Dark Reading

DDoS's Evolution Doesn't Require a Security Evolution

03/15/2021
They may have grown in sophistication, with more widespread consequences, yet today's distributed denial-of-service attacks can still be fought with conventional tools.

Buffalo Public Schools Cancel Classes Due to Ransomware

03/15/2021
The FBI is investigating the March 12 attack that disrupted the school system's phased reopening this week.

CISA Updates Microsoft Exchange Advisory to Include China Chopper

03/15/2021
US officials warn organizations of China Chopper Web shells as new data sheds light on how the Exchange Server exploits have grown.

Lookout Acquires SASE Cloud Provider CipherCloud

03/15/2021
Deal signals a focus on the cloud for mobile security firm.

Name That Toon: Something Seems Afoul

03/15/2021
Dark Reading's March cartoon caption contest is here, along with a few new feathered friends.

How to Choose the Right Cybersecurity Framework

03/15/2021
Cybersecurity frameworks can help reduce your risk of supply chain attacks and increase your competitive advantage.

Verkada Breach Demonstrates Danger of Overprivileged Users

03/15/2021
In re-evaluating supply chains, companies should classify vendors with super admin privileges to devices or backdoors as a significant threat.

Concerns Over API Security Grow as Attacks Increase

02/03/2021
Some 66% of organizations say they have slowed deploying an app into production because of API security concerns.

Agent Tesla Upgrades with New Delivery & Evasion Tactics

02/02/2021
A new version of the remote access Trojan targets Microsoft Anti-Malware Software Interface to bypass endpoint detection.

Law Enforcement Aims to Take Down Netwalker Ransomware

01/28/2021
The Department of Justice has so far charged one Canadian national and seized nearly $500,000 in relation to Netwalker ransomware.

Virtual Pen-Testing Competition Tasks College Students With Running a Red Team Operation

01/13/2021
Aimed at developing offensive cyber talent, last weekend's sixth annual Collegiate Penetration Testing Competition brought out some of the brightest from RIT and Stanford, among other universities.

Bringing Zero Trust to Secure Remote Access

01/12/2021
Demand for secure remote access has skyrocketed during the pandemic. Here Omdia profiles more secure alternatives to virtual private network (VPN) technology.

How to Build Cyber Resilience in a Dangerous Atmosphere

12/31/2020
Our polarized climate and COVID-19 are putting the nation's cybersecurity in imminent danger, and it's past time to act.

Delivering Santa from Third-Party Risk

12/24/2020
2020 has made even St. Nick susceptible to the risks associated with the coronavirus pandemic. Fortunately, cybersecurity experts are ready to help the merry old elf with advice on reducing risks to his global operations.

Latest Version of TrickBot Employs Clever New Obfuscation Trick

11/24/2020
The malware takes advantage of how the Windows command line interpreter works to try and slip past anti-detection tools, Huntress Labs says.

Baidu Apps Leaked Location Data, Machine Learning Reveals

11/24/2020
Several apps available on the Google Play Store, including two made by Chinese Internet giant Baidu, leaked information about the phone's hardware and location without the user's knowledge, research finds.

How Ransomware Defense is Evolving With Ransomware Attacks

11/24/2020
As data exfiltration threats and bigger ransom requests become the norm, security professionals are advancing from the basic "keep good backups" advice.

CISA Warns of Holiday Online Shopping Scams

11/24/2020
The agency urges shoppers to be cautious of fraudulent websites, unsolicited emails, and unencrypted financial transactions.

Alexa, Disarm the Victim's Home Security System

11/24/2020
Researchers who last year hacked popular voice assistants with laser pointers take their work to the next level.

Cloud Security Startup Lightspin Emerges From Stealth

11/24/2020
The startup, founded by former white-hat hackers, has secured a $4 million seed round to close security gaps in cloud environments.