Dark Reading

Macs Still Targeted Mostly With Adware, Less With Malware

10/21/2021
The top 10 categories of digital threats on macOS are all adware programs, with only a sliver of the share of victims affected by actual malware, according to an IT management firm.

How Psychology Can Save Your Cybersecurity Awareness Training Program

10/21/2021
Understanding human psychology, how it works, and how to introduce its concepts into cybersecurity awareness training can make a huge difference to your organization.

Proposed HTTPA Protocol Uses TEEs to Secure the Web

10/20/2021
Intel researchers describe how Trusted Execution Environments can enhance HTTPS and boost Web security.

Optiv Announces Second Annual $40,000 Scholarship for Black, African American Identifying STEM Students

10/20/2021
$10,000 to be awarded annually for four years each by Optiv’s Black Employee Network.

Microsoft-Signed Rootkit Targets Gaming Environments in China

10/20/2021
FiveSys is the second publicly known rootkit since June that attackers have managed to sneak past Microsoft's driver certification process.

Microsoft, Intel, and Goldman Sachs to Lead New TCG Work Group to Tackle Supply Chain Security Challenges

10/20/2021
Led by representatives from the three companies, the work group will create guidance that defines, implements, and upholds security standards for the entire supply chain.

MITRE Engenuity Announces ATT&CK® Evaluations Call for Participation for Managed Services

10/20/2021
Offering to provide transparency into the capabilities of managed security service providers and and managed detection and response competencies.

CISA Awards $2 Million to Bring Cybersecurity Training to Rural Communities and Diverse Populations

10/20/2021
Award recipients NPower and CyberWarrior recognized for development of cyber workforce training programs.

Execs From Now-Defunct GigaTrust Arrested in $50M Fraud Scheme

10/20/2021
Email endpoint security-as-a-service company founder and two others indicted in an elaborate financial fraud scheme.

Google: Phishing Campaign Targets YouTube Creators

10/20/2021
The attackers behind the campaign, which distributes cookie theft malware, are attributed to actors recruited in a Russian-speaking forum.

Removing Friction for the Enterprise With Trusted Access

10/20/2021
Our work lives are supposed to be simpler and easier because of technology. At least that’s the promise.

Passwordless Is the Future … but What About the Present?

10/20/2021
Password managers, single sign-on, and multifactor authentication each offers its own methodology and unique set of benefits — and drawbacks — to users.

The Ransomware Payment Dilemma: Should Victims Pay or Not?

10/20/2021
It's time to steer the conversation away from whether payment bans should be implemented to how and when they should take effect.

JavaScript Packing Found In More Than 25% of Malicious Sites

10/20/2021
Obfuscation techniques are extremely prevalent, data shows, but they can't be used as a single indicator of compromise because legitimate websites use them.

Penetration Testing in the Cloud Demands a Different Approach

10/19/2021
Attackers use a different set of techniques to target the cloud, meaning defenders must think differently when pen testing cloud environments.

Telecommunications Providers Worldwide Are Targeted in Sophisticated Cyber-Espionage Campaign

10/19/2021
LightBasin has displayed in-depth knowledge of telecom architectures and protocols in its attacks, security vendor warns.

Cato Networks Valued at $2.5B, Raises Additional $200M to Accelerate SASE Adoption Among Large Enterprises

10/19/2021
Cato more than doubles its valuation in one year with largest funding round to date. Total financing reaches $532 million.

Enterprise Cybersecurity Strategies Are Getting More Attention

10/19/2021
Data in Dark Reading's "2021 Strategic Security Survey" report suggest organizations are taking the security challenge seriously.

Query.ai Closes $15M Series A for Security Investigations Tool

10/19/2021
The funding will support product development for Query.AI's browser-based security investigations tool.

Keysight Technologies Acquires SCALABLE Network Technologies

10/19/2021
Simulation and modeling solutions augment Keysight's 5G and cybersecurity portfolio.