informa

Attacks/Breaches

Paving the Road to Zero Trust With Adaptive Authentication
A gradual transition to a world beyond passwords predisposes zero-trust projects to success.
November 29, 2021
A gradual transition to a world beyond passwords predisposes zero-trust projects to success.
by Eric Olden, CEO, Strata Identity
November 29, 2021
4 min read
Article
How Threat Actors Get Into OT Systems
The convergence and integration of OT and IT has resulted in a growing number of cyber-risks for critical infrastructure. Here are some of the ways attackers are targeting operational technology systems.
November 24, 2021
The convergence and integration of OT and IT has resulted in a growing number of cyber-risks for critical infrastructure. Here are some of the ways attackers are targeting operational technology systems.
by Donovan Tindill, senior cybersecurity strategist, Honeywell
November 24, 2021
5 min read
Article
New Android Spyware Variants Linked to Middle Eastern APT
The new variants, improved for stealth and persistence, share code with other malware samples attributed to the C-23 APT.
November 23, 2021
The new variants, improved for stealth and persistence, share code with other malware samples attributed to the C-23 APT.
by Dark Reading Staff, Dark Reading
November 23, 2021
2 min read
Article
Apple Sues NSO Group for Spyware Use
The company seeks to hold Israeli firm NSO Group liable for the targeting of Apple users and requests a permanent injunction to ban its use of Apple products and services.
November 23, 2021
The company seeks to hold Israeli firm NSO Group liable for the targeting of Apple users and requests a permanent injunction to ban its use of Apple products and services.
by Kelly Sheridan, Senior Editor
November 23, 2021
4 min read
Article
Holiday Scams Drive SMS Phishing Attacks
Attackers typically target consumers with malicious text messages containing obfuscated links, but experts say businesses are threatened as well.
November 23, 2021
Attackers typically target consumers with malicious text messages containing obfuscated links, but experts say businesses are threatened as well.
by Robert Lemos, Contributing Writer
November 23, 2021
4 min read
Article
Darktrace's Max Heinemeyer on Interrupting Ransomware Before Encryption
The latest episode of Tech Talk outlines how organizations can interrupt malicious activity before files get encrypted.
November 23, 2021
The latest episode of Tech Talk outlines how organizations can interrupt malicious activity before files get encrypted.
by Dark Reading Staff, Dark Reading
November 23, 2021
2 min read
Article
How Sun Tzu's Wisdom Can Rewrite the Rules of Cybersecurity
The ancient Chinese military strategist Sun Tzu would agree: The best defense is to avoid an attack in the first place.
November 23, 2021
The ancient Chinese military strategist Sun Tzu would agree: The best defense is to avoid an attack in the first place.
by Gregory R. Simpson, Former CTO of GE and Former CTO of Synchrony Financial
November 23, 2021
4 min read
Article
Don't Help Cybercriminals Dash With Your Customers' Cash This Black Friday
Each security step, no matter how small, can have great impact in detecting and deterring cyber theft.
November 23, 2021
Each security step, no matter how small, can have great impact in detecting and deterring cyber theft.
by Ali Neil, Director of International Security Solutions, Verizon Business
November 23, 2021
5 min read
Article
GoDaddy Breach Exposes SSL Keys of Managed WordPress Hosting Customers
The incident, which affected 1.2 million users, raises concerns about domain impersonation attacks and other malicious activities.
November 22, 2021
The incident, which affected 1.2 million users, raises concerns about domain impersonation attacks and other malicious activities.
by Jai Vijayan, Contributing Writer
November 22, 2021
4 min read
Article
Why the 'Basement Hacker' Stereotype Is Wrong — and Dangerous
It engenders a false sense of superiority that spurs complacency among risk managers and executives, who in turn may underinvest in security teams, rely too much on automation, or both.
November 22, 2021
It engenders a false sense of superiority that spurs complacency among risk managers and executives, who in turn may underinvest in security teams, rely too much on automation, or both.
by Micah Babinski, Security Analyst for AAA Oregon/Idaho
November 22, 2021
5 min read
Article
US Banks Will Be Required to Report Cyberattacks Within 36 Hours
There is currently no specific time frame during which banks must report to federal regulators that a security incident had occurred. A new notification rules changes that to 36 hours.
November 19, 2021
There is currently no specific time frame during which banks must report to federal regulators that a security incident had occurred. A new notification rules changes that to 36 hours.
by Dark Reading Staff, Dark Reading
November 19, 2021
3 min read
Article
Zero Trust: An Answer to the Ransomware Menace?
Zero trust isn't a silver bullet, but if implemented well it can help create a much more robust security defense.
November 19, 2021
Zero trust isn't a silver bullet, but if implemented well it can help create a much more robust security defense.
by Steve Durbin, CEO of the Information Security Forum
November 19, 2021
5 min read
Article
US Indicts Iranian Nationals for Cyber-Enabled Election Interference
Among other things, the pair pretended to be Proud Boys volunteers and sent in a fake video and emails to Republican lawmakers purporting to show Democratic Party attempts to subvert the 2020 presidential elections.
November 19, 2021
Among other things, the pair pretended to be Proud Boys volunteers and sent in a fake video and emails to Republican lawmakers purporting to show Democratic Party attempts to subvert the 2020 presidential elections.
by Jai Vijayan, Contributing Writer
November 19, 2021
4 min read
Article
Search CT Logs for Misconfigured SSL Certificates
Security defenders can run these queries against Certificate Transparency logs to identify misconfigured SSL certificates before they can be used by adversaries to map out attacks.
November 19, 2021
Security defenders can run these queries against Certificate Transparency logs to identify misconfigured SSL certificates before they can be used by adversaries to map out attacks.
by Dark Reading Staff, Dark Reading
November 19, 2021
3 min read
Article
Microsoft Exchange Server Flaws Now Exploited for BEC Attacks
Attackers also are deploying ProxyShell and abusing the vulnerabilities in stealthier manner, researchers say.
November 18, 2021
Attackers also are deploying ProxyShell and abusing the vulnerabilities in stealthier manner, researchers say.
by Jai Vijayan, Contributing Writer
November 18, 2021
5 min read
Article