Dark Reading

Enterprises Allocating More IT Dollars on Cybersecurity

10/29/2021
Enterprises are allocating more IT dollars towards implementing a multilayered approach to securing data and applications against new threats, data shows.

Snyk Agrees to Acquire CloudSkiff, Creators of driftctl

10/29/2021
New capabilities allow Snyk Infrastructure as Code customers to more effectively detect infrastructure drift.

APTs, Teleworking, and Advanced VPN Exploits: The Perfect Storm

10/29/2021
A Mandiant researcher shares the details of an investigation into the misuse of Pulse Secure VPN devices by suspected state-sponsored threat actors.

Russian National Accused of Role in Trickbot Is Extradited to US

10/29/2021
Court documents say Vladimir Dunaev is alleged to have been a malware developer for the Trickbot Group.

Cybercriminals Take Aim at Connected Car Infrastructure

10/29/2021
While car makers are paying more attention to cybersecurity, the evolution of automobiles into "software platforms on wheels" and the quick adoption of new features has put connected cars in the crosshairs.

What Exactly Is Secure Access Service Edge (SASE)?

10/29/2021
Any company that supports a hybrid workforce should at least be familiar with this relatively new security approach.

A Treehouse of Security Horrors

10/29/2021
True-life horrors from conversations with software engineers and developers. D'oh!

Finding the Right Approach to Cloud Security Posture Management (CSPM)

10/29/2021
Cloud security is maturing — it has to. New strategies are surfacing to respond to new problems. Dr. Mike Lloyd, RedSeal's CTO, reviews one of the latest: CSPM.

6 Ways to Rewrite the Impossible Job Description

10/28/2021
It's hard enough to fill a cybersecurity position given the talent shortage. But you may be making it harder with a poor job description that turns off would-be candidates.

SEO Poisoning Used to Distribute Ransomware

10/28/2021
This tactic — used to distribute REvil ransomware and the SolarMarker backdoor — is part of a broader increase in such attacks in recent months, researchers say.

Top Hardware Weaknesses List Debuts

10/28/2021
CWE list aimed at designers and programmers to avoid key hardware weaknesses early in product development.

ICS Security Firm Dragos Reaches $1.7B Valuation in Latest Funding Round

10/28/2021
The $200M Series D represents the company's largest funding round to date.

Ordr Unveils Cybersecurity Innovations and Ransom-Aware Rapid Assessment Service to Expand Its Leadership In Connected D

10/28/2021
Enhanced ransomware detection, visualization of ransomware communications, and risk customization helps organizations respond to cyberattacks in minutes.

NSA-CISA Series on Securing 5G Cloud Infrastructures

10/28/2021
CISA encourages 5G providers, integrators, and network operators to review the guidance and consider the recommendations.

Tech Companies Create Security Baseline for Enterprise Software

10/28/2021
The Minimum Viable Secure Product is written as a checklist of minimum-security requirements for business-to-business software.

US to Create Diplomatic Bureau to Lead Cybersecurity Policy

10/28/2021
As part of its modernization initiative, the Department of State will increase its IT budget by 50% and add a new bureau to lead cybersecurity and digital policy.

Stop Zero-Day Ransomware Cold With AI

10/28/2021
AI can help recognize ransomware attacks and stop them at computer speed.

Identity-Focused Security Controls Prevail

10/27/2021
How identity and access management strategies held up during the pandemic and tips for putting together an identity security road map.

Annual Cyber Risk Survey Finds Businesses Are Sharpening Their Focus on Cybersecurity but Also Reveals Much Room for Imp

10/27/2021
This year's survey features the highest percentage of cyber insurance buyers since the beginning of the survey 11 years ago.

Cyber Readiness Institute Names Karen S. Evans as New Managing Director

10/27/2021
Former assistant secretary for cybersecurity, energy security, and emergency response at US Department of Energy and Homeland Security CIO to lead strategic vision and day-to-day operations.