Dark Reading

US-CERT Warns of Remotely Exploitable Bugs in Medical Devices

11/14/2019
Vulnerabilities in key surgical equipment could be remotely exploited by a low-skill attacker.

8 Backup & Recovery Questions to Ask Yourself

11/14/2019
Don't wait until after a disaster, DDoS, or ransomware attack to learn just how good your backups really are.

How Does Your Cyber Resilience Measure Up?

11/14/2019
The security measures companies take today may not be enough for tomorrow's cyber assault, but switching to a proactive, risk-based framework may better protect your organization.

Cardplanet Operator Extradited for Facilitating Credit Card Fraud

11/13/2019
Russian national Aleksei Burkov is charged with wire fraud, access device fraud, and conspiracy to commit identity theft, among other crimes.

Unreasonable Security Best Practices vs. Good Risk Management

11/13/2019
Perfection is impossible, and pretending otherwise just makes things worse. Instead, make risk-based decisions.

Report: Cross-Site Scripting Still Number One Web Attack

06/01/2018
SQL injection is the second most common technique, with IT and finance companies the major targets.

Most Expensive Data Breaches Start with Third Parties: Report

05/24/2018
Data breach costs increased 24% for enterprise victims and 36% for SMBs from 2017 to 2018, researchers found.

DOJ Sinkholes VPNFilter Control Servers Found in US

05/24/2018
The US Department of Justice said the move aims to thwart the spread of the botnet as part of its investigation into Russian nation-state hacking group APT28 aka Fancy Bear.

GDPR, WHOIS & the Impact on Merchant Risk Security Monitoring

05/24/2018
The EU's General Data Protection Regulation will make it harder for law enforcement, forensic investigators, and others to track down everything from credit card fraud to child porn rings.

A Data Protection Officer's Guide to the Post-GDPR Deadline Reality

05/24/2018
The EU's General Data Protection Regulation deadline is here -- now what? These four tips can help guide your next steps.

More Than Half of Users Reuse Passwords

05/24/2018
Users are terrible at passwords and the problem is only getting worse, according to an expansive study of more than 100 million passwords and their owners.

25% of Businesses Targeted with Cryptojacking in the Cloud

05/15/2018
New public cloud security report detects a spike in cryptojacking, mismanaged cloud storage, account takeover, and major patches getting overlooked.

Are You Protecting Your DevOps Software 'Factory'?

05/01/2018
New study highlights insecurities in DevOps toolchain implementations.

WhatsApp Founder to Depart Facebook Amid Privacy, Encryption Dispute

04/30/2018
Jan Koum also plans to step down from Facebook's board of directors.

Old Worm, New Tricks: FacexWorm Targets Crypto Platforms

04/30/2018
Malicious Chrome extension FacexWorm has reappeared with new capabilities, targeting cryptocurrency platforms and lifting user data.

Speed at Which New Drupal Flaw Was Exploited Highlights Patching Challenges

04/30/2018
In the rush to patch, organizations can create fresh problems for themselves.

Slack Releases Open Source SDL Tool

04/30/2018
After building an SDL tool for their own use, Slack has released it on Github under an open source license.

10 Security Innovators to Watch

04/30/2018
Startups in the RSA Conference Innovation Sandbox competed for the title of "Most Innovative."

Cybercrime Economy Generates $1.5 Trillion a Year

04/20/2018
Threat actors generate, launder, spend, and reinvest more than $1.5 trillion in illicit funds, according to a new study on cybercrime's 'web of profit.'

Trust: The Secret Ingredient to DevSecOps Success

04/20/2018
Security practitioners must build trusted relationships with developers and within cross-functional DevOps teams to get themselves embedded into continuous software delivery processes.