Dark Reading

Moving from DevOps to CloudOps: The Four-Box Problem

03/26/2021
With SOC teams running services on multiple cloud platforms, their big concern is how to roll up configuration of 200+ servers in a comprehensive way.

Exec Order Could Force Software Vendors to Disclose Breaches to Federal Gov't Customers

03/25/2021
A decision on the order, which contains several recommendations, is still forthcoming.

CISA Adds Two Web Shells to Exchange Server Guidance

03/25/2021
Officials update mitigation steps to include two new Malware Analysis Reports identifying Web shells seen in Exchange Server attacks.

In Secure Silicon We Trust

03/25/2021
Building upon a hardware root of trust is becoming a more achievable goal for the masses and the roots are digging deeper. Here's what you need to know.

Nearly Half of Popular Android Apps Built With High-Risk Components

03/25/2021
Information leakage and applications asking for too many permissions were also major issues, according to a survey of more than 3,300 popular mobile applications.

Security Operations in the World We Live in Now

03/25/2021
Despite the challenges of remote work, security operations teams can position themselves well for the future.

The CIO's Shifting Role: Improving Security With Shared Responsibility

03/25/2021
CIOs must create a culture centered around cybersecurity that is easily visible and manageable.

How Personally Identifiable Information Can Put Your Company at Risk

03/25/2021
By being more mindful of how and where they share PII, employees will deprive cybercriminals of their most useful tool.

6 Tips for Limiting Damage From Third-Party Attacks

03/25/2021
The ability to protect your organization from third-party attacks will become increasingly critical as attackers try to maximize the effectiveness of their malicious campaigns.

Sierra Wireless Website Still Down After Ransomware Attack

03/24/2021
The company believes the attack's impact is limited to its internal IT systems and corporate websites.

California State Controller's Office Suffers Data Breach

03/24/2021
Employee unwittingly gave hacker access to email account for more than a day.

Ransomware Incidents Continue to Dominate Threat Landscape

03/24/2021
Cisco Talos' IR engagements found attackers relied heavily on malware like Zloader and BazarLoader to distribute ransomware in the past three months.

Facebook Reports China-Linked Cyberattack Targeting Uyghurs

03/24/2021
Facebook has removed accounts used to send malicious links to Uyghur people with the goal of infecting their devices.

What a Federal Data Privacy Law Would Mean for Consumers

03/24/2021
With an array of serious proposals from both sides of the political divide, it looks as though the US may finally have a national privacy law.

How to Protect Our Critical Infrastructure From Attack

03/24/2021
Just how worried should we be about a cyber or physical attack on national infrastructure? Chris Price reports on how the pandemic, the growth of remote working, and IoT are putting assets at risk.

Prioritizing Application & API Security After the COVID Cloud Rush

03/24/2021
As companies hit the gas to accommodate the rapid shift to work-from-home, security fell behind. Now, it's time to close those gaps.

Anti-Spoofing for Email Gains Adoption, but Enforcement Lags

03/23/2021
More organizations adopt sender authentication, but strict quarantining or rejection of unauthenticated messages remains uncommon.

Inside the Web Shell Used in the Microsoft Exchange Server Attacks

03/23/2021
The history and details of China Chopper - a Web shell commonly seen in the widespread Microsoft Exchange Server attacks.

Disgruntled IT Contractor Sentenced in Retaliatory Office 365 Attack

03/23/2021
Former contractor deleted 1,200 user accounts in revenge.

Organizations Making Little Headway in Addressing Human Risk

03/23/2021
Most enterprise security awareness efforts remain half-hearted, a new SANS survey shows.