Dark Reading

Fears Rise of Potential Russian Cyberattacks on US, Allies Over Sanctions

02/24/2022
If past is precedent, the cyber impact of the war in Ukraine could be broad and bruising, experts say.

Why Developers Should Care About Log4j

02/24/2022
Unless you can gain full visibility into how data flows to and through your dependencies, you can’t be sure if you are affected by this vulnerability.

Trickbot Comes Up With a New Set of Tricks

02/24/2022
Late last year, the group behind the malware stopped spreading Trickbot, instead pushing out copies of Emotet and Qbot to infected systems, researchers say.

Insider Threats Are More Than Just Malicious Employees

02/24/2022
Humans are unpredictable and may make mistakes that could result in a security incident.

4 Simple Steps to a Modernized Threat Intelligence Approach

02/24/2022
As cybersecurity strategies continuously evolve to keep pace with attackers, the relevance of the traditional model is in need of an automation upgrade.

Businesses Are at Significant Risk of Cybersecurity Breaches Due to Immature Security Hygiene and Posture Management Pra

02/24/2022
Seven out of 10 organizations experienced a cyberattack that started through the exploit of unknown or poorly managed technology assets, according to Enterprise Strategy Group research.

Illusive Launches Identity Risk Management Platform

02/24/2022
Illusive Spotlight automatically and continuously discovers and mitigates privileged identity risks, while Illusive Shadow protects against identity risks that can't be readily remediated.

JupiterOne Unveils Starbase for Graph-Based Security

02/24/2022
The open source asset management tool lets security analysts collect asset information all across the organization's digital operations and run queries to understand their relationships.

SaaS in the Enterprise: The Good, the Bad, and the Unknown

02/24/2022
SaaS offers many benefits to the enterprise, but security issues left unchecked can mitigate value.

New York Opens Joint Security Operations Center in NYC

02/24/2022
The "first-in-nation" cyber command center will provide municipal and local governments with threat intelligence and resources to defend themselves against cyberattacks.

What Does Least Privilege Access Mean for Cloud Security?

02/23/2022
While traditional security controls are necessary at the perimeter, organizations also need to prevent malicious privileged access.

New Data-Wiping Malware Discovered on Systems in Ukraine

02/23/2022
Researchers were scrambling to analyze a newly discovered piece of data-wiping malware found in the wild.

CISA Warns of New Malware Framework Used by Russian 'Sandworm' Hacking Team

02/23/2022
Russian General Staff Main Intelligence Directorate (GRU) hacking team appears to have swapped its VPNFilter malware platform for the so-called Cyclops Blink malware framework.

Tales from the Dark Web, Part 3: How Criminals Monetize Ransomware

02/23/2022
Ransomware operators rely on cryptocurrency and other payment schemes to keep their activities under the radar and harder to trace.

Microsoft Debuts Unified Service for Multicloud ID Management

02/23/2022
With nine in 10 companies adopting a multicloud strategy, service providers are focused on finding ways to support the management and security efforts of businesses that rely on multiple cloud resources.

Why Passwordless Is at an Impasse

02/23/2022
Many widely used business applications aren't built to support passwordless login because identity and authentication remain siloed.

Ransomware Trained on Manufacturing Firms Led Cyberattacks in Industrial Sector

02/23/2022
Meanwhile, a few "alarming" infiltrations of OT networks by previously unknown threat groups occurred last year as well.

Log4j Remediation Took Weeks or More for Over 50% of Organizations

02/22/2022
(ISC)² survey also found that half of cybersecurity teams worldwide worked on fixing Log4j issues on weekends and during time off.

Hikvision Network Cyber-Protect Helps Ensure Physical Cybersecurity Protection

02/22/2022
Combines technology, education and tools to help dealers protect networked security systems.

Palo Alto Networks Introduces the Autonomous Security Platform, Cortex XSIAM

02/22/2022
The new AI-driven platform brings threat response times from days to minutes and provides a modern alternative to SIEM. Cortex XSIAM is currently available to a limited set of customers with general availability expected later this year.