6 Small-Business Password Managers
10 Tips for Building Compliance by Design into Cloud Architecture
8 Holiday Security Tips for Retailers
4 Ways to Soothe a Stressed-Out Incident Response Team
8 Tips for More Secure Mobile Computing
News & Commentary
Symantec, McAfee Patch Privilege Escalation Bugs
Jai Vijayan, Contributing WriterNews
All versions of endpoint protection software from both vendors were susceptible to near identical issue, SafeBreach says.
By Jai Vijayan Contributing Writer, 11/14/2019
Comment0 comments  |  Read  |  Post a Comment
BSIMM10 Shows Industry Vertical Maturity
Sammy Migues, BSIMM Co-Author and Principal Scientist at SynopsysCommentary
The Building Security In Maturity Model is the only detailed measuring stick for software security initiatives, and it continues to evolve.
By Sammy Migues BSIMM Co-Author and Principal Scientist at Synopsys, 11/14/2019
Comment0 comments  |  Read  |  Post a Comment
Capture the Flag Planned to Find Missing Persons Information
Dark Reading Staff, Quick Hits
The competition, launched by SANS and Trace Labs, will put to use open source information in search of new clues.
By Dark Reading Staff , 11/14/2019
Comment0 comments  |  Read  |  Post a Comment
Attacks on Healthcare Jump 60% in 2019 - So Far
Robert Lemos, Contributing WriterNews
Well-known Trojans Emotet and Trickbot are cybercriminals' favorite weapons in their campaigns.
By Robert Lemos Contributing Writer, 11/14/2019
Comment0 comments  |  Read  |  Post a Comment
5 Cybersecurity CISO Priorities for the Future
Paul Shomo, Cybersecurity AnalystCommentary
Seven chief information security officers share their pain points and two-year spending plans.
By Paul Shomo Cybersecurity Analyst, 11/14/2019
Comment0 comments  |  Read  |  Post a Comment
US-CERT Warns of Remotely Exploitable Bugs in Medical Devices
Dark Reading Staff, Quick Hits
Vulnerabilities in key surgical equipment could be remotely exploited by a low-skill attacker.
By Dark Reading Staff , 11/14/2019
Comment0 comments  |  Read  |  Post a Comment
8 Backup & Recovery Questions to Ask Yourself
Sara Peters, Senior Editor at Dark Reading
Don't wait until after a disaster, DDoS, or ransomware attack to learn just how good your backups really are.
By Sara Peters Senior Editor at Dark Reading, 11/14/2019
Comment0 comments  |  Read  |  Post a Comment
How Does Your Cyber Resilience Measure Up?
Troy Mattern, Vice President for Product and Services Cybersecurity at Motorola SolutionsCommentary
The security measures companies take today may not be enough for tomorrow's cyber assault, but switching to a proactive, risk-based framework may better protect your organization.
By Troy Mattern Vice President for Product and Services Cybersecurity at Motorola Solutions, 11/14/2019
Comment0 comments  |  Read  |  Post a Comment
Self-Cleaning Payment Card-Skimmer Infects E-Commerce Sites
Jai Vijayan, Contributing WriterNews
'Pipka' JavaScript skimmer has infected at least 16 e-commerce websites so far, according to Visa's Payment Fraud Disruption Group.
By Jai Vijayan Contributing Writer, 11/13/2019
Comment0 comments  |  Read  |  Post a Comment
Well, Hello, Dolly!
Beyond the Edge, Dark Reading
Eight hours is certainly a start.
By Beyond the Edge Dark Reading, 11/13/2019
Comment0 comments  |  Read  |  Post a Comment
Cybersecurity: An Organizationwide Responsibility
Guy Bunker, CTO of ClearswiftCommentary
C-suite execs must set an example of good practices while also supporting the IT department with enough budget to protect the organization from next-generation cyberattacks.
By Guy Bunker CTO of Clearswift, 11/13/2019
Comment0 comments  |  Read  |  Post a Comment
The Ripple Effect of Data Breaches: How Damage Spreads
Kelly Sheridan, Staff Editor, Dark ReadingNews
The financial loss from so-called 'ripple events' is thirteen times greater than the cost of single-party security incidents.
By Kelly Sheridan Staff Editor, Dark Reading, 11/13/2019
Comment0 comments  |  Read  |  Post a Comment
2019 Trending as Worst Year on Record for Data Breaches
Dark Reading Staff, Quick Hits
New Risk Based Security report shows data breaches up 33.3% over last year so far.
By Dark Reading Staff , 11/13/2019
Comment0 comments  |  Read  |  Post a Comment
Breaches Are Inevitable, So Embrace the Chaos
Ariel Zeitlin, Chief Technology Officer & Co-Founder, GuardicoreCommentary
Avoid sinking security with principles of shipbuilding known since the 15th century.
By Ariel Zeitlin Chief Technology Officer & Co-Founder, Guardicore, 11/13/2019
Comment0 comments  |  Read  |  Post a Comment
Cardplanet Operator Extradited for Facilitating Credit Card Fraud
Dark Reading Staff, Quick Hits
Russian national Aleksei Burkov is charged with wire fraud, access device fraud, and conspiracy to commit identity theft, among other crimes.
By Dark Reading Staff , 11/13/2019
Comment0 comments  |  Read  |  Post a Comment
Unreasonable Security Best Practices vs. Good Risk Management
Jack Freund, Director, Risk Science at RiskLensCommentary
Perfection is impossible, and pretending otherwise just makes things worse. Instead, make risk-based decisions.
By Jack Freund Director, Risk Science at RiskLens, 11/13/2019
Comment1 Comment  |  Read  |  Post a Comment
While CISOs Fret, Business Leaders Tout Security Robustness
Jai Vijayan, Contributing WriterNews
A new Nominet survey shows a familiar disconnect between business and security teams on the matter of cyber preparedness.
By Jai Vijayan Contributing Writer, 11/12/2019
Comment0 comments  |  Read  |  Post a Comment
Companies Increasingly Fail Interim Security Test, But Gap Narrows
Robert Lemos, Contributing WriterNews
Stability of PCI DSS helps companies cope and create more mature security programs, but some parts of the Payment Card Industry's Data Secure Standard continue to cause headaches.
By Robert Lemos Contributing Writer, 11/12/2019
Comment0 comments  |  Read  |  Post a Comment
Microsoft Patches IE Zero-Day Among 74 Vulnerabilities
Kelly Sheridan, Staff Editor, Dark ReadingNews
The November Patch Tuesday update fixed 13 critical flaws, including a zero-day bug in Internet Explorer.
By Kelly Sheridan Staff Editor, Dark Reading, 11/12/2019
Comment0 comments  |  Read  |  Post a Comment
New DDoS Attacks Leverage TCP Amplification
Jai Vijayan, Contributing WriterNews
Attackers over the past month have been using a rarely seen approach to disrupt services at large organizations in several countries.
By Jai Vijayan Contributing Writer, 11/12/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by abbyross
Current Conversations

"Call the police! This pen tester is breaking into our computers!"

"Uh, you know you hired him to do a pen test, right? And he has a contract."

In reply to: Call the police!
Post Your Own Reply
Posted by blightsey3921
Current Conversations

I thought the "Knight in Shining Armor" was Tracie's latest office romance!

In reply to: office romance
Post Your Own Reply
Posted by TerryWilliams
Current Conversations

very useful information

In reply to: thanks
Post Your Own Reply
Posted by TannerJ
Current Conversations

Great article, and it highlights the importance of developing proactive practices.  For security to be comprehensive, it cannot be isolated to one segment of an organization.  Cybersecurity is the responsibility...

In reply to: Education is Vital
Post Your Own Reply
Posted by DBHonda
Current Conversations

I think Bob has taken "Roleplay as an attacker", to a all new high...

In reply to: Roleplay as an attacker
Post Your Own Reply
Posted by DouglasF354
Current Conversations

I dig that your article opens several different perspectives.

Just throwing some ideas out there:

  1. The sum of the points you reference could point toward a simpler conclusion: business executives/Board...
    In reply to: Many perspectives
    Post Your Own Reply
Posted by Brandnic Brand Names
Current Conversations

Thanks for sharing a great article. Indeed SSL is one the top factor for Google to acknowledge website credibility.

In reply to: Website
Post Your Own Reply
Posted by DouglasF354
Current Conversations

Numerous strong points. In particular, the balance between 'applying security controls' and 'insurance for impact costs'. The key questions that come to my mind are:

  1. How do we draw the (fuzzy) line between...
    In reply to: The fuzzy line between security and insurance
    Post Your Own Reply
Posted by Marc Wilczek
Current Conversations

The C-Suite doesn't have to be tech oriented in order to understand cyber-risks. It's one of the biggest misconceptions that cyber was an IT task. While I do agree that CxO briefings must be performed in a way that the...

In reply to: Re: But of course
Post Your Own Reply
Posted by REISEN1955
Current Conversations

The C-Suite is not technically oriented, never has, never wil be therefore Cyber has to make it's case in simple and easy terms unlike IT traditionally does.  Cyber does not hang off of IT, but it supports itl. ...

In reply to: But of course
Post Your Own Reply
Posted by HPERPER
Current Conversations

We heard about a white horse.  I think thats Frank's kid with a sheet over the family dog.

In reply to: Endpoint Protection Toon
Post Your Own Reply
Posted by Blaze007
Current Conversations

"IT told me that once they build a moat around my workstation, it'll finally get rid of this nasty Trojan."

In reply to: Name That Toon Caption
Post Your Own Reply
More Conversations
PR Newswire