Dark Reading

CISA Publishes Analysis on New 'FiveHands' Ransomware

05/06/2021
Attackers used publicly available tools, FiveHands ransomware, and SombRAT to successfully target an organization, officials report.

Cloud-Native Businesses Struggle with Security

05/06/2021
More companies moved to cloud-native infrastructure in the past year, and security incidents and malware moved right along with them.

Securing the Internet of Things in the Age of Quantum Computing

05/06/2021
Internet security, privacy, and authentication aren't new issues, but IoT presents unique security challenges.

Biden's Supply Chain Initiative Depends on Cybersecurity Insights

05/06/2021
Those helming the US supply chain executive order need to leverage standards, measurement, and the lessons cybersecurity leaders have learned.

How to Move Beyond Passwords and Basic MFA

05/06/2021
It's not a question of whether passwordless is coming -- it's simply a question of when. How should your organization prepare? (Part two of a two-part series.)

Black Hat Asia Speakers Share Secrets About Sandboxes, Smart Doors, and Security

05/06/2021
Find video interviews with some of the coolest Black Hat Asia experts right here, as part of the Dark Reading News Desk this week.

Attackers Seek New Strategies to Improve Macros' Effectiveness

05/05/2021
The ubiquity of Microsoft Office document formats means attackers will continue to use them to spread malware and infect systems.

Gap Between Security and Networking Teams May Hinder Tech Projects

05/05/2021
Professionals in each field describe a poor working relationship between the two teams

DoD Lets Researchers Target All Publicly Accessible Info Systems

05/05/2021
The Department of Defense expands its vulnerability disclosure program to include a broad range of new targets.

Wanted: The (Elusive) Cybersecurity 'All-Star'

05/05/2021
Separate workforce studies by (ISC) 2 and ISACA point to the need for security departments to work with existing staff to identify needs and bring entry-level people into the field.

Debating Law Enforcement's Role in the Fight Against Cybercrime

05/05/2021
The FBI's action to remove Web shells from compromised Microsoft Exchange Servers sparks a broader discussion about officials' response to cyberattacks.

Will 2021 Mark the End of World Password Day?

05/05/2021
We might be leaving the world of mandatory asterisks and interrobangs behind for good.

Newer Generic Top-Level Domains a Security 'Nuisance'

05/04/2021
Ten years of passive DNS data shows classic TLDs such as .com and .net dominate newer TLDs in popularity and use.

Apple Issues Patches for Webkit Security Flaws

05/04/2021
The vulnerabilities may already be under active attack, Apple says in an advisory.

Planning Our Passwordless Future

05/04/2021
All the talk that passwords could one day go away seemed too good to be true, yet the scales are finally started to tip to a passwordless reality. (Part one of a two-part series.)

Hundreds of Millions of Dell Computers Potentially Vulnerable to Attack

05/04/2021
Hardware maker has issued an update to fix multiple critical privilege escalation vulnerabilities that have gone undetected since 2009.

More Companies Adopting DevOps & Agile for Security

05/04/2021
Measures of programming speed, security, and automation have all significantly increased in the past year, GitLab's latest survey finds.

Scripps Health Responds to Cyberattack

05/04/2021
The health care system says it has suspended access to patient portals and other applications related to operations at Scripps facilities.

Can Organizations Secure Remote Workers for the Long Haul?

05/04/2021
By focusing on protection instead of detection, organizations can defend against targeted attacks without compromising security or productivity.

It's Time to Ditch Celebrity Cybersecurity

05/04/2021
High-profile attacks and solutions are shiny objects that can distract from the defenses that afford the greatest protection.