Dark Reading

Combat Misinformation by Getting Back to Security Basics

12/14/2021
One volley of fake news may land, but properly trained AI can shut down similar attempts at their sources.

XDR: What It Is, What It Isn't

12/13/2021
The three must-haves in eXtended Detection and Response are: making data accessible, facilitating real-time threat detection, and providing remediation strategies.

Tales from the Dark Web: Fingerprinting Access Brokers on Criminal Forums

12/13/2021
Every high-profile breach leaves a trail of bread crumbs, and defenders who monitor access brokers can connect the dots and detect attacks as they unfold.

Why Classifying Ransomware as a National Security Threat Matters

12/13/2021
Government actions help starve attack groups of the resources - money, ability to recruit, and time.

How Do I Find My Servers With the Log4j Vulnerability?

12/13/2021
This Tech Tip outlines how enterprises can use Canarytokens to find servers in their organization vulnerable to CVE-2021-44228.

Volvo Confirms R&D Data Stolen in Breach

12/13/2021
The company confirmed last week that one of its file repositories was accessed by a third party.

Kronos Suffers Ransomware Attack, Expects Full Restoration to Take 'Weeks'

12/13/2021
Customers advised to adopt alternative internal processes to support the affected human resources services.

40% of Corporate Networks Targeted by Attackers Seeking to Exploit Log4j

12/13/2021
More than 60 variants of the original exploit were introduced over the last day alone.

Bug-Bounty Programs Shift Focus to Most Critical Flaws

12/13/2021
The number of bug bounty programs jumped by a third, the median payout for a critical vulnerability report rose to $3,000, but rewards for easier-to-find lower-severity flaws stagnated in 2021.

Name That Toon: Modern-Day Frosty

12/13/2021
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Darktrace Reports Information Technology and Communications Sector Most Targeted by Cyberattackers in 2021

12/13/2021
Most targeted industry shifts from the financial and insurance sector in 2020.

Kaspersky Opens Doors to New Transparency Center in North America

12/13/2021
The opening marks the fifth center opened globally, fulfilling a key milestone within the Global Transparency Initiative.

2 Website Threats to Address for the Holiday Shopping Rush

12/13/2021
Some tips for effectively combating Web supply chain attacks and customer hijacking via browser extensions.

What to Do While Waiting for the Log4J Updates

12/10/2021
This Tech Tip outlines how enterprise defenders can mitigate the risks of the Log4j vulnerabilities for the short-term while waiting for updates.

Security Experts Sound Alarm on Zero-Day in Widely Used Log4j Tool

12/10/2021
A remote code execution vulnerability in Log4j presents a bigger threat to organizations than even the infamous 2017 Apache Struts vulnerability that felled Equifax, they say.

NIST Cyber-Resiliency Framework Extended to Include Critical Infrastructure Controls

12/10/2021
The latest NIST publication outlines how organizations can build systems that can anticipate, withstand, recover from, and adapt to cyberattacks.

Russian National Sentenced for Role in Kelihos Botnet

12/10/2021
Oleg Koshkin was sentenced for running a crypting service used to hide the Kelihos malware from antivirus software.

Identity Authentication Access Market Set to Hit $28.9B in 2021

12/10/2021
With more staff working remotely, identity, authentication, and access (IAA) has never been more important. Market forecasts, drivers, and trends are explored.

Dark Reading Reflects on a Legacy and Life Well-Written: Tim Wilson

12/10/2021
The Dark Reading editorial team, along with contributing writers and editors, share their favorite stories and memories of co-founder and editor-in-chief Tim Wilson, an influential editor and well-respected thought leader in the cybersecurity industry.

The Vulnerability Lag: Cut Ransomware Risks Resulting From Digital Transformation

12/10/2021
Exploring ransomware and other data integrity risks from accelerated digital transformation in the wake of COVID-19.