Dark Reading

Microsoft: Popular IoT SDKs Leave Critical Infrastructure Wide Open to Cyberattack

11/23/2022
Chinese threat actors have already used the vulnerable and pervasive Boa server to infiltrate the electrical grid in India, in spate of malicious incidents.

Penetration Testing Market Size Is Projected to Reach $5.28B Globally by 2028

11/23/2022
Fueling the trend are the rising adoption of cloud computing solutions, technology advancements, stricter data safety regulations, and the move to digitalization, says Brandessence Market Research.

Where Are We Heading With Data Privacy Regulations?

11/23/2022
New laws have made the current US privacy landscape increasingly complex.

Cybersecurity Pros Put Mastodon Flaws Under the Microscope

11/22/2022
As the open source social media network grabs the spotlight as a Twitter replacement, researchers caution about vulnerabilities.

Adversarial AI Attacks Highlight Fundamental Security Issues

11/22/2022
An AI's "world" only includes the data on which it was trained, so it otherwise lacks context — opening the door for creative attacks from cyber adversaries.

Ducktail Cyberattackers Add WhatsApp to Facebook Business Attack Chain

11/22/2022
The Vietnam-based financial cybercrime operation's primary goal is to push out fraudulent ads via compromised business accounts.

DraftKings Account Takeovers Frame Sports-Betting Cybersecurity Dilemma

11/22/2022
Cybercrooks have drained DraftKings accounts of $300K in the past few days thanks to credential stuffing, just as the 2022 FIFA World Cup starts up.

How Work From Home Shaped the Road to SASE for Enterprises

11/22/2022
As SASE adoption grows, with its allure of simplified protection via one network and security experience for hybrid workers, remember: Have an overall plan, integrate and migrate to scale usage, and start small.

Enterprises Pay $1,200 Per Employee Annually to Fight Cyberattacks Against Cloud Collab Apps

11/22/2022
Orgs are in the middle of a rapid increase in the use of new collaboration tools to serve the needs of an increasingly dispersed workforce — and they're paying a very real security price.

Google Blocks 231B Spam, Phishing Emails in Past 2 Weeks

11/22/2022
Google Workspace's team is seeing a spike in phishing and spam hitting Gmail — up 10% in just the last two weeks.

How Tech Companies Can Slow Down Spike in Breaches

11/22/2022
Cybercrime continues to evolve — and shows no signs of slowing down.

CybeReady Releases Five Easy Tips to Shop Safely During Black Friday

11/22/2022
Safe shopping guidance coupled with new CISO tool to help safeguard personal data and corporate networks.

FIDO Alliance Announces Authenticate Virtual Summit Focused on Securing IoT

11/22/2022
Industry experts to share insights into how FIDO and related technologies can bring password-less authentication to IoT.

Identity Security Needs Humans and AI Working Hand in Hand

11/21/2022
In the cybersecurity world, augmenting the human touch with artificial intelligence has produced extremely positive results.

Luna Moth's Novel, Malware-Free Extortion Campaign Takes Flight

11/21/2022
Luna Moth is relying solely on call-back phishing, as well as legitimate tools, to steal data and extract ransoms from victims of all stripes in an expanding cyberattack effort.

Google Releases YARA Rules to Disrupt Cobalt Strike Abuse

11/21/2022
The popular pen-testing tool is often cracked and repurposed by threat actors. Google now has a plan to address that.

Microsoft Warns of Rise in Stolen Cloud Tokens Used to Bypass MFA

11/21/2022
Analysts see an uptick in token theft from authenticated users, allowing threat actors to bypass MFA protections.

Investors Are Pouring Cash Into These 10 Cybersecurity Startups

11/21/2022
Following the dollars reveals pen-test and intrusion-detection startups are the most attractive to investors right now, collectively getting more than $3 billion in funding.