Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Why Sharing Intelligence Makes Everyone Safer
Security teams must expand strategies to go beyond simply identifying details tied to a specific threat to include context and information about attack methodologies.
Redefining Security with Blockchain
Blockchain offers a proactive approach to secure a new generation of digital platforms and services for both enterprises and individuals.
Russia, Facebook & Cybersecurity: Combating Weaponized FUD in the Social Media Age
It's up to everyone -- users, security pros, government -- to be critical about the online information we encounter.
Cynicism in Cybersecurity: Confessions of a Recovering Cynic
Anyone constantly dealing with complex computer systems teetering on the brink of disaster will likely succumb to the cult of cynicism. These four strategies will help you focus on the positive.
Today! 'Why Cybercriminals Attack,' A Dark Reading Virtual Event
Wednesday, June 27, this all-day event starting at 11 a.m. ET, will help you decide who and what you really need to defend against, and how to do it more effectively.
Securing Serverless Apps: 3 Critical Tasks in 3 Days
Serverless workloads in the cloud can be as secure as traditional applications with the right processes and tools. The key: start small, scale as your application scales, and involve everyone.
Secure by Default Is Not What You Think
The traditional view of secure by default — which has largely been secure out of the box — is too narrow. To broaden your view, consider these three parameters.
Secure Code: You Are the Solution to Open Source’s Biggest Problem
Seventy-eight percent of open source codebases examined in a recent study contain at least one unpatched vulnerability, with an average of 64 known vulnerabilities per codebase.
White House Email Security Faux Pas?
The Executive Office of the President isn't complying with the DMARC protocol, but that has fewer implications than some headlines would suggest.
Templates: The Most Powerful (And Underrated) Infrastructure Security Tool
If your team is manually building cloud instances and networks for every application, you're setting yourself up for a data breach.
AppSec in the World of 'Serverless'
The term 'application security' still applies to 'serverless' technology, but the line where application settings start and infrastructure ends is blurring.
Inside a SamSam Ransomware Attack
Here's how hackers use network tools and stolen identities to turn a device-level compromise into an enterprise-level takedown.
Improving the Adoption of Security Automation
Four barriers to automation and how to overcome them.
How to Prepare for 'WannaCry 2.0'
It seems inevitable that a more-powerful follow-up to last year's malware attack will hit sooner or later. You'd better get prepared.
5 Tips for Integrating Security Best Practices into Your Cloud Strategy
Do 'cloud-first' strategies create a security-second mindset?
3 Tips for Driving User Buy-in to Security Policies
Teaching users why it's important to commit to security controls is a far more effective strategy than simply demanding that they follow them. Here's how.
Modern Cybersecurity Demands a Different Corporate Mindset
Very few organizations have fully incorporated all relevant risks and threats into their current digital strategy, research finds.
Four Faces of Fraud: Identity, 'Fake' Identity, Ransomware & Digital
Realizing the wide scope of fraud should be at the top of every business executive's to-do list. Here's some practical advice to help you stay safe.
Meet 'Bro': The Best-Kept Secret of Network Security
This often overlooked open source tool uses deep packet inspection to transform network traffic into exceptionally useful, real-time data for security operations.
LeBron vs. Steph: The NBA Version of Cyber Defense vs. Cyberattacks
It takes an aggressive, swarming approach to overcome the most dangerous threats today.
Why CISOs Need a Security Reality Check
We deserve a seat at the executive table, and we'll be much better at our jobs once we take it.
'Shift Left' & the Connected Car
How improving application security in the automotive industry can shorten product development time, reduce costs, and save lives.
Weaponizing IPv6 to Bypass IPv4 Security
Just because you're not yet using IPv6 doesn't mean you're safe from the protocol's attack vectors.
6 Ways Greed Has a Negative Effect on Cybersecurity
How the security industry can both make money and stay true to its core values, and why that matters.
Threat Landscape: Dark Reading Caption Contest Winners
Insider threats -- desktop attacks, security awareness, caffeine -- all worthy contenders in our cartoon caption competition. And the winners are ...
Side-Channel Attacks & the Importance of Hardware-Based Security
Reliably evaluating the security of modern infrastructure requires a solid understanding of the hardware supporting it.
In Pursuit of Cryptography's Holy Grail
Homomorphic encryption eliminates the need for data exposure at any point — something that certainly would be welcome these days.
DOD Looks to the Cloud for Browser Security
The US Department of Defense just published its cloud browser strategy. What's yours?
'Strutting' Past the Equifax Breach: Lessons Learned
In hindsight, there were two likely causes for last year's massive breach: the decision to use Apache Struts, and a failure to patch in a timely fashion. Both are still a recipe for disaster.
'EFAIL' Is Why We Can’t Have Golden Keys
A deep dive into the issues surrounding an HTML email attack.
I, for One, Welcome Our Robotic Security Overlords
Automation will come in more subtle ways than C-3PO — and it's transforming cybersecurity.
Building a Safe, Efficient, Cost-Effective Security Infrastructure
The Industrial Internet of Things allows organizations to address both physical and digital security concerns.
Cybercrime Is Skyrocketing as the World Goes Digital
If cybercrime were a country, it would have the 13th highest GDP in the world.
|
Everything You Need to Know About DNS AttacksIt's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask.
Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted.
Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
