Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
7 New Rules For IoT Safety & Vuln Disclosure
In the Internet of Things, even the lowliest smart device can be used for a malicious purpose. Manufacturers take heed!
Biometric Skimmers Pose Emerging Threat To ATMs
Even as financial institutions move to shore up ATM security with biometric mechanisms, cybercrooks are busy figuring out ways to beat them.
National Health ISAC Calls For Collaborative Vuln Disclosure
St. Jude Medical to host upcoming workshop on medical device info sharing, convened by NH-ISAC and medical device security consortium.
Uber, Dropbox, Other Tech Leaders Team Up To Boost Vendor Security
Tech companies - including Uber, Dropbox, Twitter, and Docker - have joined forces to create the Vendor Security Alliance, which aims to vet vendor security practices.
Data Loss Risks Rise In The Age Of Collaboration
Most organizations believe they have lost sensitive information due to external file sharing and third-party collaboration.
Portrait Of A Bug Bounty Hacker
Bounty programs attract young, self-taught hackers who primarily depend on it as a lucrative side gig.
PCI Security Update Targets PIN System Vendors
New requirements cover physical and logical security controls.
Crimeware-as-a-Service Hack Turns Potential Hackers Into Victims
Cybercriminals are using Google Docs to host a new Facebook scamming tool, which is designed to steal credentials from potential hackers who try to access other users' accounts.
The Shifting Mindset Of Financial Services CSOs
They’re getting more realistic and developing strategies to close security gaps.
Network Management Systems Vulnerable To SNMP Attacks
Products from many vendors vulnerable to XSS attacks because of basic input validation errors, Rapid7 says in report.
Cryptographic Key Reuse Remains Widespread In Embedded Products
Nine months after SEC Consult warned about the reuse of private keys and certificates in routers, modems, other products, problem has grown worse.
8 Security Categories Healthcare Providers Need to Improve On
A new survey by HIMSS finds that many providers don’t even cover the basics of IT security.
Yelp Offers Up To $15K Per Bug Via New Bounty Program
Reviews site building off previous success with private bug bounty program to launch new public program.
Apple Issues Patches To Fix ‘Trident’ Flaws In OS X El Capitan, Yosemite
Same zero-day flaws had been patched earlier in iOS as well
|
Everything You Need to Know About DNS AttacksIt's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask.
Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted.
Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
