Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Healthcare Targeted By More Attacks But Less Sophistication
An increase in attacks targeting healthcare organizations suggests that perhaps new cybercriminals are getting into the game.
Things Keeping CISOs Up at Night During the COVID-19 Pandemic
Insights from discussions with more than 20 CISOs, CEOs, CTOs, and security leaders.
The Rise of Deepfakes and What That Means for Identity Fraud
Convincing deepfakes are a real concern, but there are ways of fighting back.
7 Fraud Predictions in the Wake of the Coronavirus
It's theme and variations in the fraud world, and fraudsters love -- and thrive -- during chaos and confusion
Phishers Start to Exploit Oil Industry Amid COVID-19 Woes
While a massive flood of attacks has yet to materialize, cybersecurity experts say this could be the calm before the storm.
4 Ways to Get to Defensive When Faced by an Advanced Attack
To hold your own against nation-state-grade attacks, you must think and act differently.
Continued Use of Python 2 Will Heighten Security Risks
With support for the programming language no longer available, organizations should port to Python 3, security researches say.
Top 10 Cyber Incident Response Mistakes and How to Avoid Them
From lack of planning to rushing the closure of incidents, these mistakes seriously harm IR effectiveness.
Cloud Services Are the New Critical Infrastructure. Can We Rely on Them?
If cloud services vendors successfully asked themselves these three questions, we'd all be better off.
The Evolving Threat of Credential Stuffing
Bots' swerve to focus on APIs means businesses must take the threat seriously and take effective action.
11 Tips for Protecting Active Directory While Working from Home
To improve the security of your corporate's network, protect the remote use of AD credentials.
Making the Case for Process Documentation in Cyber Threat Intel
Standard language and processes, not to mention more efficient dissemination of findings and alerts all make documenting your security processes a must
7 Steps to Avoid the Top Cloud Access Risks
Securing identities and data in the cloud is challenging, but a least-privilege access approach helps.
'Look for the Helpers' to Securely Enable the Remote Workforce
CISOs and CIOs, you are our helpers. As you take action to reassure your company, your confidence is our confidence.
5 Things Ransomware Taught Me About Responding in a Crisis
What happened in Atlanta is worth studying because it was one of the earliest cases of a major city ransomware attacks and because it came out the other side stronger and more resilient.
Man-in-the-Middle Attacks: A Growing but Preventable Mobile Threat
Hackers are upping their game, especially as they target mobile devices.
Cybersecurity Prep for the 2020s
The more things change, the more they stay the same. Much of the world is still behind on the basics.
Patch-a-Palooza: More Than 560 Flaws Fixed in a Single Day
Software vendors keep pushing patches to the same Tuesday once a month, or once a quarter, and the result can be overwhelming. Six enterprise software makers issued patches for 567 issues in April.
You're One Misconfiguration Away from a Cloud-Based Data Breach
Don't assume that cyberattacks are all you have to worry about. Misconfigurations should also be a top cause of concern.
7 Ways COVID-19 Has Changed Our Online Lives
The pandemic has driven more of our personal and work lives online – and for the bad guys, business is booming. Here's how you can protect yourself.
Cybercrime May Be the World's Third-Largest Economy by 2021
The underground economy is undergoing an industrialization wave and booming like never before.
No STEM, No Problem: How to Close the Security Workforce Gap
Those who work well with others, learn quickly, and possess a proactive mindset toward the work can make great employees, even if their backgrounds aren't rooted in cybersecurity.
Medical Devices on the IoT Put Lives at Risk
Device security must become as important a product design feature as safety and efficacy.
Prioritizing High-Risk Assets: A 4-Step Approach to Mitigating Insider Threats
Sound insider threat detection programs combine contextual data and a thorough knowledge of employee roles and behaviors to pinpoint the biggest risks.
Best Practices to Manage Third-Party Cyber-Risk Today
Bold new thinking is needed to solve the rapidly evolving challenge of third-party risk management.
Why All Employees Are Responsible for Company Cybersecurity
It's not just the IT and security team's responsibility to keep data safe -- every member of the team needs to be involved.
Active Directory Attacks Hit the Mainstream
Understanding the limitations of authentication protocols, especially as enterprises link authentication to cloud services to Active Directory, is essential for security teams in the modern federated enterprise.
|
Everything You Need to Know About DNS AttacksIt's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask.
Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted.
Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
