Dark Reading

'Vile' Gang Duo Breaches Police Database, Impersonates Officers in Extortion Gambit

03/15/2023
Two gang members are being charged for allegedly threatening to release personal information and impersonating law enforcement in an effort to dox victims.

Telerik Bug Exploited to Steal Federal Agency Data, CISA Warns

03/15/2023
An unpatched Microsoft Web server allowed multiple cybersecurity threat groups to steal data from a federal civilian executive branch.

Analysts Spot a Wave of SVB-Related Cyber Fraud Striking the Business Sector

03/15/2023
Over the weekend, cybercriminals laid the groundwork for Silicon Valley Bank-related fraud attacks that they're now starting to cash in on. Businesses are the targets and, sometimes, the enablers.

Meet Data Privacy Mandates With Cybersecurity Frameworks

03/15/2023
Protection laws are always evolving. Here's how you can streamline your compliance efforts .

GoatRAT Android Banking Trojan Targets Mobile Automated Payment System

03/15/2023
The new malware was discovered targeting three banks in Brazil.

Why Security Practitioners Should Understand Their Business

03/15/2023
The sooner CISOs become proactive in understanding the flip side of the organizations they protect, the better they'll be at their jobs.

SMBs Orgs Want Help, but Cybersecurity Expertise Is Scarce

03/15/2023
Smaller firms are boosting cybersecurity budgets, but there's a long way to go to address a deep lack of cyber preparedness among SMBs.

Are We Doing Enough to Protect Our Unstructured Data?

03/15/2023
Organizations are coming under pressure to protect their data, but does all data need the same security? To secure it, you first need to know what and where it is.

Google Proposes Reducing TLS Cert Life Span to 90 Days

03/14/2023
Organizations will likely have until the end of 2024 to gain visibility and control over their keys and certificates.

How Patch Tuesday Keeps the Beat After 20 Years

03/14/2023
Patch Tuesday turned security updates from chaotic events into a routine. Here's how we got here and where things might be heading.

Optiv More Than Doubles Federal Presence With ClearShark Acquisition

03/14/2023
Convergence of two leading cybersecurity companies creates federal sector powerhouse.

Microsoft Zero-Day Bugs Allow Security Feature Bypass

03/14/2023
Security vendors urge organizations to fix the actively exploited bugs, in Microsoft Outlook and the Mark of the Web feature, immediately.

LockBit Threatens to Leak Stolen SpaceX Schematics

03/14/2023
The ransomware group sent a message directly to Elon Musk: Pay or the confidential SpaceX information goes up for grabs on the Dark Web.

CISA Trials Ransomware Warning System for Critical Infrastructure Orgs

03/14/2023
An agency team will identify vulnerabilities being exploited by ransomware groups and alert organizations ahead of attacks, CISA says.

Access Control Gap in Microsoft Active Directory Widens Enterprise Attack Surface

03/14/2023
One researcher thinks trust is broken in AD. Microsoft disagrees that there's a security vulnerability. But enterprise IT environments should be aware of an authentication gap either way.

How Businesses Can Get Ready for AI-Powered Security Threats

03/14/2023
Organizations need to take steps now to strengthen their cyber defenses.

Deepfakes, Synthetic Media: How Digital Propaganda Undermines Trust

03/14/2023
Organizations must educate themselves and their users on how to detect, disrupt, and defend against the increasing volume of online disinformation.

Emotet, QSnatch Malware Dominate Malicious DNS Traffic

03/14/2023
An analysis of trillions of DNS requests shows a shocking amount of malicious traffic inside enterprise networks, with threats using DNS as a sort of malicious Autobahn.

Why Healthcare Boards Lag Other Industries in Preparing for Cyberattacks

03/14/2023
Only by working collaboratively can boards and security leaders make progress and agree about cybersecurity threats and priorities.

Orgs Have a Long Way to Go in Securing Remote Workforce

03/13/2023
Organizations recognize that they are responsible for protecting remote workers from cyber threats, but they have a long way to go in deploying the necessary security technologies.