Dark Reading

How Should the CSO Work With the Chief Privacy Officer?

09/17/2021
The chief security officer needs to be in constant communication with the chief privacy officer about what's working or not working.

Mirai Botnet Exploiting OMIGOD Azure Vulnerability

09/17/2021
Microsoft patched four Open Management Infrastructure flaws earlier this week.

International Insider Threat: DoJ Fines US Intel Officials Who Aided UAE

09/17/2021
Three former US intelligence operatives have been fined $1,685,000 for aiding the United Arab Emirates in widespread hacking campaigns.

IoT 'Nutrition' Labels Aim to Put Security on Display

09/17/2021
NIST has laid the groundwork for an easy-to-understand way to communicate to consumers the security of software and connected devices.

New Report Examines Top Threats Discussed at Black Hat USA

09/17/2021
Supply chain security and vulnerabilities in enterprise software were among the threats most dicussed at this year's show, survey data reveals.

Infrastructure, Security, and the Need for Visibility

09/17/2021
Government authorities are increasingly trying to bolster critical infrastructure security. But investments in next-generation solutions won't go far enough without also addressing security and operational fundamentals.

Microsoft Warns of Uptick in MSHTML Attacks

09/16/2021
Attackers leveraging the flaw are using infrastructure associated with other criminal groups, including ransomware-as-a-service operators, the company says.

HPE Survey Finds 76% of Doctors and Nurses Believe Telehealth Will Dominate Patient Care in Near Future

09/16/2021
Findings are presented in HPE's "Future of Healthcare" Report, which surveyed healthcare clinicians and IT Decision Makers (ITDMs) in the United States and United Kingdom.

15% of the Nasdaq 100 Is Highly Susceptible to a Ransomware Attack, New Black Kite Research Finds

09/16/2021
Black Kite’s Ransomware Susceptibility Index (RSI) determined that 1-in-7 Nasdaq-100 companies ranked as highly susceptible to a ransomware attack.

TransUnion to Buy Neustar for $3.1B

09/16/2021
TransUnion, primarily known for credit ratings, hopes to expand into digital marketing and fraud mitigation capabilities with the deal.

FBI, CISA, CGCYBER Warn of APTs Targeting CVE-2021-40539

09/16/2021
The critical authentication bypass vulnerability exists in Zoho ManageEngine ADSelfService Plus, officials report.

Grappling With Growth, Employee Needs, and Security Amid a Return to Offices

09/16/2021
As organizations strive for a new version of business-as-usual, executives must prepare for challenges around infrastructure, varying guidelines, and balancing employee flexibility with office collaboration.

Under Pressure: COVID-19 Forced Many Execs to Sideline Cybersecurity

09/16/2021
CISOs are more stressed, and the fallout is increased cyber-risk. Also, budget restrictions lead to a yawning chasm between need and funding.

How Attackers Invest in Cloud-Focused Cybercrime

09/15/2021
A new study reveals an active underground market for access credentials to tens of thousands of cloud accounts and resources.

OWASP Reshuffles Its Top 10 List, Adds New Categories

09/15/2021
The Open Web Application Security Project reshuffles its list of top threats, putting broken access controls and cryptographic failures at the top and creating three new risk categories.

OMIGOD: Azure Users Warned of Critical OMI Vulnerabilities

09/15/2021
Security researchers share the details of four flaws in Open Management Infrastructure, which is deployed on a large number of Linux virtual machines in Azure.

A Ransomware Recovery Plan That's Solid Gold

09/15/2021
Having a gold copy of critical data offline is essential in every organization's disaster recovery or continuity plan. Follow the 3-2-1-1 rule to secure your data.

ExpressVPN Acquired By Kape Technologies for $936 Million

09/15/2021
Privacy firm Kape says deal will double customer base and broaden reach into consumer VPN market

How Your Printer Is Like Swiss Cheese

09/15/2021
Follow these best practices to avoid the security holes created by these often-overlooked, but ubiquitous, devices.

Microsoft Lets Users Fully Remove Account Passwords

09/15/2021
Users can now delete passwords from their Microsoft account and instead use Windows Hello, Microsoft Authenticator, or physical security keys to log in.