Dark Reading

Acronis' Midyear Cyberthreats Report Finds Ransomware Is the No. 1 Threat to Organizations, Projects Damages to Exceed $

08/24/2022
Increasing complexity in IT continues to lead to breaches and compromises, highlighting the need for more holistic approaches to cyber protection.

Why Empathy Is the Key to Better Threat Modeling

08/24/2022
Avoid the disconnect between seeing the value in threat modeling and actually doing it with coaching, collaboration, and integration. Key to making it "everybody's thing" is communication between security and development teams.

CyberRatings.org Announces New Web Browser Test Results for 2022

08/24/2022
Three of the world's leading browsers were measured for phishing and malware protection, with time to block and protection over time as key metrics in test scores.

Report: Financial Institutions Are Overwhelmed When Facing Growing Firmware Security and Supply Chain Threats

08/24/2022
New research report reveals financial organizations are failing to act despite majority experiencing a firmware-related breach.

DevSecOps Gains Traction — but Security Still Lags

08/23/2022
Almost half of teams develop and deploy software using a DevSecOps approach, but security remains the top area of investment, a survey finds.

Thoma Bravo Buying Spree Highlights Hot Investor Interest in IAM Market

08/23/2022
M&A activity in the identity and access management (IAM) space has continued at a steady clip so far this year.

Mudge Blows Whistle on Alleged Twitter Security Nightmare

08/23/2022
Lawmakers and cybersecurity insiders are reacting to a bombshell report from former Twitter security head Mudge Zatko, alleging reckless security lapses that could be exploited by foreign adversaries.

Proofpoint Introduces a Smarter Way to Stay Compliant with New Intelligent Compliance Platform

08/23/2022
Integrated solution offers enterprises modern regulatory compliance safeguards while simplifying corporate legal protection practices.

Facing the New Security Challenges That Come With Cloud

08/23/2022
Organizations relying on multicloud or hybrid-cloud environments without a true understanding of their security vulnerabilities do so at their peril.

Secure Code Warrior Spotlights the Importance of Developer Security Skills with 2nd Annual Devlympics Competition

08/23/2022
The global secure coding competition will be held In October, during Cybersecurity Awareness Month.

One-Third of Popular PyPI Packages Mistakenly Flagged as Malicious

08/23/2022
The scans used by the Python Package Index (PyPI) to find malware fail to catch 41% of bad packages, while creating plentiful false positives.

Coalfire Federal Among First Authorized to Conduct CMMC Assessments

08/23/2022
Company fortifies its ability to help organizations prepare and obtain CMMC certification.

Apathy Is Your Company's Biggest Cybersecurity Vulnerability — Here's How to Combat It

08/23/2022
Make security training more engaging to build a strong cybersecurity culture. Here are four steps security and IT leaders can take to avoid the security disconnect.

Meta Takes Offensive Posture With Privacy Red Team

08/23/2022
Engineering manager Scott Tenaglia describes how Meta extended the security red team model to aggressively protect data privacy.

Novant Health Notifies Patients of Potential Data Privacy Incident

08/23/2022
Patients face possible disclosure of protected health information (PHI) to Meta, Facebook's parent company, resulting from an incorrect configuration of an online tracking tool.

Charming Kitten APT Wields New Scraper to Steal Email Inboxes

08/23/2022
Google researchers say the nation-state hacking team is now employing a data-theft tool that targets Gmail, Yahoo, and Microsoft Outlook accounts using previously acquired credentials.

Fake DDoS Protection Alerts Distribute Dangerous RAT

08/22/2022
Adversaries are injecting malicious JavaScript into numerous WordPress websites that triggers phony bot-related checks.

Metasploit Creator Renames His Startup and IT Discovery Tool Rumble to 'runZero'

08/22/2022
HD Moore's company has rebranded its IT, IoT, and OT asset discovery tool as the platform rapidly evolves.

For Penetration Security Testing, Alternative Cloud Offers Something Others Don't

08/22/2022
Alternative cloud providers offer streamlined capabilities for penetration testing, including more accessible tools, easy deployment, and affordable pricing.

Sophos Identifies Potential Tag-Team Ransomware Activity

08/22/2022
Company research indicates ransomware gangs may be working in concert to orchestrate multiple attacks, explains Sophos’ John Shier.