Dark Reading

Thanks, Larry!

12/12/2019
A no-tech trick, a la social engineering, can lead to huge corporate security consequences -- and it might just score the criminal a new car.

The Next Security Silicon Valley: Coming to a City Near You?

12/11/2019
The high cost of doing business in California's San Francisco Bay Area is just one factor driving infosec companies — established and and startups, alike — to pursue their fortunes elsewhere. Here's where many are going.

Google Chrome Now Automatically Alerts Users on Compromised Passwords

12/11/2019
A series of security enhancements seek to protect users from phishing and warn them when credentials have been compromised.

Microsoft Fixes Windows Zero-Day on Lightest Patch Tuesday of 2019

12/10/2019
This month's batch of security updates addresses 36 CVEs, seven of which are rated Critical and one of which has been exploited in the wild.

Blink Cameras Found with Multiple Vulnerabilities

12/10/2019
Researchers found three broad types of vulnerabilities, one of which should be particularly concerning to consumers.

Security 101: What Is a Man-in-the-Middle Attack?

12/10/2019
A breakdown of the common ways criminals employ MitM techniques to snare victims, and tips for protecting users from these dirty tricks.

Intel's CPU Flaws Continue to Create Problems for the Tech Community

12/10/2019
We can't wait out this problem and hope that it goes away. We must be proactive.

Scientists Break Largest Encryption Key Yet with Brute Force

12/09/2019
The key, only one-third the length of most commercial encryption keys, took more than 35 million compute hours to break.

Microsoft 'Campaign Views' Offers Full Look at Office 365 Attacks

12/09/2019
Campaign views, arriving in public preview, aims to share more context around how attackers targeted an organization and whether its defenses worked.

Maersk CISO Says NotPeyta Devastated Several Unnamed US firms

12/09/2019
At least two companies may have been dealt even more damage than the shipping giant, which lost nearly its entire global IT infrastructure.

Two Bayrob Cybercrime Members Sentenced to 20 and 18 Years in Prison

12/09/2019
The Romanian nationals stole some $4 million in a vast malware, botnet, and cryptocurrency operation.

10 Notable Cybersecurity Acquisitions of 2019, Part 2

12/09/2019
As mergers and acquisitions continued to shape the security industry throughout 2019, these deals were most significant.

Criminals Hide Fraud Behind the Green Lock Icon

12/09/2019
Criminals are using free certificate services to apply real security certs to fraudulent sites - and to take advantage of victims looking for surfing safety.

How Attackers Used Look-Alike Domains to Steal $1 Million From a Chinese VC

12/06/2019
Money meant to fund an Israeli startup wound up directly deposited to the scammers.

Data Center Provider CyrusOne Confirms Ransomware Attack

12/06/2019
The attack struck CyrusOne's managed services division and compromised six customers primarily serviced by a New York data center.

Senators Call for End to Controversial NSA Program

12/06/2019
The program for collecting telephone call metadata has faced increased scrutiny and restrictions since Edward Snowden revealed its existence in 2013.

Mega Breaches Are Forcing Us to a Passwordless World. Are We Finally Ready?

12/06/2019
Passwordless authentication advocates see 2020 as a potential turning point year for the technology. But can the industry get off the dime?

Success Enablers or Silent Killers?

12/06/2019
These five success enablers will help CISOs report, measure, and demonstrate ROI to the C-suite.

VPN Flaw Allows Criminal Access to Everything on Victims' Computers

12/05/2019
Vulnerability in the Aviatrix VPN client, since patched, gives an attacker unlimited access to a breached system.

US Sets $5 Million Bounty For Russian Hacker Behind Zeus Banking Thefts

12/05/2019
Maksim Yakubets and his crew stole tens of millions using Zeus and Dridex, with victims including Bank of America, Key Bank, GenLabs, and United Dairy, DoJ says.