Dark Reading

The Secret to Zero Trust You Need to Know

03/22/2022
If every application, device, and bot need access and authentication at some point, the need for managing and controlling the confidential data that allows those functions gets staggeringly large.

Binarly Coordinates Patches for 3 Firmware Flaws With Dell

03/21/2022
The latest three memory corruption flaws in Dell BIOS highlights the challenges of fixing firmware vulnerabilities.

'Unique Attack Chain' Drops Backdoor in New Phishing Campaign

03/21/2022
A threat group combines the use of steganography, open source tools, and Python scripts to target organizations in France.

ForAllSecure Raises $21M to Secure the World’s Software

03/21/2022
Strong demand for application security that supports DevSecOps initiatives drives investment from Koch Disruptive Technologies and New Enterprise Associates.

White House Warns of New Intel on Russia Mulling Cyberattack 'Options' Against US

03/21/2022
Biden administration doubles down on its previous warnings of possible Russian cyberattacks in the wake of hefty economic sanctions imposed on Russia by the US.

Embracing Security by Design: Constructing a More Secure Framework

03/21/2022
Designing a solid security interface, like most things, is more of a human problem than a technical one.

Name That Toon: Sleep Like a Baby

03/21/2022
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Ransomware Attack Led Bridgestone to Halt US Tire Production for a Week

03/21/2022
Japanese manufacturer confirmed a Feb. 27 attack on its US subsidiary that led to a temporary production shutdown.

Crowdsourced Efforts Get Leveraged in Ukraine Conflict

03/21/2022
The battle is not just being waged in the physical world — it's also happening online. And average people are taking part, not just governments.

Will the Biggest Clouds Win? Lessons From Google's Mandiant Buy

03/21/2022
Google eventually won out in the competition for Mandiant, but Microsoft's interest underscores the trend in consolidation of security services into large cloud providers, experts say.

Half of Orgs Use Web Application Firewalls to Paper Over Flaws

03/18/2022
WAFs remain a popular backfill for complex and fraught patch management.

Code-Sabotage Incident in Protest of Ukraine War Exposed Open Source Risks

03/18/2022
The maintainer of a widely used npm module served up an unwelcome surprise for developers.

CyCognito Launches Exploit Intelligence

03/18/2022
Risk intelligence solution provides insight, visibility, and guidance to identify, prioritize, and remediate vulnerabilities like Log4j

A Chance to Raise Shields Right

03/18/2022
CISA's "Shields Up" alert provides urgency — and opportunity — for supply chain conversations.

Menlo Security: Less Than Three in 10 Organizations Are Equipped to Combat Growing Wave of Web-Based Cyber Threats

03/18/2022
Report finds that 62 percent of IT decision makers have suffered a browser-based attack in the past 12 months.

Security Teams Struggle to Get Started With Zero Trust

03/18/2022
Nearly a third of respondents in a Dark Reading survey on endpoint security strategy say zero trust is too confusing to implement.

Satellite Networks Worldwide at Risk of Possible Cyberattacks, FBI & CISA Warn

03/18/2022
Agencies provide mitigation steps to protect satellite communication (SATCOM) networks amid "current geopolitical situation."

The Road Ahead for Cyber and Infrastructure Security

03/18/2022
Despite cost, it's time to focus on securing legacy systems and physical infrastructure along with digital systems.

6 Reasons Not to Pay Ransomware Attackers

03/17/2022
Paying a ransom might appear to be the best option, but it comes with its own costs.

ThreatMapper Updated With New Scanning Tools

03/17/2022
ThreatMapper 1.3.0 features secret scanning and the ability to enumerate a software bill of materials (SBOM) at runtime to help secure serverless, Kubernetes, container and multi-cloud environments.