Dark Reading

Name That Toon: Fall Cleanup

11/21/2022
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Major Security Breach From Business Users' Low-Code Apps Could Come in 2023, Analysts Warn

11/21/2022
Here's what that means about our current state as an industry, and why we should be happy about it.

Time to Get Kids Hacking: Our 2022 Holiday Gift Guide

11/21/2022
Check out our slideshow of 10 fun games and toys that teach programming principles, electronics, and engineering concepts to get kids ready to hack the planet.

MIT Research Documents Effectiveness of Consensus Cyber Risk Oversight Principles

11/21/2022
Organizations that use the consensus principles can significantly improve their cyber resilience without raising costs, MIT research shows.

BlueVoyant Research Reveals Private Equity Portfolio Company Cybersecurity Challenges

11/21/2022
New study identifies critical focus areas for portfolio companies to reduce cyber risks and costs associated with breaches.

A Third of Global Organizations Were Breached Over Seven Times in the Past Year

11/21/2022
Cyber Risk Index report highlights elevated risk as organizations struggle with visibility.

#BeCyberSmart All Year Round With Educational Resources From Microsoft

11/21/2022
Improved cyber hygiene keeps users and their identities, devices, and data more secure and reduces the organization’s risk exposure.

Better Together: Why It's Time for Ops and Security to Converge

11/21/2022
Threat actors are becoming only more sophisticated and determined.

New Startup OpsHelm Tackles Cloud Misconfigurations

11/18/2022
The company emerges from stealth with an automated security remediation product identifies and remediates cloud misconfigurations.

Charting the Path to Zero Trust: Where to Begin

11/18/2022
Your journey to zero trust can be perilous if you are using legacy equipment that wasn’t designed for it. Begin the transformation where it makes the most sense for your organization.

DEV-0569 Ransomware Group Remarkably Innovative, Microsoft Cautions

11/18/2022
Although the group relies on good old phishing to deliver Royal ransomware, researchers say DEV-0569 regularly uses new and creative discovery techniques to lure victims.

Australia's Hack-Back Plan Against Cyberattackers Raises Familiar Concerns

11/18/2022
How far can its government — or any government or private company — go to proactively disrupt cyber threats without causing collateral damage?

Amid Legal Fallout, Cyber Insurers Redefine State-Sponsored Attacks as Act of War

11/18/2022
As carriers rewrite their act-of-war exclusions following the NotPetya settlement between Mondelez and Zurich, organizations should read their cyber insurance policies carefully to see what is still covered.

Palo Alto Networks Focuses on Secure Coding with $195M Cider Deal

11/18/2022
PAN plans to add Cider's CI/CD security platform to its Prisma Cloud suite of AppSec tools.

Secure Offboarding in the Spotlight as Tech Layoffs Mount

11/18/2022
A secure-by-design culture is needed to develop a comprehensive offboarding and identity management strategy that limits potential for broader compromise in case of unauthorized access.

The Next Generation of Supply Chain Attacks Is Here to Stay

11/18/2022
With the proliferation of interconnected third-party applications, new strategies are needed to close the security gap.

County of Tehama, Calif., Identifies and Addresses Data Security Incident

11/18/2022
The county reports unauthorized access to files in its Department of Social Services' systems between Nov. 18, 2021, and April 9. It has added enhanced alert and monitoring software and is offering complimentary credit monitoring and identity theft protection services to those whose personal information may have been compromised in the breach.

Analysts Welcome NSA's Advice for Developers to Adopt Memory-Safe Languages

11/17/2022
Languages such as C and C++ rely too heavily on the programmer not making simple memory-related security errors.

Iranian APT Actors Breach US Government Network

11/17/2022
CISA says Federal Civilian Executive Branch systems were compromised through a Log4Shell vulnerability in an unpatched VMware Horizon server.

Zero-Trust Initiatives Stall, as Cyberattack Costs Rocket to $1M per Incident

11/17/2022
Researchers find current data protections strategies are failing to get the job done, and IT leaders are concerned, while a lack of qualified IT security talent hampers cyber-defense initiatives.