Dark Reading

Endpoint Protection / Antivirus Products Tested for Malware Protection

08/26/2022
Six out of the eight products achieved an "A" rating or higher for blocking malware attacks. Reports are provided to the community for free.

Capital One Joins Open Source Security Foundation

08/26/2022
OpenSSF welcomes Capital One as a premier member affirming its commitment to strengthening the open source software supply chain.

ReasonLabs Launches Free Online Security Tool to Power Secure Web Experience for Millions of Global Users

08/25/2022
Online Security autonomously blocks malicious URLs, extensions, ad trackers, and pop-ups 24/7, protecting consumers from complex and rapidly evolving cyber threats online.

More Bang for the Buck: Cross-Platform Ransomware Is the Next Problem

08/25/2022
As cryptocurrency valuations make strikes less lucrative, ransomware gangs like the new RedAlert and Monster groups are modifying their tools to attack across platforms.

Wyden Renews Call to Encrypt Twitter DMs, Secure Americans' Data From Unfriendly Foreign Governments

08/25/2022
Following whistleblower complaint, Oregon senator renews commitment to passing bipartisan legislation to address the national security risks.

Senior-Level Women Leaders in Cybersecurity Form New Nonprofit

08/25/2022
The Forte Group, which gained momentum as an informal organization during the pandemic, will offer career development and advocacy for women execs in cybersecurity as well as newcomers.

Cyberstarts Closes $60M in Seed Fund III

08/25/2022
Venture firm hires former Splunk CEO to spearhead new GTM advisory board and help portfolio companies scale up.

The (Nation) State of Cyber: 64% of Businesses Suspect They've Been Targeted or Impacted by Nation-State Attacks

08/25/2022
According to new Venafi research, two-thirds of organizations have changed cyber strategy in response to war in Ukraine.

What You Need to Know About the Psychology Behind Cyber Resilience

08/25/2022
Understanding how and why people respond to cyber threats is key to building cyber-workforce resilience.

Penetration Testing Market Worth $2.7B By 2027: MarketsandMarkets(TM) Report

08/25/2022
Increase driven by increasingly sophisticated cyberattacks as well as increase in mobile-based business-critical applications, according to report.

Optiv's Annual $40K Scholarship for Black, African-American-Identifying STEM Students Now Open for Applicants

08/25/2022
Optiv's Black Employee Network offers the scholarship, paid out over 4 years, for students seeking a career in the cybersecurity/information security industry.

New Exterro FTK Update Accelerates Mobile Digital Forensics

08/25/2022
The FTK 7.6 portfolio promises better integration with other security and network resources, as well as unified analysis of mobile and computer evidence.

Thousands of Organizations Remain at Risk From Critical Zero-Click IP Camera Bug

08/25/2022
The US Cybersecurity and Infrastructure Security Agency had wanted federal agencies to implement the fix for the RCE flaw in Hikvision cameras by Jan. 24, 2022.

CISA: Just-Disclosed Palo Alto Networks Firewall Bug Under Active Exploit

08/24/2022
The bug tracked as CVE-2022-0028 allows attackers to hijack firewalls without authentication, in order to mount DDoS hits on their targets of choice.

Efficient 'MagicWeb' Malware Subverts AD FS Authentication, Microsoft Warns

08/24/2022
The Russia-backed Nobelium APT has pioneered a post-exploitation tool allowing attackers to authenticate as any user.

Ransomware Gang Demands $10M in Attack on French Hospital

08/24/2022
Center Hospitalier Sud Francilien (CHSF), a hospital outside of Paris, has redirected incoming patients to other medical facilities in the wake of a ransomware attack that began on Aug. 21.

VMware LPE Bug Allows Cyberattackers to Feast on Virtual Machine Data

08/24/2022
An insider threat or remote attacker with initial access could exploit CVE-2022-31676 to steal sensitive data and scoop up user credentials for follow-on attacks.

New Zero-Trust Maturity Data: Charting Your Own Organization

08/24/2022
Every organization is on a zero-trust journey. Learn about how critical identity is to your security evolution, and how your organization can move forward.

Unusual Microsoft 365 Phishing Campaign Spoofs eFax Via Compromised Dynamics Voice Account

08/24/2022
In a widespread campaign, threat actors use a compromised Dynamics 365 Customer Voice business account and a link posing as a survey to steal Microsoft 365 credentials.

Nearly 3 Years Later, SolarWinds CISO Shares 3 Lessons From the Infamous Attack

08/24/2022
SolarWinds CISO Tim Brown explains how organizations can prepare for eventualities like the nation-state attack on his company’s software.