informa

Vulnerabilities/Threats

REvil Ransomware Gang Arrests Trigger Uncertainty, Concern in Cybercrime Forums
Threat actors from Eastern Europe seen expressing some concern about Russia being a safe place for them to continue operating, researchers say.
January 21, 2022
Threat actors from Eastern Europe seen expressing some concern about Russia being a safe place for them to continue operating, researchers say.
by Jai Vijayan, Contributing Writer
January 21, 2022
4 min read
Article
Looking Beyond Biden's Binding Security Directive
Implementing these and other security procedures will greatly improve the security posture of the United States and its private partners.
January 21, 2022
Implementing these and other security procedures will greatly improve the security posture of the United States and its private partners.
by Mariano Nunez, CEO & Co-Founder, Onapsis
January 21, 2022
5 min read
Article
Biden Broadens NSA Oversight of National Security Systems
New Cybersecurity National Security Memorandum will let the spy agency "identify vulnerabilities, detect malicious threat activity and drive mitigations," agency cybersecurity director says.
January 20, 2022
New Cybersecurity National Security Memorandum will let the spy agency "identify vulnerabilities, detect malicious threat activity and drive mitigations," agency cybersecurity director says.
by Dark Reading Staff, Dark Reading
January 20, 2022
2 min read
Article
Researchers Discover Dangerous Firmware-Level Rootkit
MoonBounce is the latest in a small but growing number of implants found hidden in a computer's Unified Extensible Firmware Interface (UEFI).
January 20, 2022
MoonBounce is the latest in a small but growing number of implants found hidden in a computer's Unified Extensible Firmware Interface (UEFI).
by Jai Vijayan, Contributing Writer
January 20, 2022
5 min read
Article
Red Cross Hit via Third-Party Cyberattack
The incident compromised the personal data and confidential information of more than 515,000 "highly vulnerable people," the Red Cross reports.
January 20, 2022
The incident compromised the personal data and confidential information of more than 515,000 "highly vulnerable people," the Red Cross reports.
by Dark Reading Staff, Dark Reading
January 20, 2022
2 min read
Article
Enterprises Are Sailing Into a Perfect Storm of Cloud Risk
Policy as code and other techniques can help enterprises steer clear of the dangers that have befallen otherwise sophisticated cloud customers.
January 20, 2022
Policy as code and other techniques can help enterprises steer clear of the dangers that have befallen otherwise sophisticated cloud customers.
by Josh Stella, Founding CEO, Fugue
January 20, 2022
5 min read
Article
When Patching Security Flaws, Smarter Trumps Faster
Just turning the patch dial to "high" is not enough, and if your company is using the Common Vulnerability Scoring System (CVSS) to prioritize software patching, you are doing it wrong.
January 19, 2022
Just turning the patch dial to "high" is not enough, and if your company is using the Common Vulnerability Scoring System (CVSS) to prioritize software patching, you are doing it wrong.
by Robert Lemos, Contributing Writer
January 19, 2022
4 min read
Article
Preparing for the Next Cybersecurity Epidemic: Deepfakes
Using blockchain, multifactor authentication, or signatures can help boost authentication security and reduce fraud.
January 19, 2022
Using blockchain, multifactor authentication, or signatures can help boost authentication security and reduce fraud.
by Elaine Lee, Principal Data Scientist, Cybergraph team, Mimecast
January 19, 2022
4 min read
Article
Microsoft Details Recent Damaging Malware Attacks on Ukrainian Organizations
"WhisperGate" malware was used to overwrite Master Boot Record and other files to render systems inoperable at several organizations in Ukraine, Microsoft says.
January 18, 2022
"WhisperGate" malware was used to overwrite Master Boot Record and other files to render systems inoperable at several organizations in Ukraine, Microsoft says.
by Jai Vijayan, Contributing Writer
January 18, 2022
4 min read
Article
Researchers Explore Hacking VirusTotal to Find Stolen Credentials
VirusTotal can be used to collect large amounts of credentials without infecting an organization or buying them online, researchers found.
January 18, 2022
VirusTotal can be used to collect large amounts of credentials without infecting an organization or buying them online, researchers found.
by Kelly Sheridan, Senior Editor
January 18, 2022
4 min read
Article
Take 'Urgent' Steps to Secure Systems From Damaging Attacks, CISA Says
CISA issues alert for senior leadership of US organizations amid rising tensions between Russia and Ukraine.
January 18, 2022
CISA issues alert for senior leadership of US organizations amid rising tensions between Russia and Ukraine.
by Dark Reading Staff, Dark Reading
January 18, 2022
2 min read
Article
US Search for Vulnerabilities Drives 10x Increase in Bug Reports
Cross-site scripting and broken access controls continued to be the top classes of vulnerabilities researchers discovered, according to Bugcrowd's annual vulnerability report.
January 18, 2022
Cross-site scripting and broken access controls continued to be the top classes of vulnerabilities researchers discovered, according to Bugcrowd's annual vulnerability report.
by Robert Lemos, Contributing Writer
January 18, 2022
4 min read
Article
Name That Toon: Nowhere to Hide
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
January 18, 2022
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
by John Klossner, Cartoonist
January 18, 2022
1 min read
Article
5 Reasons Why M&A Is the Engine Driving Cybersecurity
Consistent acquisition of key technologies and talent is a proven strategy for growth.
January 18, 2022
Consistent acquisition of key technologies and talent is a proven strategy for growth.
by Gary Guseinov, CEO, RealDefense, and Senior Operating Advisor, Corbel Capital Partners
January 18, 2022
4 min read
Article
Russia Takes Down REvil Ransomware Operation, Arrests Key Members
Timing of the move has evoked at least some skepticism from security experts about the country's true motives.
January 14, 2022
Timing of the move has evoked at least some skepticism from security experts about the country's true motives.
by Jai Vijayan, Contributing Writer
January 14, 2022
5 min read
Article