Dark Reading

CISA Builds Out Defensive Tools for Security Teams

03/29/2021
Need a tool to hunt for attacks in your network? The DHS agency bolsters the offerings in its open source toolbox.

SolarWinds Experimenting With New Software Build System in Wake of Breach

03/26/2021
CISO of SolarWinds now has complete autonomy to stop product releases if security concerns exist, CEO says.

40% of Apps Leaking Information

03/26/2021
Apps in manufacturing most at risk, according to WhiteHat Security.

Apple Patches iOS Zero-Day

03/26/2021
Apple today released iOS 14.4.2 to address a security vulnerability that may have been actively exploited.

Microsoft Shares Exchange Server Post-Compromise Attack Activity

03/26/2021
Microsoft shares the details of post-exploitation attack activity, including multiple ransomware payloads and a cryptocurrency botnet.

A Day in the Life of a DevSecOps Manager

03/26/2021
"Most days are good days," says Rally Health's Ari Kalfus. But they sure are busy, he tells The Edge.

Data Bias in Machine Learning: Implications for Social Justice

03/26/2021
Take historically biased data, then add AI and ML to compound and exacerbate the problem.

Moving from DevOps to CloudOps: The Four-Box Problem

03/26/2021
With SOC teams running services on multiple cloud platforms, their big concern is how to roll up configuration of 200+ servers in a comprehensive way.

Exec Order Could Force Software Vendors to Disclose Breaches to Federal Gov't Customers

03/25/2021
A decision on the order, which contains several recommendations, is still forthcoming.

CISA Adds Two Web Shells to Exchange Server Guidance

03/25/2021
Officials update mitigation steps to include two new Malware Analysis Reports identifying Web shells seen in Exchange Server attacks.

In Secure Silicon We Trust

03/25/2021
Building upon a hardware root of trust is becoming a more achievable goal for the masses and the roots are digging deeper. Here's what you need to know.

Nearly Half of Popular Android Apps Built With High-Risk Components

03/25/2021
Information leakage and applications asking for too many permissions were also major issues, according to a survey of more than 3,300 popular mobile applications.

Security Operations in the World We Live in Now

03/25/2021
Despite the challenges of remote work, security operations teams can position themselves well for the future.

The CIO's Shifting Role: Improving Security With Shared Responsibility

03/25/2021
CIOs must create a culture centered around cybersecurity that is easily visible and manageable.

How Personally Identifiable Information Can Put Your Company at Risk

03/25/2021
By being more mindful of how and where they share PII, employees will deprive cybercriminals of their most useful tool.

6 Tips for Limiting Damage From Third-Party Attacks

03/25/2021
The ability to protect your organization from third-party attacks will become increasingly critical as attackers try to maximize the effectiveness of their malicious campaigns.

Sierra Wireless Website Still Down After Ransomware Attack

03/24/2021
The company believes the attack's impact is limited to its internal IT systems and corporate websites.

California State Controller's Office Suffers Data Breach

03/24/2021
Employee unwittingly gave hacker access to email account for more than a day.

Ransomware Incidents Continue to Dominate Threat Landscape

03/24/2021
Cisco Talos' IR engagements found attackers relied heavily on malware like Zloader and BazarLoader to distribute ransomware in the past three months.

Facebook Reports China-Linked Cyberattack Targeting Uyghurs

03/24/2021
Facebook has removed accounts used to send malicious links to Uyghur people with the goal of infecting their devices.