Dark Reading

Report: Cross-Site Scripting Still Number One Web Attack

06/01/2018
SQL injection is the second most common technique, with IT and finance companies the major targets.

Most Expensive Data Breaches Start with Third Parties: Report

05/24/2018
Data breach costs increased 24% for enterprise victims and 36% for SMBs from 2017 to 2018, researchers found.

DOJ Sinkholes VPNFilter Control Servers Found in US

05/24/2018
The US Department of Justice said the move aims to thwart the spread of the botnet as part of its investigation into Russian nation-state hacking group APT28 aka Fancy Bear.

GDPR, WHOIS & the Impact on Merchant Risk Security Monitoring

05/24/2018
The EU's General Data Protection Regulation will make it harder for law enforcement, forensic investigators, and others to track down everything from credit card fraud to child porn rings.

A Data Protection Officer's Guide to the Post-GDPR Deadline Reality

05/24/2018
The EU's General Data Protection Regulation deadline is here -- now what? These four tips can help guide your next steps.

More Than Half of Users Reuse Passwords

05/24/2018
Users are terrible at passwords and the problem is only getting worse, according to an expansive study of more than 100 million passwords and their owners.

25% of Businesses Targeted with Cryptojacking in the Cloud

05/15/2018
New public cloud security report detects a spike in cryptojacking, mismanaged cloud storage, account takeover, and major patches getting overlooked.

Are You Protecting Your DevOps Software 'Factory'?

05/01/2018
New study highlights insecurities in DevOps toolchain implementations.

WhatsApp Founder to Depart Facebook Amid Privacy, Encryption Dispute

04/30/2018
Jan Koum also plans to step down from Facebook's board of directors.

Old Worm, New Tricks: FacexWorm Targets Crypto Platforms

04/30/2018
Malicious Chrome extension FacexWorm has reappeared with new capabilities, targeting cryptocurrency platforms and lifting user data.

Speed at Which New Drupal Flaw Was Exploited Highlights Patching Challenges

04/30/2018
In the rush to patch, organizations can create fresh problems for themselves.

Slack Releases Open Source SDL Tool

04/30/2018
After building an SDL tool for their own use, Slack has released it on Github under an open source license.

10 Security Innovators to Watch

04/30/2018
Startups in the RSA Conference Innovation Sandbox competed for the title of "Most Innovative."

Cybercrime Economy Generates $1.5 Trillion a Year

04/20/2018
Threat actors generate, launder, spend, and reinvest more than $1.5 trillion in illicit funds, according to a new study on cybercrime's 'web of profit.'

Trust: The Secret Ingredient to DevSecOps Success

04/20/2018
Security practitioners must build trusted relationships with developers and within cross-functional DevOps teams to get themselves embedded into continuous software delivery processes.

SunTrust Ex-Employee May Have Stolen Data on 1.5 Million Bank Clients

04/20/2018
Names, addresses, phone numbers, account balances, may have been exposed.

DNC Sues Guccifer 2.0, Russian Federation & Trump Campaign for Election Conspiracy

04/20/2018
DNC first hacked by Russians in 2015, according to the filing.

Microsoft CISO Talks Threat Intel, 'Data Inclusion'

04/19/2018
Dark Reading caught up with Microsoft's Bret Arsenault to discuss intelligence, identity, and the need to leverage more diverse datasets.

Firms More Likely to Tempt Security Pros With Big Salaries than Invest in Training

04/19/2018
Booz Allen survey shows most organizations' answer to the security skills shortage may be unsustainable.

Free endpoint scanning service powered by Open Threat Exchange

04/19/2018
Russ Spitler, AlienVault's SVP of product strategy, explains how security pros can leverage the community-powered threat intelligence of OTX - which sees more than 19 million IoCs contributed daily by a global community of 80,000 peers - to quickly protect themselves against emerging attacks.