Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Advice From Security Experts: How to Approach Security in the New Normal
Here are the biggest lessons they've learned after a year of work from home, and how they advise their counterparts at organizations to proceed as a result of those lessons.
3 Ways Vendors Can Inspire Customer Trust Amid Breaches
As customers rely more on cloud storage and remote workforces, the probability of a breach increases.
Watch Out for These Cyber-Risks
It's difficult to predict what will materialize in the months ahead in terms of cyber-risks, which is why it's wise to review your organization's security posture now.
Ghost Users Haunt Healthcare Firms
Data security hygiene severely lacking among healthcare firms, new research shows.
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
The Cyber Kill Chain and MITRE ATT&CK are popular reference frameworks to analyze breaches, but amid the rise of XDR, we may need a new one.
In the Rush to Embrace Hybrid Cloud, Don't Forget About Security
Cloud service providers typically only secure the infrastructure itself, while customers are responsible for their data and application security.
Security Operations in the World We Live in Now
Despite the challenges of remote work, security operations teams can position themselves well for the future.
How Personally Identifiable Information Can Put Your Company at Risk
By being more mindful of how and where they share PII, employees will deprive cybercriminals of their most useful tool.
How to Protect Our Critical Infrastructure From Attack
Just how worried should we be about a cyber or physical attack on national infrastructure? Chris Price reports on how the pandemic, the growth of remote working, and IoT are putting assets at risk.
Data Protection Is a Group Effort
When every employee is well-versed in customer data privacy principles, the DPO knows the enterprise's sensitive data is in good hands.
Researchers Discover Two Dozen Malicious Chrome Extensions
Extensions are being used to serve up unwanted adds, steal data, and divert users to malicious sites, Cato Networks says.
On the Road to Good Cloud Security: Are We There Yet?
Misconfigured infrastructure is IT pros' top cloud security concern, but they're conflicted on how to address it in practice.
Beware the Package Typosquatting Supply Chain Attack
Attackers are mimicking the names of existing packages on public registries in hopes that users or developers will accidentally download these malicious packages instead of legitimate ones.
What CISOs Can Learn From Big Breaches: Focus on the Root Causes
Address these six technical root causes of breaches in order to keep your company safer.
COVID, Healthcare Data & the Dark Web: A Toxic Stew
The growing treasure trove of healthcare data is proving irresistible -- and profitable -- to bad actors.
7 Tips to Secure the Enterprise Against Tax Scams
Tax season is yet another opportunity for fraudsters to target your company. Here's how to keep everyone in the organization on their toes.
Can a Programming Language Reduce Vulnerabilities?
Rust offers a safer programming language, but adoption is still a problem despite recent signs of increasing popularity.
5 Steps for Investigating Phishing Attacks
Phishing is a common and effective cybercrime tool, but even the most sophisticated threat actors make mistakes that you can leverage in your investigations.
Hiding in Plain Sight: Protecting Enterprises from the 'New' Shadow IT
Three steps to fight this increasingly vexing problem.
Why Data Privacy Should Be on President Biden's Agenda for His First 100 Days
The new administration is in an excellent position to make significant progress on data privacy -- not just because it's needed, but also because it's time.
Intel: More Than 90% of Our Vulnerabilities Found via Research
Internal research and external bug-bounty programs combined to discover the vast majority of reported security issues in the company's software.
How SolarWinds Busted Up Our Assumptions About Code Signing
With so much automation in code writing process, results are rarely double-checked, which opens the door to vulnerabilities and downright danger.
4 Ways Health Centers Can Stop the Spread of Cyberattacks
Health centers must shift the perception of cyberattacks from potential risk to real threat in order to take the first step toward a safer, healthier security posture.
Why Cloud Security Risks Have Shifted to Identities and Entitlements
Traditional security tools focus on the network perimeter, leaving user and service accounts vulnerable to hackers.
|
Everything You Need to Know About DNS AttacksIt's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask.
Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted.
Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
