informa

Vulnerabilities/Threats

When Patching Security Flaws, Smarter Trumps Faster
Just turning the patch dial to "high" is not enough, and if your company is using the Common Vulnerability Scoring System (CVSS) to prioritize software patching, you are doing it wrong.
January 19, 2022
Just turning the patch dial to "high" is not enough, and if your company is using the Common Vulnerability Scoring System (CVSS) to prioritize software patching, you are doing it wrong.
by Robert Lemos, Contributing Writer
January 19, 2022
4 min read
Article
Preparing for the Next Cybersecurity Epidemic: Deepfakes
Using blockchain, multifactor authentication, or signatures can help boost authentication security and reduce fraud.
January 19, 2022
Using blockchain, multifactor authentication, or signatures can help boost authentication security and reduce fraud.
by Elaine Lee, Principal Data Scientist, Cybergraph team, Mimecast
January 19, 2022
4 min read
Article
Microsoft Details Recent Damaging Malware Attacks on Ukrainian Organizations
"WhisperGate" malware was used to overwrite Master Boot Record and other files to render systems inoperable at several organizations in Ukraine, Microsoft says.
January 18, 2022
"WhisperGate" malware was used to overwrite Master Boot Record and other files to render systems inoperable at several organizations in Ukraine, Microsoft says.
by Jai Vijayan, Contributing Writer
January 18, 2022
4 min read
Article
Researchers Explore Hacking VirusTotal to Find Stolen Credentials
VirusTotal can be used to collect large amounts of credentials without infecting an organization or buying them online, researchers found.
January 18, 2022
VirusTotal can be used to collect large amounts of credentials without infecting an organization or buying them online, researchers found.
by Kelly Sheridan, Senior Editor
January 18, 2022
4 min read
Article
Take 'Urgent' Steps to Secure Systems From Damaging Attacks, CISA Says
CISA issues alert for senior leadership of US organizations amid rising tensions between Russia and Ukraine.
January 18, 2022
CISA issues alert for senior leadership of US organizations amid rising tensions between Russia and Ukraine.
by Dark Reading Staff, Dark Reading
January 18, 2022
2 min read
Article
US Search for Vulnerabilities Drives 10x Increase in Bug Reports
Cross-site scripting and broken access controls continued to be the top classes of vulnerabilities researchers discovered, according to Bugcrowd's annual vulnerability report.
January 18, 2022
Cross-site scripting and broken access controls continued to be the top classes of vulnerabilities researchers discovered, according to Bugcrowd's annual vulnerability report.
by Robert Lemos, Contributing Writer
January 18, 2022
4 min read
Article
Name That Toon: Nowhere to Hide
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
January 18, 2022
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
by John Klossner, Cartoonist
January 18, 2022
1 min read
Article
5 Reasons Why M&A Is the Engine Driving Cybersecurity
Consistent acquisition of key technologies and talent is a proven strategy for growth.
January 18, 2022
Consistent acquisition of key technologies and talent is a proven strategy for growth.
by Gary Guseinov, CEO, RealDefense, and Senior Operating Advisor, Corbel Capital Partners
January 18, 2022
4 min read
Article
Russia Takes Down REvil Ransomware Operation, Arrests Key Members
Timing of the move has evoked at least some skepticism from security experts about the country's true motives.
January 14, 2022
Timing of the move has evoked at least some skepticism from security experts about the country's true motives.
by Jai Vijayan, Contributing Writer
January 14, 2022
5 min read
Article
Maryland Dept. of Health Responds to Ransomware Attack
An attack discovered on Dec. 4, 2021 forced the Maryland Department of Health to take some of its systems offline.
January 14, 2022
An attack discovered on Dec. 4, 2021 forced the Maryland Department of Health to take some of its systems offline.
by Dark Reading Staff, Dark Reading
January 14, 2022
2 min read
Article
White House Meets With Software Firms and Open Source Orgs on Security
The Log4j vulnerability is only the latest security flaw to have global impact, prompting the Biden administration and software developers to pledge to produce more secure software.
January 14, 2022
The Log4j vulnerability is only the latest security flaw to have global impact, prompting the Biden administration and software developers to pledge to produce more secure software.
by Robert Lemos, Contributing Writer
January 14, 2022
5 min read
Article
What's Next for Patch Management: Automation
The next five years will bring the widespread use of hyperautomation in patch management. Part 3 of 3.
January 14, 2022
The next five years will bring the widespread use of hyperautomation in patch management. Part 3 of 3.
by Srinivas Mukkamala, Senior Vice President, Security Products, Ivanti
January 14, 2022
5 min read
Article
BlueNoroff Threat Group Targets Cryptocurrency Startups
A series of attacks against small and medium-sized businesses has led to major cryptocurrency losses for the victims.
January 13, 2022
A series of attacks against small and medium-sized businesses has led to major cryptocurrency losses for the victims.
by Dark Reading Staff, Dark Reading
January 13, 2022
2 min read
Article
New Vulnerabilities Highlight Risks of Trust in Public Cloud
Major cloud providers are vulnerable to exploitation because a single flaw can be turned into a global attack using trusted core services.
January 13, 2022
Major cloud providers are vulnerable to exploitation because a single flaw can be turned into a global attack using trusted core services.
by Robert Lemos, Contributing Writer
January 13, 2022
4 min read
Article
How Cybercriminals Are Cashing in on the Culture of 'Yes'
The reward is always front of mind, while the potential harm of giving out a phone number doesn't immediately reveal itself.
January 13, 2022
The reward is always front of mind, while the potential harm of giving out a phone number doesn't immediately reveal itself.
by Mike Kiser, Director of Strategy and Standards, SailPoint
January 13, 2022
5 min read
Article