Dark Reading

Former NSA Employee Faces Death Penalty for Selling Secrets

10/04/2022
Suspect allegedly thought he was swapping secrets with a foreign government for crypto — but the contact turned out to be an FBI agent.

Workforce Data Privacy in the Modern Work Era

10/04/2022
It takes culture as well as individual and corporate responsibilities to ensure workforce data privacy and compliance.

Steam Gaming Phish Showcases Browser-in-Browser Threat

10/04/2022
Attackers are using the recently emerged browser-in-the-browser phishing technique to steal accounts from Valve's popular gaming platform, but it's a warning shot to businesses.

More Than 30% of All Malicious Attacks Target Shadow APIs

10/04/2022
New research spotlights how attackers are capitalizing on API-driven innovation.

Eclypsium Raises Series B to Protect Digital Supply Chain As Attacks Grow

10/04/2022
The new round highlights market demand to protect global businesses from soaring breaches through supply chains of critical hardware, devices, firmware, and software.

Aryaka Delivers Zero-Trust WAN Based on Unified SASE Architecture

10/04/2022
The new offering integrates firewall-as-a-service and secure web gateway into cloud-managed networking and security services.

Ransomware 3.0: The Next Frontier

10/04/2022
Attackers are already circling back to reselling stolen data instead of — and in addition to — extortion.

Expert Insights: How to Protect Sensitive Machine-Learning Training Data Without Borking It

10/04/2022
Another element of ML security is the data used to train the machine learning system itself.

Growing Reliance on Cloud Brings New Security Challenges

10/03/2022
With organizations expanding their cloud operations, cloud security is imperative to protect applications and data.

Bumblebee Malware Loader's Payloads Significantly Vary by Victim System

10/03/2022
On some systems the malware drops infostealers and banking Trojans; on others it installs sophisticated post-compromise tools, new analysis shows.

First 72 Hours of Incident Response Critical to Taming Cyberattack Chaos

10/03/2022
Responding to cyberattacks is extraordinarily stressful, but better planning, frequent practice, and the availability of mental health services can help IR professionals, a survey finds.

Vice Society Publishes LA Public School Student Data, Psych Evals

10/03/2022
After a flat refusal to pay the ransom, Los Angeles Unified School District's stolen data has been dumped on the Dark Web by a ransomware gang.

Name That Edge Toon: Mumbo Dumbo

10/03/2022
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.

How AWS, Cisco, Netflix & SAP Are Approaching Cybersecurity Awareness Month

10/03/2022
This year's theme is "See Yourself in Cyber," and these security folks are using the month to reflect on the personal factor in cybersecurity.

Worried About the Exchange Zero-Day? Here's What to Do

09/30/2022
While organizations wait for an official patch for the two zero-day flaws in Microsoft Exchange, they should scan their networks for signs of exploitation and apply these mitigations.

LA School District Ransomware Attackers Now Threaten to Leak Stolen Data

09/30/2022
Weeks after it breached the Los Angeles Unified School District, the Vice Society ransomware group is threatening to leak the stolen data, unless they get paid.

The Top 4 Mistakes in Security Programs to Avoid

09/30/2022
Overlooking even just a single security threat can severely erode a company’s community and consumer confidence, tarnish reputation and brand, negatively impact corporate valuations, provide competitors with an advantage, and create unwanted scrutiny.

Reshaping the Threat Landscape: Deepfake Cyberattacks Are Here

09/30/2022
It's time to dispel notions of deepfakes as an emergent threat. All the pieces for widespread attacks are in place and readily available to cybercriminals, even unsophisticated ones.

Cybercriminals See Allure in BEC Attacks Over Ransomware

09/30/2022
While ransomware seems stalled, business email compromise (BEC) attacks continue to make profits from the ProxyShell and Log4j vulnerabilities, nearly doubling in the latest quarter.