Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
To Navigate a Sea of Cybersecurity Solutions, Learn How to Fish
Three steps for relieving the pressure of picking the right tools.
Bug Bounties Continue to Rise, but Market Has Its Own 1% Problem
The average payout for a critical vulnerability has almost reached $3,400, but only the top bug hunters of a field of 500,000 are truly profiting.
Unsecured IoT: 8 Ways Hackers Exploit Firmware Vulnerabilities
As new Internet of Things products enter the market, speed shouldn't trump concerns about security.
6 Ways Airlines and Hotels Can Keep Their Networks Secure
As recent news can attest, travel and hospitality companies are prime targets for cybercriminals. Here are six privacy and security tips that can help lock down privacy and security.
Cryptography & the Hype Over Quantum Computing
It's not time to move to post-quantum cryptography yet -- too many things are still up in the air. But you can start to become prepared by making sure your infrastructure is agile.
Capital One Breach: What Security Teams Can Do Now
Knowing the methods of the attacker, as laid out in the federal indictment, allow us to prevent similar attacks.
5 Identity Challenges Facing Today’s IT Teams
To take control over your company's security, identify and understand the biggest identity and access management challenges facing IT teams today and start addressing them.
Who Gets Privileged Access & How to Enforce It
Let's begin by re-evaluating IT infrastructures to determine who has access to what, why, and when.
5 Ways to Improve the Patching Process
So many software vulnerabilities, so little time. But failure to patch them can have serious consequences. Here's help for overwhelmed security teams.
New Research Finds More Struts Vulnerabilities
Despite aggressive updating and patching, many organizations are still using versions of Apache Struts with known -- and new -- vulnerabilities.
The Flaw in Vulnerability Management: It's Time to Get Real
Companies will never be 100% immune to cyberattacks. But by having a realistic view of the basics, starting with endpoint vulnerabilities, we can build for a safer future.
The Mainframe Is Seeing a Resurgence. Is Security Keeping Pace?
The old-school technology is experiencing new popularity, but too many people assume mainframes are inherently secure.
7 Biggest Cloud Security Blind Spots
Cloud computing boon is for innovation, yet security organizations find themselves running into obstacles.
Why Companies Fail to Learn from Peers' Mistakes (and How They Can Change)
Far too often, there's a new breach in the headlines. Companies need to start learning some obvious lessons.
Microservices Flip App Security on Its Head
With faster application deployment comes increased security considerations.
The California Consumer Privacy Act's Hidden Surprise Has Big Legal Consequences
The CCPA's provision devoted to 'reasonable' cybersecurity procedures and policies could trip up your business. Get ready now.
History Doesn't Repeat Itself in Cyberspace
The 10th anniversary of the US Cyber Command is an opportunity to prepare for unknowns in the rapidly changing cybersecurity landscape.
Security Flaws Discovered in 40 Microsoft-Certified Device Drivers
Attackers can use vulnerable drivers to escalate privilege and execute malicious code in every part of the system.
More Focus on Security as Payment Technologies Proliferate
Banks and merchants are expanding their payment offerings but continue to be wary of the potential fraud risk.
6 Security Considerations for Wrangling IoT
The Internet of Things isn't going away, so it's important to be aware of the technology's potential pitfalls.
Significant Vulnerabilities Found in 6 Common Printer Brands
In a half-year project, two researchers tested six of the top enterprise printer brands and found vulnerabilities in every device, some of which allow remote execution.
Enterprises Must Be Wary of Ransomware Targeting Network File Shares & Cloud Assets
New research shows that criminals are evolving ransomware attacks against servers, network hosts, and IaaS cloud assets in search of bigger payoffs from businesses.
New Speculative Execution Vulnerability Gives CISOs a New Reason to Lose Sleep
The vulnerability, dubbed SWAPGS, is an undetectable threat to data security, similar in some respects to Spectre and Meltdown.
US Air Force Bug Bounty Program Nets 54 Flaws for $123,000
The Air Force brought together 50 vetted hackers to find the vulnerabilities in the latest bug-bounty program hosted by a branch of the US military.
When Perceived Cybersecurity Risk Outweighs Reality
Teams need to manage perceived risks so they can focus on fighting the real fires.
Fighting Back Against Mobile Fraudsters
The first step toward identifying and preventing mobile fraud threats is acknowledging that mobile security requires a unique solution.
Demystifying New FIDO Standards & Innovations
Staying on top of the latest cybersecurity risks and preferred attack methods can feel impossible, but standards like FIDO2 are designed to help relieve the burden.
|
Everything You Need to Know About DNS AttacksIt's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask.
Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted.
Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
