Dark Reading

API Security Issues Hinder Application Delivery

11/04/2021
A new survey explains why nearly all organizations experience API security problems to varying degrees.

Ripping Off the Blindfold: Illuminating OT Environments

11/04/2021
A security tool that monitors OT devices can't disrupt operations. This is why the Self-Learning AI acts only on information obtained by passive monitoring of the network.

US Offers $10M Reward For ID, Location of DarkSide Leadership

11/04/2021
The State Department offers multimillion-dollar rewards for information related to the leaders and members involved in DarkSide ransomware.

Phishing Attack Blends Spoofed Amazon Order and Fraudulent Customer Service Agents

11/04/2021
It's the latest in a series of clever brand impersonation scams that use multiple vectors to lure victims.

Appsian Security Announces Acquisition of Q Software, a Leader in JD Edwards Security and Compliance

11/04/2021
The acquisition provides customers of JD Edwards, along with Oracle EBS and Oracle Cloud, with expanded capabilities for data masking, threat detection and response, and real-time analytics across multiple ERP applications.

Having Trouble Finding Cybersecurity Talent? You Might Be the Problem

11/04/2021
Hiring managers must rethink old-school practices to find the right candidates and be ready to engage in meaningful conversations about their company's values. Here are three ways to start.

Coalfire Expands Application Security Vision With Major Upgrade to Application Security Platform, ThreadFix

11/04/2021
ThreadFix v3.1 delivers fastest speed for AppSec automation and remediation.

How to Avoid Another Let's Encrypt-Like Meltdown

11/03/2021
Experts weigh in on steps network and security administrators need to take before the next time a root certificate expires.

Researchers Scan the Web to Uncover Malware Infections

11/03/2021
Dozens of companies and universities regularly scan the Internet to gather data on connected devices, but some firms are looking deeper to uncover the extent of detectable malware infections.

CISA Issues New Directive for Patching Known Exploited Vulnerabilities

11/03/2021
The goal is to reduce civilian federal agency exposure to attacks that threat actors are actively using in campaigns, agency says.

5 MITRE ATT&CK Tactics Most Frequently Detected by Cisco Secure Firewalls

11/03/2021
Cisco Security examines the most frequently encountered MITRE ATT&CK tactics and techniques.

Cloud Data Security Startup Launches

11/03/2021
TrustLogix aims to streamline and simplify data governance in the cloud.

Where Is Cloud Permissions Management Headed?

11/03/2021
Cloud permissions management emerged as a standalone cloud security technology but is quickly becoming part of a broader set of capabilities

US Blacklists Israeli Firms NSO Group and Candiru

11/03/2021
The US Commerce Department has also added Russia's Positive Technologies and Singapore's Computer Security Initiative Consultancy.

Infosec and Business Alignment Lowers Breach Cost, Boosts Security

11/03/2021
As attacks and security budgets continue to rise, data shows the most secure organizations are the ones that strike a security-business balance.

Is Sandboxing Dead?

11/03/2021
Organizations should start to evaluate other security measures to replace or complement the once-venerable security sandbox.

Valtix Delivers Free Cloud Security for Departmental, Development, and Test Applications

11/03/2021
Company aims to make cloud network security more accessible to all organizations.

Risk Quantification: A Powerful Tool in Your Cyberthreat Defense Arsenal

11/03/2021
Three ways that understanding your cyber-risk in real dollars can help your organization survive the threat of ransomware and other attacks.

Simulation Game Teaches Non-Security Staff How to Handle a Cyber Crisis

11/02/2021
In this card-based game from Kaspersky, players work through a cyberattack scenario and learn how each decision they make has consequences.

Cloud, Remote Work Will Change How IT Uses Vulnerability Scanners

11/02/2021
Tenable added Raspberry Pi support to Nessus v10.0 to help security professionals conduct audits and assessments remotely.