Dark Reading

Dark Reading Cybersecurity Crossword Puzzle

03/20/2020
Here's a little something to snuggle up with if you're on lockdown.

Proof of Concept Released for kr00k Wi-Fi Vulnerability

03/20/2020
The code demonstrates a relatively simple method to exploit a vulnerability in more than a billion devices.

500,000 Documents Exposed in Open S3 Bucket Incident

03/18/2020
The open database exposed highly sensitive financial and business documents related to two financial organizations.

Facebook Got Tagged, but not Hard Enough

03/18/2020
Ensuring that our valuable biometric information is protected is worth more than a $550 million settlement.

Security Lessons We've Learned (So Far) from COVID-19

03/17/2020
Takeaways about fighting new fires, securely enabling remote workforces, and human nature during difficult times.

This Tax Season, Save the Scorn and Protect Customers from Phishing Scams

03/17/2020
As security professionals, it's easy to get cynical about the continued proliferation of tax ID theft and blame the consumers themselves. But that doesn't help anyone.

Remote Workforce Jumps 15% In Two Weeks

03/17/2020
Netskope reports the total number of remote employees is the highest it has ever observed.

Hellman & Friedman Acquires Checkmarx for $1.5B

03/16/2020
The private equity firm will buy Checkmarx from Insight Partners, which will continue to own a minority interest.

Fewer Vulnerabilities in Web Frameworks, but Exploits Remain Steady

03/16/2020
Attackers continue to focus on web and application frameworks, such as Apache Struts and WordPress, fighting against a decline in vulnerabilities, according to an analysis.

What Cybersecurity Pros Really Think About Artificial Intelligence

03/13/2020
While there's a ton of unbounded optimism from vendor marketing and consultant types, practitioners are still reserving a lot of judgment.

Princess Cruises Confirms Data Breach

03/13/2020
The cruise liner, forced to shut down operations due to coronavirus, says the incident may have compromised passengers' personal data.

A Lesson in Social Engineering

03/13/2020
What kind of school project is this?

Texas Chose to Fight Ransomware and Not Pay. What About the Rest of Us?

03/13/2020
Law-abiding folks like us applauded Texas for its bravery - but would we have the steel will to stand on the side of justice if it happened to us? Probably not.

Microsoft Patches Leaked Remote Code Execution Flaw

03/12/2020
A vulnerability in Microsoft's Server Message Block protocol prompted concerns of wormable exploits when it was disclosed this week.

Back to the Future: A Threat Intelligence Journey

03/12/2020
Threat intelligence needs the problem solvers, the curious ones, the mission seekers, the analytical minds, the defenders, and the fierce -- whatever their gender.

Blacklists Miss 21% of Phishing Attacks, Internet Traffic Reveals

03/11/2020
Visibility into phishing attacks by content delivery networks and security firms shows many domains fail to be classified as malicious.

Why CSP Isn't Enough to Stop Magecart-Like Attacks

03/11/2020
As Magecart and formjacking attacks become more sophisticated, it's essential to address not only what services may interact with users, but what that interaction looks like and how to control it.

Paradise Ransomware Variant Hides in Office IQY Files

03/10/2020
The uncommon Internet Query file format lets attacks slip past defenses to effectively break into target networks.

What Should I Do About Vulnerabilities Without Fixes?

03/10/2020
With better tools that identify potential threats even before developers address them, a new problem has arisen.

How Network Metadata Can Transform Compromise Assessment

03/10/2020
Listen more closely and your network's metadata will surrender insights the bad guys counted on keeping secret