Dark Reading

Challenging Our Education System to Nurture the Cyber Pipeline

04/27/2021
Let's teach students how to teach themselves. Once we do that, we will have taught a generation of students how to think like hackers.

US Urges Organizations to Implement MFA, Other Controls to Defend Against Russian Attacks

04/26/2021
Actors working for Moscow's Foreign Intelligence Service are actively targeting organizations in government and other sectors, FBI and DHS say.

Apple Patches Serious MacOS Security Flaw

04/26/2021
The bug can put Mac users at "grave risk" as it allows attackers to bypass Apple's security mechanisms, a researcher reports.

In Appreciation: Dan Kaminsky

04/26/2021
Beloved security industry leader and researcher passes away unexpectedly at the age of 42.

Proofpoint to Be Acquired by Thoma Bravo for $12.3B

04/26/2021
The cybersecurity company will go private following the all-cash transaction.

Cybersecurity and the Way to a Balanced Life

04/26/2021
With work more demanding than ever, how can cybersecurity pros safeguard their organizations and their own mental well-being at the same time?

Shift Left: From Concept to Practice

04/26/2021
By moving security into development, your team can find and fix vulnerabilities before they become expensive, difficult, and publicly embarrassing problems.

Window Snyder Launches Startup to Fill IoT Security Gaps

04/23/2021
Thistle Technologies aims to help connected device manufacturers securely deliver updates to their products.

Password Manager Suffers 'Supply Chain' Attack

04/23/2021
A software update to Click Studios' Passwordstate password manager contained malware.

Insider Data Leaks: A Growing Enterprise Threat

04/23/2021
Report finds 85% of employees are more likely to leak sensitive files now than before the COVID-19 pandemic.

KnowBe4 Issues IPO to Drive Global Expansion, New Automation Features

04/23/2021
Security awareness firm aims expand into Europe and Asia, and add automation and machine learning to its technology.

SOC 2 Attestation Tips for SaaS Companies

04/23/2021
Attestation helps SaaS vendors demonstrate that digital security is a primary focus.

Tell Us the Truth: Why Do You LOVE Passwords?

04/23/2021
There must be something you appreciate about the humble password, right? Tell us what you think.

Supernova Malware Actors Masqueraded as Remote Workers to Access Breached Network

04/22/2021
China-based Spiral group is believed to be behind year-long attack, which exploited a flaw in SolarWinds Orion technology to drop a Web shell.

The Edge Pro Tip: Brush Up on Web Shells

04/22/2021
While neither new nor novel, Web shells are making an impact with a surge of Exchange attacks.

Edge Poll: Passwordless Plans

04/22/2021
How long do you think it will be before your organization gets rid of passwords?

New CISA Advisories Warn of ICS Vulnerabilities

04/22/2021
The vulnerabilities exist in Cscape control system application programming software and the Mitsubishi Electric GOT.

Prometei Botnet Adds New Twist to Exchange Server Attacks

04/22/2021
Attackers are using the well-known Microsoft Exchange Server flaw to add machines to a cryptocurrency botnet, researchers say.

Improving the Vulnerability Reporting Process With 5 Steps

04/22/2021
Follow these tips for an effective and positive experience for both the maintainer and external vulnerability reporter.

University Suspends Project After Researchers Submitted Vulnerable Linux Patches

04/22/2021
A Linux maintainer pledges to stop taking code submissions from the University of Minnesota after a research team purposely submitted vulnerabilities to show software supply chain weaknesses.