Dark Reading

66% of CISOs Feel Unprepared for Cyberattacks

05/12/2021
More than half of CISOs surveyed are more concerned about a cyberattack in 2021 than in 2020, researchers report.

Vulnerable Protocols Leave Firms Open to Further Compromises

05/12/2021
Companies may no longer have Internet-facing file servers or weakly secured Web servers, but attackers that get by the perimeter have a wide-open landscape of vulnerability.

Hashes, Salts, and Rainbow Tables: Confessions of a Password Cracker

05/12/2021
Understanding a few basics about how password crackers think and behave could help you keep your users safer.

Cybersecurity: What Is Truly Essential?

05/12/2021
In an effort to protect their organizations, security professionals can overdo it. The result often works against them.

Why You Should Be Prepared to Pay a Ransom

05/12/2021
Companies that claim they'll never pay up in a ransomware attack are more likely to get caught flat-footed.

The Long Road to Rebuilding Trust After 'Golden SAML'-Like Attacks

05/12/2021
Eradicating 'privileged intruders' from the network in the aftermath of an attack poses major challenges, experts say.

A Startup With NSA Roots Wants Silently Disarming Cyberattacks on the Wire to Become the Norm

05/11/2021
Trinity Cyber takes a new spin on some traditional network-security techniques, but can its approach catch on widely?

Adobe Issues Patch for Acrobat Zero-Day

05/11/2021
The vulnerability is being exploited in limited attacks against Adobe Reader users on Windows.

Application Attacks Spike as Criminals Target Remote Workers

05/11/2021
Application-specific and Web application attacks made up 67% of all attacks in 2020 as criminal strategies shifted in the pandemic.

Microsoft Patch Tuesday: 4 Critical CVEs, 3 Publicly Known, 1 Wormable

05/11/2021
Microsoft releases security patches for 55 vulnerabilities in its monthly roundup, which includes a critical, wormable flaw in the HTTP protocol stack.

Cartoon Caption Winner: Greetings, Earthlings

05/11/2021
And the winner of Dark Reading's April cartoon caption contest is ...

3 Cybersecurity Myths to Bust

05/11/2021
Deeply rooted cybersecurity misconceptions are poisoning our ability to understand and defend against attacks.

Critical Infrastructure Under Attack

05/11/2021
Several recent cyber incidents targeting critical infrastructure prove that no open society is immune to attacks by cybercriminals. The recent shutdown of key US energy pipeline marks just the tip of the iceberg.

Colonial Pipeline Cyberattack: What Security Pros Need to Know

05/10/2021
As the massive US pipeline operator works to restore operations after a DarkSide ransomware attack late last week, experts say it's a cautionary tale for critical infrastructure providers.

Tulsa Deals With Aftermath of Ransomware Attack

05/10/2021
Weekend attack shuts down several city sites and service.

Four Plead Guilty to RICO Conspiracy Involving Hosting Services for Cybercrime

05/10/2021
The "bulletproof hosting" organization hosted malware including Zeus, SpyEye, Citadel, and the Blackhole Exploit Kit.

10 Security Awareness Training Mistakes to Avoid

05/10/2021
Give your cybersecurity culture a boost by adding these to the "don't" column of your cybersecurity awareness training do's and don'ts list.

Exchange Exploitation: Not Dead Yet

05/10/2021
The mass exploitation of Exchange Servers has been a wake-up call, and it will take all parties playing in concert for the industry to react, respond, and recover.

How North Korean APT Kimsuky Is Evolving Its Tactics

05/07/2021
Researchers find differences in Kimsuky's operations that lead them to divide the APT into two groups: CloudDragon and KimDragon.

Most Organizations Feel More Vulnerable to Breaches Amid Pandemic

05/07/2021
More than half of business see the need for significant long-term changes to IT due to COVID-19, research finds.