Dark Reading

Fake Android Apps Promise Cryptomining Services to Steal Funds

Researchers discover more than 170 Android apps that advertise cloud cryptocurrency mining services and fail to deliver.

Sophos Acquires Capsule8 for Linux Server & Container Security

The deal was announced the same day ZeroFox bought Dark Web intelligence firm Vigilante as a wave of security M&A continues.

Are Security Attestations a Necessity for SaaS Businesses?

Are security attestations becoming business imperatives, or are they merely token additions on the list of regulatory requirements?

Microsoft Releases Emergency Patch for 'PrintNightmare' Vuln

It urges organizations to immediately apply security update, citing exploit activity.

Security 101: The 'PrintNightmare' Flaw

A closer look at the printer software vulnerability - and what you can do about it.

Autonomous Security Is Essential if the Edge Is to Scale Properly

Service demands at the network edge mean customers need to get cost, performance, and security right.

Researchers Learn From Nation-State Attackers' OpSec Mistakes

Security researchers discuss how a series of simple and consistent mistakes helped them learn more about ITG18, better known as Charming Kitten.

Workers Careless in Sharing & Reusing Corporate Secrets

A new survey shows leaked enterprise secrets costs companies millions of dollars each year.

It's High Time for a Security Scoring System for Applications and Open Source Libraries

A benchmarking system would help buyers choose more secure software products and, more importantly, light a fire underneath software producers to make products secure.

Alleged Cybercriminal Arrested in Morocco Following Interpol Probe

The suspect operated under the name "Dr Hex" to target thousands of people through phishing, fraud, and carding activities.

Cyberattack on Kaseya Nets More Than 1,000 Victims, $70M Ransom Demand

The provider of remote monitoring and management services warns customers to not run its software until a patch is available and manually installed.

8 Ways to Preserve Legal Privilege After a Cybersecurity Incident

Knowing your legal distinctions can make defense easier should you end up in court after a breach, attack, or data loss.

Watch for Cybersecurity Games at the Tokyo Olympics

The cybersecurity professionals guarding the Summer Olympics are facing at least as much competition as the athletes, and their failure could have steeper ramifications.

Barracuda Agrees to Acquire Skout Cybersecurity

The acquisition will bring Barracuda into the extended detection and response (XDR) market with a tool for managed service providers.

Secured-Core PCs May Mitigate Firmware Attacks, but Adoption Lags

Microsoft maintains that exploitation of recent Dell vulnerabilities would be blocked on ultra-secure PCs - but most systems do not have the technology yet.

Microsoft Issues New CVE for 'PrintNightmare' Flaw

Company says remote code execution issue in all Windows versions is different from one in Windows Print Spooler that it had patched last month, though both affect same function.

SOC Investment Improves Detection and Response Times, Data Shows

A survey of IT and security pros finds many are confident in their ability to detect security incidents in near-real time or within minutes.

5 Mistakes That Impact a Security Team's Success

The way we work and treat each other go a long way in improving our organizations' security posture.

WFH: A Smart Time to Revisit Employee Use of Social Media

Employers have their hands full when it comes to monitoring online activities that could hurt the brand or violate the organization's core values.

GitHub Unveils AI Tool to Speed Development, but Beware Insecure Code

The company has created an AI system, dubbed Copilot, to offer code suggestions to developers, but warns that any code produced should be tested for defects and vulnerabilities.