customer service" from criminals, researchers report.
ExtraHop Explains How Advanced Threats Dominate Threat Landscape
SPONSORED: WATCH NOW -- How do SOC professionals build a strategy when they lack basic information about how such threats operate? Advanced threats by their very nature create plenty of uncertainty, according to Matt Cauthorn, VP of cloud security for ExtraHop.
Russia Profiting from Massive Hydra Cybercrime Marketplace
An analysis of Bitcoin transactions from the Hydra marketplace show that the operators are locking sellers into Russian exchanges, likely fueling profits for local actors.
Sophos Research Uncovers Widespread Use of TLS By Cybercriminals
SPONSORED CONTENT: Nearly half of all malware is being disseminated via the Transport Layer Security cryptographic protocol, says Dan Schiappa, executive VP and chief product officer for Sophos.
Latest Security News From RSAC 2021
Check out Dark Reading's updated, exclusive coverage of the news and security themes that are dominating RSA Conference 2021.
Lack of Skills, Maturity Hamper Threat Hunting at Many Organizations
When implemented correctly, threat hunting can help organizations stay head of threats, researcher says at RSA Conference.
Security Providers Describe New Solutions (& Growing Threats) at RSAC
SPONSORED CONTENT: Watch now -- Leading security companies meet Dark Reading in the RSA Conference Broadcast Alley to talk about tackling insider threat, SOC complexity, cyber resilience, mobile security, attacker evasion, supply chain threats, ransomware, and more.
Automation & Pervasive, Connected Technology to Pose Cyber Threats in 2030
A project to look at potential cybersecurity threats in a decade sees hackers and marketers sending spam directly to our vision, while attackers' automated systems adapt faster than defenses.
How Ransomware Encourages Opportunists to Become Criminals
And what's needed to stop it: Better information sharing among private organizations and with law enforcement agencies.
How to Mitigate Against Domain Credential Theft
Attackers routinely reuse stolen domain credentials. Here are some ways to thwart their access.
Wi-Fi Design, Implementation Flaws Allow a Range of Frag Attacks
Every Wi-Fi product is affected by at least one fragmentation and aggregation vulnerability, which could lead to a machine-in-the-middle attack, researcher says.
Adobe Issues Patch for Acrobat Zero-Day
The vulnerability is being exploited in limited attacks against Adobe Reader users on Windows.
Cartoon Caption Winner: Greetings, Earthlings
And the winner of Dark Reading's April cartoon caption contest is ...
Critical Infrastructure Under Attack
Several recent cyber incidents targeting critical infrastructure prove that no open society is immune to attacks by cybercriminals. The recent shutdown of key US energy pipeline marks just the tip of the iceberg.
Exchange Exploitation: Not Dead Yet
The mass exploitation of Exchange Servers has been a wake-up call, and it will take all parties playing in concert for the industry to react, respond, and recover.
Securing the Internet of Things in the Age of Quantum Computing
Internet security, privacy, and authentication aren't new issues, but IoT presents unique security challenges.
Stopping the Next SolarWinds Requires Doing Something Different
Will the SolarWinds breach finally prompt the right legislative and regulatory actions on a broader, more effective scale?
|
Everything You Need to Know About DNS AttacksIt's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask.
Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted.
Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
