Dark Reading

Why Cloud Service Providers Are a Single Point of Failure

12/08/2021
In a matter of days, a large-scale outage of cloud and other online services could cause $15 billion in losses.

5 Tips to Stay on the Offensive and Safeguard Your Attack Surface

12/08/2021
New, global-scale attacks aren't a security problem; they're a big data problem requiring a data-led solution.

Ripple Effects Felt Across the Internet With AWS Outage

12/07/2021
AWS Console was among the many services that were unavailable during the outage at Amazon Web Services.

New Financial Services Industry Report Reveals Major Gaps in Storage and Backup Security

12/07/2021
More than two-Thirds (69%) of respondents believe an attack on their storage & backup environment will have "significant" or "catastrophic" impact.

Google Disrupts Botnet Targeting Windows Machines

12/07/2021
The company has also launched litigation against the Glupteba botnet, marking the first lawsuit against a blockchain-enabled botnet.

Rubrik's New Managed Service Protects Data from Ransomware Attacks

12/07/2021
Rubrik Cloud Vault provides data recovery assurance against ransomware attacks for Microsoft Azure customers, even if they maintain a hybrid environment.

Virtual-Network Vulnerability Found in AWS, Other Clouds

12/07/2021
The privilege-escalation flaws affect Amazon WorkSpaces and more than a dozen services that use a particular implementation of USB over Ethernet.

Cerberus Sentinel Announces Acquisition of Arkavia Networks

12/07/2021
U.S. cybersecurity services firm expands internationally into Latin America.

The Dark Web Has Its Own People's Court

12/07/2021
Many underground forums have processes for arbitrating disputes between cybercriminals.

DigiCert Advances Passwordless Authentication with Support for Windows Hello for Business

12/07/2021
Managing Windows Hello hybrid certificate trust model on DigiCert PKI platform streamlines enterprise passwordless authentication and access, an industry first for public Certification Authorities (CAs).

5 Ways GRC & Security Can Partner to Reduce Insider Risk

12/07/2021
In 2022, data governance, risk, and compliance (GRC) and security need to partner to implement a modern approach to data protection: insider risk management.

Defending Against the Use of Deepfakes for Cyber Exploitation

12/07/2021
Deepfakes are increasingly concerning because they use AI to imitate human activities and can be used to augment social engineering attacks.

Cybersecurity Takes the Wheel as Auto Industry's Top Priority

12/07/2021
Part mainframe, part mobile device, cars will increasingly become targets for cyberattackers.

MITRE Engenuity & Cybrary Surpass 25,000 Users in MITRE ATT&CK Defender Certification Program

12/06/2021
The program helps close the skill gap to enable defenders to gain the advantage over cyber adversaries.

Microsoft Seizes Malicious Websites Used by Prolific Chinese APT Group

12/06/2021
The so-called Nikel cyber espionage attack group - aka APT15, Vixen Panda, KE3CHANG, Royal APT, and Playful Dragon - has been in Microsoft's sights since 2016.

US Military Has Acted Against Ransomware Groups: Report

12/06/2021
Gen. Paul Nakasoke, head of US Cyber Command and director of the NSA, said the military has taken offensive action against ransomware groups.

Russian Actors Behind SolarWinds Attack Hit Global Business & Government Targets

12/06/2021
Clusters of activity associated with the attack group behind last year's supply chain breach reveal novel techniques, researchers say.

5 Ways to Keep Fraudsters at Bay Over the Holidays

12/06/2021
Organizations want to focus on customer satisfaction and increased revenues during the holiday shopping season. Here are some smart security and fraud protections to keep in mind.

SEARCH for Hidden Cyber Threats: 6 Steps to Unleash a Hyper-effective Threat Hunting Team

12/06/2021
SEARCH is a carefully-tuned methodology that balances people, process and technology for threat hunters actively searching for, and disrupting, distinctly human threats.

Why the C-Suite Doesn't Need Access to All Corporate Data

12/06/2021
If zero trust is to work properly, then it must apply to everyone.