Dark Reading

Widely Known Flaw in Pulse Secure VPN Being Used in Ransomware Attacks

01/06/2020
New Year's Eve attack on currency exchange service Travelex may have involved use of the flaw.

Time for Insider-Threat Programs to Grow Up

01/02/2020
Immature programs attempting to protect against damaging attacks by insiders run the risk of alienating employees.

CCPA Kickoff: What Businesses Need to Know

01/02/2020
The California Consumer Privacy Act is in full effect, prompting organizations to think about how they'll remain compliant.

Ransomware Scuttles Coast Guard Facility for 30+ Hours

01/02/2020
The attack on the unnamed facility began with a malicious email link.

Santa and the Zero-Trust Model: A Christmas Story

12/23/2019
How would the world's most generous elf operate in a world of zero-trust security? A group of cybersecurity experts lets us know.

Citrix Urges Firms to Harden Configurations After Flaw Report

12/23/2019
A vulnerability in two of the company's appliances opens 80,000 networks up for exploitation.

F5 Pays $1 Billion for Shape

12/20/2019
The acquisition adds fraud detection and prevention to the application delivery company's tool collection.

Real-Time Payment Platforms Offer Fast Cash & Fast Fraud

12/19/2019
Real-time payment services like The Clearing House and Zelle will completely clear transactions in an instant...but account takeover attackers love that speed as much as you do.

China-Based Cyber Espionage Group Targeting Orgs in 10 Countries

12/19/2019
Dozens of organizations across multiple sectors have become victims of APT20 in the past two years.

Patch Management: How to Prioritize an Underserved Vulnerability

12/19/2019
Why is one of the biggest problems in cybersecurity also one that CISOs largely ignore? Here are three reasons and a road map to a modern approach.

5 Security Resolutions to Prevent a Ransomware Attack in 2020

12/18/2019
Proactively consider tools to detect anomalous behavior, automatically remediate, and segment threats from moving across the network.

Microsoft Issues Out-of-Cycle SharePoint Update

12/18/2019
The update repairs vulnerabilities that could lead to very effective phishing messages.

5 Pieces of GDPR Advice for Teams Without Privacy Compliance Staff

12/18/2019
Are you an army of one tasked with compliance and data privacy? Try these tips to get you and your organization in alignment with regulators.

15 Million Patient Records Exposed Attack on Canadian Lab

12/17/2019
A cyberattack against LifeLabs exposed personal information on patients in Ontario and British Columbia.

Facebook Fixes WhatsApp Group Chat Security Issue

12/17/2019
Flaw allowed attackers to repeatedly crash group chat and force users to uninstall and reinstall app, Check Point says.

Higher Degree, Higher Salary? Not for Some Security Pros

12/17/2019
Turns out, skill beats experience and an academic degree doesn't guarantee higher compensation for five security positions.

Talking to the Board about Cybersecurity

12/17/2019
A chief financial officer shares five winning strategies for an effective board-level conversation about right-sizing risk.

Financial Services Breaches Less Common, More Damaging, Than Those in Other Sectors

12/16/2019
While far less common than breaches in other industry sectors, financial services breaches were more than twice as expensive, per record exposed, than the average for tech businesses.

Weak Crypto Practice Undermining IoT Device Security

12/16/2019
Keyfactor says it was able to break nearly 250,000 distinct RSA keys - many associated with routers, wireless access points, and other Internet-connected devices.

Mobile Devices Account for 41% of DDoS Attack Traffic

12/16/2019
DNS amplification attacks continue to dominate distributed denial-of-service (DDoS) attacks, while mobile devices make up a larger share of traffic.