Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Fighting Fileless Malware, Part 3: Mitigations
Chinese-Affiliated APT31 Cloned & Used NSA Hacking Tool
Augmenting SMB Defense Strategies With MITRE ATT&CK: A Primer
How to Submit a Column to Dark Reading
News & Commentary
Policy Group Calls for Public-Private Cyber-Defense Program
Robert Lemos, Contributing WriterNews
The proposed National Cyber Response Network would link federal agencies, companies, and local governments, allowing collaboration during a cyberattack.
By Robert Lemos Contributing Writer, 3/2/2021
Comment0 comments  |  Read  |  Post a Comment
Microsoft Ignite Brings Security & Compliance Updates
Kelly Sheridan, Staff Editor, Dark ReadingNews
Microsoft announces support for data loss prevention in Google Chrome, co-authoring of protected files, and more at Ignite 2021.
By Kelly Sheridan Staff Editor, Dark Reading, 3/2/2021
Comment0 comments  |  Read  |  Post a Comment
'ObliqueRAT' Now Hides Behind Images on Compromised Websites
Jai Vijayan, Contributing WriterNews
'Transparent Tribe' has switched its tactics for distributing the remote access Trojan, researchers found.
By Jai Vijayan Contributing Writer, 3/2/2021
Comment0 comments  |  Read  |  Post a Comment
Microsoft Fixes Exchange Server Zero-Days Exploited in Active Attacks
Kelly Sheridan, Staff Editor, Dark ReadingNews
Microsoft fixes multiple Exchange Server vulnerabilities being weaponized in attacks from a group it believes operates out of China.
By Kelly Sheridan Staff Editor, Dark Reading, 3/2/2021
Comment0 comments  |  Read  |  Post a Comment
Thycotic and Centrify to Merge In $1.4B Deal
Dark Reading Staff, Quick Hits
TPG Capital will combine privileged access management providers into one company.
By Dark Reading Staff , 3/2/2021
Comment0 comments  |  Read  |  Post a Comment
Google Partners With Insurers to Create Risk Protection Program
Dark Reading Staff, Quick Hits
Google Cloud, Allianz, and Munich Re teamed up to build a program that aims to reduce risk and potentially cut costs for customers.
By Dark Reading Staff , 3/2/2021
Comment0 comments  |  Read  |  Post a Comment
4 Ways Health Centers Can Stop the Spread of Cyberattacks
Dr. Rolf Lindemann, Vice President, Products at Nok Nok LabsCommentary
Health centers must shift the perception of cyberattacks from potential risk to real threat in order to take the first step toward a safer, healthier security posture.
By Dr. Rolf Lindemann Vice President, Products at Nok Nok Labs, 3/2/2021
Comment0 comments  |  Read  |  Post a Comment
Name That Edge Toon: In Hot Water
John Klossner, Cartoonist
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
By John Klossner Cartoonist, 3/2/2021
Comment1 Comment  |  Read  |  Post a Comment
Why Cloud Security Risks Have Shifted to Identities and Entitlements
Shai Morag, CEO of ErmeticCommentary
Traditional security tools focus on the network perimeter, leaving user and service accounts vulnerable to hackers.
By Shai Morag CEO of Ermetic, 3/2/2021
Comment0 comments  |  Read  |  Post a Comment
Attacker Expands Use of Malicious SEO Techniques to Distribute Malware
Jai Vijayan, Contributing WriterNews
The operators of REvil and Gootkit have begun using a tried and tested technique to distribute additional malware, Sophos says.
By Jai Vijayan Contributing Writer, 3/2/2021
Comment0 comments  |  Read  |  Post a Comment
New Jailbreak Tool Works on Most iPhones
Dark Reading Staff, Quick Hits
The Unc0ver team has released a tool that works on iOS 11 and later, and exploits a vulnerability that was recently under attack.
By Dark Reading Staff , 3/1/2021
Comment0 comments  |  Read  |  Post a Comment
Universal Health Services Suffered $67 Million Loss Due to Ransomware Attack
Dark Reading Staff, Quick Hits
Earnings report points to diversion of care during incident for financial loss.
By Dark Reading Staff , 3/1/2021
Comment0 comments  |  Read  |  Post a Comment
MSP Provider Builds Red Team as Attackers Target Industry
Robert Lemos, Contributing WriterNews
NinjaRMM, which provides tools for managed service providers, aims to create a red team capability following years of attacks against MSPs.
By Robert Lemos Contributing Writer, 3/1/2021
Comment0 comments  |  Read  |  Post a Comment
Cybercrime 'Help Wanted': Job Hunting on the Dark Web
Joan Goodchild, Contributing Writer
How's your 'Probiv'? How about customer service? Here's how Dark Web forums connect cybercriminals looking for talent with those looking for work -- and which skills are hot right now.
By Joan Goodchild Contributing Writer, 3/1/2021
Comment0 comments  |  Read  |  Post a Comment
Building a Next-Generation SOC Starts With Holistic Operations
Moti Gindi, Corporate Vice President, Microsoft Defender Advanced Threat ProtectionCommentary
The proper template for a modernized SOC team is one that operates seamlessly across domains with a singular, end-to-end view.
By Moti Gindi Corporate Vice President, Microsoft Defender Advanced Threat Protection, 3/1/2021
Comment0 comments  |  Read  |  Post a Comment
NSA Releases Guidance on Zero-Trust Architecture
Dark Reading Staff, Quick Hits
A new document provides guidance for businesses planning to implement a zero-trust system management strategy.
By Dark Reading Staff , 2/26/2021
Comment0 comments  |  Read  |  Post a Comment
'Nerd' Humor
Edge Editors, Dark Reading
Some jokes never get old.
By Edge Editors Dark Reading, 2/26/2021
Comment0 comments  |  Read  |  Post a Comment
The Edge Pro Tip: Fasten Your Seatbelts
Edge Editors, Dark Reading
An unprecedented 2020 has shaken up security leaders' usual list of must-have technologies for 2021. Where do they plan to spend next?
By Edge Editors Dark Reading, 2/26/2021
Comment0 comments  |  Read  |  Post a Comment
Securing Super Bowl LV
Sara Peters, Senior Editor at Dark Reading
A peek at open XDR technology and defense that held up better than the Kansas City Chiefs.
By Sara Peters Senior Editor at Dark Reading, 2/26/2021
Comment0 comments  |  Read  |  Post a Comment
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing WriterNews
While access to compromised systems has become an increasingly common service, some cybercriminals are going straight to the source: buying code bases and then updating the application with malicious code.
By Robert Lemos Contributing Writer, 2/26/2021
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Security Now Joins Dark Reading

Find out more about the combination of two of the industry's leading cybersecurity news sites.

Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
How's your 'Probiv'? How about customer service? Here's how Dark Web forums connect cybercriminals looking for talent with those looking for work -- and which skills are hot right now.
A peek at open XDR technology and defense that held up better than the Kansas City Chiefs.
Register for Dark Reading Newsletters
Cartoon Contest
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-26854
PUBLISHED: 2021-03-03
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
CVE-2021-26855
PUBLISHED: 2021-03-03
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
CVE-2021-26857
PUBLISHED: 2021-03-03
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
CVE-2021-26858
PUBLISHED: 2021-03-03
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-27065, CVE-2021-27078.
CVE-2021-27065
PUBLISHED: 2021-03-03
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27078.
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Flash Poll
Video
Slideshows
Twitter Feed