Dark Reading

Design Weakness in Microsoft CFG Allows Complete Bypass

03/06/2018
Researchers from Italy's University of Padua will demo a new technique to evade Control Flow Guard, the widely deployed security mechanism, at Black Hat Asia.

Identity Management: Where It Stands, Where It's Going

03/06/2018
How companies are changing the approach to identity management as people become increasingly digital.

Connected Cars Pose New Security Challenges

03/06/2018
The auto industry should seize the opportunity and get in front of this issue.

Second Ransomware Round Hits Colorado DOT

03/06/2018
A variant of SamSam sends CDOT employees back to pen and paper with two attack waves in two weeks.

Pragmatic Security: 20 Signs You Are 'Boiling the Ocean'

03/06/2018
Ocean-boiling is responsible for most of the draconian, nonproductive security policies I've witnessed over the course of my career. Here's why they don't work.

Insider Threat Seriously Undermining Healthcare Cybersecurity

03/05/2018
Two separate reports suggest insiders - of the malicious and careless variety - pose more of a problem in healthcare than any other sector.

More Security Vendors Putting 'Skin in the Game'

03/05/2018
Secure messaging and collaboration provider Wickr now publicly shares security testing details of its software.

6 Questions to Ask Your Cloud Provider Right Now

03/05/2018
Experts share the security-focused issues all businesses should explore when researching and using cloud services.

CERT.org Goes Away, Panic Ensues

03/05/2018
Turns out the Carnegie Mellon CERT just moved to a newly revamped CMU Software Engineering Institute website.

Facebook Upgrades Link Security with HSTS Preloading

03/05/2018
Facebook and Instagram links will automatically update from HTTP to HTTPS for eligible websites, increasing both speed and security, the social media giant said.

Hacking Back & the Digital Wild West

03/05/2018
Far from helping organizations defend themselves, hacking back will escalate an already chaotic situation.

Millions of Office 365 Accounts Hit with Password Stealers

03/02/2018
Phishing emails disguised as tax-related alerts aim to trick users into handing attackers their usernames and passwords.

Mueller May Indict Russians Who Hacked DNC

03/02/2018
Special counsel is compiling a case against the hackers who breached the DNC and John Podesta's email account, NBC News reports.

A Secure Development Approach Pays Off

03/02/2018
Software security shouldn't be an afterthought. That's why the secure software development life cycle deserves a fresh look.

A Sneak Peek at the New NIST Cybersecurity Framework

03/02/2018
Key focus areas include supply chain risks, identity management, and cybersecurity risk assessment and measurement.

Number of Sites Hosting Cryptocurrency Miners Surges 725% in 4 Months

03/01/2018
The dramatic increase in cryptocurrency prices, especially for Monero, is behind the sudden explosive growth, says Cyren.

'Chafer' Uses Open Source Tools to Target Iran's Enemies

03/01/2018
Symantec details operations of Iranian hacking group mainly attacking air transportation targets in the Middle East.

Securing the Web of Wearables, Smartphones & Cloud

03/01/2018
Why security for the Internet of Things demands that businesses revamp their software development lifecycle.

GitHub Among Victims of Massive DDoS Attack Wave

03/01/2018
GitHub reports its site was unavailable this week when attackers leveraged Memcached servers to generate large, widespread UDP attacks.

How & Why the Cybersecurity Landscape Is Changing

03/01/2018
A comprehensive new report from Cisco should "scare the pants off" enterprise security leaders.