Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Why Automation Will Free Security Pros to Do What They Do Best
There are three reasons today's security talent pool is neither scalable nor effective in addressing the rapid evolution of cyberattacks.
Lessons From the Black Hat USA NOC
The conference's temporary network operations center provides a snapshot of what is possible when a variety of professionals work together.
4 Benefits of a World with Less Privacy
The privacy issue is a problem for a lot of people. I see it differently.
How One Company’s Cybersecurity Problem Becomes Another's Fraud Problem
The solution: When security teams see something in cyberspace, they need to say something.
Why Security Needs a Software-Defined Perimeter
Most security teams today still don't know whether a user at the end of a remote connection is a hacker, spy, fraudster -- or even a dog. An SDP can change that.
WhatsApp: Mobile Phishing's Newest Attack Target
In 2018, mobile communication platforms such as WhatsApp, Skype, and SMS have far less protection against app-based phishing than email.
How Can We Improve the Conversation Among Blue Teams?
Dark Reading seeks new ways to bring defenders together to share information and best practices
The Difference Between Sandboxing, Honeypots & Security Deception
A deep dive into the unique requirements and ideal use cases of three important prevention and analysis technologies.
A False Sense of Security
Emerging threats over the next two years stem from biometrics, regulations, and insiders.
The GDPR Ripple Effect
Will we ever see a truly global data security and privacy mandate?
Embedding Security into the DevOps Toolchain
Security teams need to let go of the traditional security stack, stop fighting DevOps teams, and instead jump in right beside them.
The Votes Are In: Election Security Matters
Three ways to make sure that Election Day tallies are true.
How to Gauge the Effectiveness of Security Awareness Programs
If you spend $10,000 on an awareness program and expect it to completely stop tens of millions of dollars in losses, you are a fool. If $10,000 prevents $100,000 in loss, that's a 10-fold ROI.
Proving ROI: How a Security Road Map Can Sway the C-Suite
When executives are constantly trying to cut the fat, CISOs need to develop a flexible structure to improve baseline assessments and target goals, tactics, and capabilities. Here's how.
Data Privacy Careers Are Helping to Close the IT Gender Gap
There are three main reasons why the field has been more welcoming for women. Can other tech areas step up?
Make a Wish: Dark Reading Caption Contest Winners
Certification, endpoint security, 2FA, phishing, and PII were among the themes and puns offered by readers in our latest cartoon caption competition. And the winners are ...
The 5 Challenges of Detecting Fileless Malware Attacks
Simply applying file-based tools and expectations to fileless attacks is a losing strategy. Security teams must also understand the underlying distinctions between the two.
Overcoming 'Security as a Silo' with Orchestration and Automation
When teams work in silos, the result is friction and miscommunication. Automation changes that.
Open Source Software Poses a Real Security Threat
It's true that open source software has many benefits, but it also has weak points. These four practical steps can help your company stay safer.
Equifax Avoided Fines, but What If ...?
Let's imagine the consequences the company would have faced if current laws had been on the books earlier.
The Data Security Landscape Is Shifting: Is Your Company Prepared?
New ways to steal your data (and profits) keep cropping up. These best practices can help keep your organization safer.
The Enigma of AI & Cybersecurity
We've only seen the beginning of what artificial intelligence can do for information security.
Oh, No, Not Another Security Product
Let's face it: There are too many proprietary software options. Addressing the problem will require a radical shift in focus.
Breaking Down the PROPagate Code Injection Attack
What makes PROPagate unique is that it uses Windows APIs to take advantage of the way Windows subclasses its window events.
Shadow IT: Every Company's 3 Hidden Security Risks
Companies can squash the proliferation of shadow IT if they listen to employees, create transparent guidelines, and encourage an open discussion about the balance between security and productivity.
IT Managers: Are You Keeping Up with Social-Engineering Attacks?
Increasingly sophisticated threats require a mix of people, processes, and technology safeguards.
4 Reasons Why Companies Are Failing at Incident Response
When it comes to containing the business impacts of a security breach, proper planning is often the difference between success and failure.
Power Grid Security: How Safe Are We?
Experiencing a power outage? It could have been caused by a hacker … or just a squirrel chewing through some equipment. And that's a problem.
How GDPR Could Turn Privileged Insiders into Bribery Targets
Regulatory penalties that exceed the cost of an extortion payout may lead to a new form of ransomware. These four steps can keep you from falling into that trap.
How AI Could Become the Firewall of 2003
An over-reliance on artificial intelligence and machine learning for the wrong uses will create unnecessary risks.
5 Steps to Fight Unauthorized Cryptomining
This compromise feels like a mere annoyance, but it can open the door to real trouble.
|
Everything You Need to Know About DNS AttacksIt's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask.
Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted.
Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
