informa

Vulnerabilities/Threats

Are You Prepared to Defend Against a USB Attack?
Recent "BadUSB" attacks serve as a reminder of the big damage that small devices can cause.
January 24, 2022
Recent "BadUSB" attacks serve as a reminder of the big damage that small devices can cause.
by Benny Czarny, Founder & CEO, OPSWAT
January 24, 2022
4 min read
Article
A Level-Set on Russia-Borne Cyber Threats
As hostilities mount between Russia and Ukraine, new and more dangerous cyberattacks are likely to develop. Pinpointing sources and motives will remain elusive, but enterprises should prepare for an escalation in cyberspace.
January 24, 2022
As hostilities mount between Russia and Ukraine, new and more dangerous cyberattacks are likely to develop. Pinpointing sources and motives will remain elusive, but enterprises should prepare for an escalation in cyberspace.
by Tanner Johnson, Principal Analyst, Data Security, OMDIA
January 24, 2022
6 min read
Article
REvil Ransomware Gang Arrests Trigger Uncertainty, Concern in Cybercrime Forums
Threat actors from Eastern Europe seen expressing some concern about Russia being a safe place for them to continue operating, researchers say.
January 21, 2022
Threat actors from Eastern Europe seen expressing some concern about Russia being a safe place for them to continue operating, researchers say.
by Jai Vijayan, Contributing Writer
January 21, 2022
4 min read
Article
Looking Beyond Biden's Binding Security Directive
Implementing these and other security procedures will greatly improve the security posture of the United States and its private partners.
January 21, 2022
Implementing these and other security procedures will greatly improve the security posture of the United States and its private partners.
by Mariano Nunez, CEO & Co-Founder, Onapsis
January 21, 2022
5 min read
Article
Biden Broadens NSA Oversight of National Security Systems
New Cybersecurity National Security Memorandum will let the spy agency "identify vulnerabilities, detect malicious threat activity and drive mitigations," agency cybersecurity director says.
January 20, 2022
New Cybersecurity National Security Memorandum will let the spy agency "identify vulnerabilities, detect malicious threat activity and drive mitigations," agency cybersecurity director says.
by Dark Reading Staff, Dark Reading
January 20, 2022
2 min read
Article
Researchers Discover Dangerous Firmware-Level Rootkit
MoonBounce is the latest in a small but growing number of implants found hidden in a computer's Unified Extensible Firmware Interface (UEFI).
January 20, 2022
MoonBounce is the latest in a small but growing number of implants found hidden in a computer's Unified Extensible Firmware Interface (UEFI).
by Jai Vijayan, Contributing Writer
January 20, 2022
5 min read
Article
Red Cross Hit via Third-Party Cyberattack
The incident compromised the personal data and confidential information of more than 515,000 "highly vulnerable people," the Red Cross reports.
January 20, 2022
The incident compromised the personal data and confidential information of more than 515,000 "highly vulnerable people," the Red Cross reports.
by Dark Reading Staff, Dark Reading
January 20, 2022
2 min read
Article
Enterprises Are Sailing Into a Perfect Storm of Cloud Risk
Policy as code and other techniques can help enterprises steer clear of the dangers that have befallen otherwise sophisticated cloud customers.
January 20, 2022
Policy as code and other techniques can help enterprises steer clear of the dangers that have befallen otherwise sophisticated cloud customers.
by Josh Stella, Founding CEO, Fugue
January 20, 2022
5 min read
Article
When Patching Security Flaws, Smarter Trumps Faster
Just turning the patch dial to "high" is not enough, and if your company is using the Common Vulnerability Scoring System (CVSS) to prioritize software patching, you are doing it wrong.
January 19, 2022
Just turning the patch dial to "high" is not enough, and if your company is using the Common Vulnerability Scoring System (CVSS) to prioritize software patching, you are doing it wrong.
by Robert Lemos, Contributing Writer
January 19, 2022
4 min read
Article
Preparing for the Next Cybersecurity Epidemic: Deepfakes
Using blockchain, multifactor authentication, or signatures can help boost authentication security and reduce fraud.
January 19, 2022
Using blockchain, multifactor authentication, or signatures can help boost authentication security and reduce fraud.
by Elaine Lee, Principal Data Scientist, Cybergraph team, Mimecast
January 19, 2022
4 min read
Article
Microsoft Details Recent Damaging Malware Attacks on Ukrainian Organizations
"WhisperGate" malware was used to overwrite Master Boot Record and other files to render systems inoperable at several organizations in Ukraine, Microsoft says.
January 18, 2022
"WhisperGate" malware was used to overwrite Master Boot Record and other files to render systems inoperable at several organizations in Ukraine, Microsoft says.
by Jai Vijayan, Contributing Writer
January 18, 2022
4 min read
Article
Researchers Explore Hacking VirusTotal to Find Stolen Credentials
VirusTotal can be used to collect large amounts of credentials without infecting an organization or buying them online, researchers found.
January 18, 2022
VirusTotal can be used to collect large amounts of credentials without infecting an organization or buying them online, researchers found.
by Kelly Sheridan, Senior Editor
January 18, 2022
4 min read
Article
Take 'Urgent' Steps to Secure Systems From Damaging Attacks, CISA Says
CISA issues alert for senior leadership of US organizations amid rising tensions between Russia and Ukraine.
January 18, 2022
CISA issues alert for senior leadership of US organizations amid rising tensions between Russia and Ukraine.
by Dark Reading Staff, Dark Reading
January 18, 2022
2 min read
Article
US Search for Vulnerabilities Drives 10x Increase in Bug Reports
Cross-site scripting and broken access controls continued to be the top classes of vulnerabilities researchers discovered, according to Bugcrowd's annual vulnerability report.
January 18, 2022
Cross-site scripting and broken access controls continued to be the top classes of vulnerabilities researchers discovered, according to Bugcrowd's annual vulnerability report.
by Robert Lemos, Contributing Writer
January 18, 2022
4 min read
Article
Name That Toon: Nowhere to Hide
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
January 18, 2022
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
by John Klossner, Cartoonist
January 18, 2022
1 min read
Article