Dark Reading

Crime Service Gives Firms Another Reason to Purge Macros

04/06/2021
Recent Trickbot campaigns and at least three common banking Trojans all attempt to infect systems using malicious macros in Microsoft Office documents created using EtterSilent.

The Edge Pro Tip: Update Your DDoS Defense Plan

04/06/2021
The idea of monetizing distributed denial-of-service (DDoS) attacks dates back to the 1990s. But the rise of DDoS-for-hire services and cryptocurrencies has radically changed the landscape.

Ryuk's Rampage Has Lessons for the Enterprise

04/06/2021
The Ryuk ransomware epidemic is no accident. The cybercriminals responsible for its spread have systematically exploited weaknesses in enterprise defenses that must be addressed.

9 Modern-Day Best Practices for Log Management

04/06/2021
Log management is nothing new. But doing so smartly, correctly, and concisely in today's data-driven world is another story.

LinkedIn Phishing Ramps Up With More-Targeted Attacks

04/05/2021
Seeking to take advantage of out-of-work users, malware groups continue to use LinkedIn and business services to offer fictional jobs and deliver infections instead.

Kaspersky Uncovers New APAC Cyberespionage Campaign

04/05/2021
A group related to Chinese-speaking threat group Cycldek is targeting government and military organizations in Vietnam.

Data from 553 Million Facebook Accounts Leaked Online

04/05/2021
Personal information belonging to more than 533 million Facebook users was found available on a cybercrime forum.

Name That Edge Toon: Rough Patch?

04/05/2021
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.

Inside the Ransomware Campaigns Targeting Exchange Servers

04/02/2021
Security experts discuss the ransomware campaigns taking aim at Microsoft Exchange Server vulnerabilities patched last month.

Hackers Demand $40M in Ransom From Florida School District

04/02/2021
District officials say they have no intention of paying the ransom

FBI & CISA Warn of Active Attacks on FortiOS Vulnerabilities

04/02/2021
A joint advisory warns admins of the likelihood of APT groups exploiting three vulnerabilities in the Fortinet FortiOS.

US Tech Dominance Rides on Securing Intellectual Property

04/02/2021
A recent, mostly overlooked pardon points to a big problem in the US tech industry: Intellectual property offers a lucrative golden ticket for insiders.

Enterprises Remain Riddled With Overprivileged Users -- and Attackers Know It

04/01/2021
Attackers commonly focus on finding users with too much privileged access as their ticket to network compromise. What can companies do?

7 Security Strategies as Employees Return to the Office

04/01/2021
More sooner than later, employees will be making their way back to the office. Here's how security pros can plan for the next new normal.

Kansas Man Indicted for Hacking, Tampering With Water Utility System

04/01/2021
Attacker disabled water-purification operation systems "with intention of harming" the rural water district.

NIST Publishes Guide for Securing Hotel Property Management Systems

04/01/2021
These sensitive systems store guests' personal data and payment-card information.

Solving the Leadership Buy-In Impasse With Data

04/01/2021
Justify your requirements with real numbers to get support for security investments.

How to Build a Resilient IoT Framework

04/01/2021
For all of their benefits, IoT devices weren't built with security in mind -- and that can pose huge challenges.

The Role of Visibility in Securing Cloud Applications

04/01/2021
Traditional data center approaches aren't built for securing modern cloud applications.

Top 5 Attack Techniques May Be Easier to Detect Than You Think

03/31/2021
New analysis shows attackers for the most part are continuing to rely on the same techniques and tactics they have been using for years.