Dark Reading

Encryption Helps Companies Avoid Breach Notifications

06/02/2021
With nearly twice as many firms suffering a breach compared with the previous year, limiting the damage becomes more important, a survey finds.

Microsoft Buys ReFirm Labs to Drive IoT Security Efforts

06/02/2021
The acquisition will bring ReFirm's firmware analysis capabilities alongside Microsoft's Azure Defender for IoT to boost device security.

A View From Inside a Deception

06/02/2021
Pen-testing today's threat deception technology is not for the faint-hearted. Do modern deception tools truly frustrate adversaries, and are they ready for the enterprise SOC?

Critical Zero-Day Discovered in Fancy Product Designer WordPress Plug-in

06/02/2021
The plug-in under active attack has been installed on more than 17,000 websites, say researchers.

Is Your Adversary James Bond or Mr. Bean?

06/02/2021
Especially with nation-state attacks, its critical to assess whether you're up against jet fighter strength or a bumbler who tries to pick locks.

Microsoft 365: Most Common Threat Vectors & Defensive Tips

06/02/2021
Security pros discuss the most typical ways attackers leverage Microsoft 365 and share their guidance for defenders.

Chaos for the Sake of Chaos? Yes, Nation-States Are That Cynical

06/02/2021
Many nation-state-backed attacks are intended to destabilize the US government, not steal from it.

Processor Morphs Its Architecture to Make Hacking Really Hard

06/02/2021
Researchers create a processor that uses encryption to modify its memory architecture during runtime, making it very difficult for hackers to exploit memory-based vulnerabilities.

US Seizes Attacker Domains Used in USAID Phishing Campaign

06/01/2021
The move follows last week's disclosure of an ongoing attack designed to mimic emails from the US Agency for International Development.

New Barebones Ransomware Strain Surfaces

06/01/2021
The authors of Epsilon Red have offloaded many tasks that are usually integrated into the ransomware -- such as Volume Shadow Copy deletion -- to PowerShell scripts.

Meat Producer JBS USA Hit By Ransomware Attack

06/01/2021
The company says recovery from the attack may delay transactions with customers and suppliers.

Return to Basics: Email Security in the Post-COVID Workplace

06/01/2021
As we reimagine the post-pandemic workplace, we must also reevaluate post-pandemic email security practices.

Name That Edge Toon: In Tow

06/01/2021
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.

CISO Confidence Is Rising, but Issues Remain

06/01/2021
New research reveals how global CISOs dealt with COVID-19 and their plans for 2022-2023.

Cybersecurity Group Hopes to Push 30 More National Priorities

06/01/2021
The Cyberspace Solarium Commission worked with legislators and the Trump administration to get 27 recommendations implemented in policy last year. It's aiming for 30 more in 2021.

3 SASE Misconceptions to Consider

05/31/2021
SASE is all the rage, promising things IT leaders have long dreamed about, but a purist approach may create consequences.

Chinese APT Groups Continue to Pound Away on Pulse Secure VPNs

05/28/2021
Security vendor says it has observed threat groups using a set of 16 tools specifically designed to attack Pulse Secure devices since April 2020.

Chart: Cloud Concerns

05/28/2021
As more organizations make their way to the cloud, their eyes are wide open to the associated cybersecurity risks that tag along for the ride.

Modern SOCs a 'Painful' Challenge Amid Growing Complexity: Report

05/28/2021
A new study examines the tools and technologies driving investment and activities for security operations centers.

SolarWinds Attackers Impersonate USAID in Advanced Email Campaign

05/28/2021
Microsoft shares the details of a wide-scale malicious email campaign attributed to Nobelium, the group linked to the SolarWinds supply chain attack.