Dark Reading

Zscaler to Buy Cloudneeti

04/09/2020
The security service provider adds cloud security "posture" management with the deal.

Keeping Vigilant for BEC Amid COVID-19 Chaos

04/08/2020
FBI and security experts warn that attackers are particularly targeting cloud-based email systems at the moment.

After Adopting COVID-19 Lures, Sophisticated Groups Target Remote Workers

04/08/2020
While coronavirus-themed emails and files have been used as a lure for weeks, attackers now are searching for ways to actively target VPNs and remote workers to take advantage of weaker security.

Researchers Fool Biometric Scanners with 3D-Printed Fingerprints

04/08/2020
Tests on the fingerprint scanners of Apple, Microsoft, and Samsung devices reveal it's possible to bypass authentication with a cheap 3D printer.

Privacy & Digital-Rights Experts Worry Contact-Tracing Apps Lack Limits

04/07/2020
Mobile-phone-based tracking of people can help fight pandemics, but privacy and security researchers stress that it needs to be done right.

Chinese APT Groups Targeted Enterprise Linux Systems in Decade-Long Data Theft Campaign

04/07/2020
Organizations across multiple industries compromised in a systematic effort to steal IP and other sensitive business data, BlackBerry says.

Cybercriminals Hide Malware & Phishing Sites Under SSL Certificates

04/07/2020
More than half of the top 1 million websites use HTTPS, researchers report, but not all encrypted traffic is safe.

The Edge Names 'Holy Cow' Cartoon Caption Winners

04/07/2020
What can cows possibly have to do with cybersecurity?

More Attackers Have Begun Using Zero-Day Exploits

04/06/2020
Vendors of offensive cyber tools have made it easy for any threat group with the right funds to leverage unpatched bugs, FireEye says.

Misconfigured Containers Again Targeted by Cryptominer Malware

04/06/2020
An attack group is searching for insecure containers exposing the Docker API and then installing a program that attempts to mine cryptocurrency. It's not the first time.

Microsoft: Emotet Attack Shut Down an Entire Business Network

04/06/2020
The infection started with a phishing email and spread throughout the organization, overheating all machines and flooding its Internet connection.

Researcher Hijacks iOS, macOS Camera with Three Safari Zero-Days

04/03/2020
A security researcher earned $75,000 for finding a whopping seven zero-days in Safari, three of which can be combined to access the camera.

5 Soothing Security Products We Wish Existed

04/03/2020
Maybe security alert fatigue wouldn't be so bad if the alerts themselves delivered less stress and more aromatherapy.

A Day in The Life of a Pen Tester

04/02/2020
Two penetration testers share their day-to-day responsibilities, challenges they encounter, and the skills they value most on the job.

Bad Bots Build Presence Across the Web

04/02/2020
Bots that mimic human behavior are driving a growing percentage of website traffic while contributing to an avalanche of misinformation.

Companies Are Failing to Deploy Key Solution for Email Security

04/02/2020
A single -- albeit complex-to-deploy -- technology could stop the most expensive form of fraud, experts say. Why aren't more companies adopting it?

Prioritizing High-Risk Assets: A 4-Step Approach to Mitigating Insider Threats

04/02/2020
Sound insider threat detection programs combine contextual data and a thorough knowledge of employee roles and behaviors to pinpoint the biggest risks.

5 Ways Enterprises Inadvertently Compromise Their Network Security

04/02/2020
Is your organization carelessly leaving its networks vulnerable to invasion? Check out these five common oversights to see if your resources are at risk.

A Hacker's Perspective on Securing VPNs As You Go Remote

04/02/2020
As organizations rush to equip and secure their newly remote workforce, it's important to keep things methodical and purposeful

Best Practices to Manage Third-Party Cyber-Risk Today

04/02/2020
Bold new thinking is needed to solve the rapidly evolving challenge of third-party risk management.