Risk

Standards need to reflect that most endpoints will be remote and/or wireless.

The ancient Chinese military strategist Sun Tzu would agree: The best defense is to avoid an attack in the first place.

There is currently no specific time frame during which banks must report to federal regulators that a security incident had occurred. A new notification rules changes that to 36 hours.

Security leaders can be treated as partners supporting the business and share accountability by establishing relationships with business stakeholders.

Personal data, including Social Security numbers, of more than 100K employees exposed.

The danger of anyone being able to spin up new applications is that few are thinking about security. Here's why everyone is responsible for the security of low-code/no-code applications.

The United States, United Kingdom, and Australia warn attacks from groups linked to Iran are on the rise, while the Iranian government blames the US and Israel for an attack on gas pumps.

Machine learning delivers plenty of benefits. But as the emerging technology gets applied more broadly, be careful about how you handle all the data used in the process.

Other threats to enterprise data include cybercriminals, authorized users, foreign governments, and application vulnerabilities, according to Dark Reading's recent Strategic Security Report.

The popular Trojan has re-emerged on the scene several months after the botnet infrastructure behind it was disrupted by law enforcement.

Crypto-mixer services are set to grow as ransomware and other cybercriminal enterprises increasingly lean into cryptocurrency, new research shows.

A wave of phony emails from an FBI mail server originated from an issue with the agency's Law Enforcement Enterprise Portal.

Renowned hardware security expert raises alarm on the risk and dangers of cyberattackers targeting the current time-synchronization infrastructure.

Enterprises are more dependent than ever on open source software and need to manage the risk posed by vulnerabilities in components and third-party vendors.

The Dependency Combobulator is an open source Python-based toolkit that helps developers discover malicious software components that may have accidentally been added to their projects.