Dark Reading

Cybercriminals Hide Malware & Phishing Sites Under SSL Certificates

04/07/2020
More than half of the top 1 million websites use HTTPS, researchers report, but not all encrypted traffic is safe.

The Edge Names 'Holy Cow' Cartoon Caption Winners

04/07/2020
What can cows possibly have to do with cybersecurity?

More Attackers Have Begun Using Zero-Day Exploits

04/06/2020
Vendors of offensive cyber tools have made it easy for any threat group with the right funds to leverage unpatched bugs, FireEye says.

Misconfigured Containers Again Targeted by Cryptominer Malware

04/06/2020
An attack group is searching for insecure containers exposing the Docker API and then installing a program that attempts to mine cryptocurrency. It's not the first time.

Microsoft: Emotet Attack Shut Down an Entire Business Network

04/06/2020
The infection started with a phishing email and spread throughout the organization, overheating all machines and flooding its Internet connection.

Researcher Hijacks iOS, macOS Camera with Three Safari Zero-Days

04/03/2020
A security researcher earned $75,000 for finding a whopping seven zero-days in Safari, three of which can be combined to access the camera.

5 Soothing Security Products We Wish Existed

04/03/2020
Maybe security alert fatigue wouldn't be so bad if the alerts themselves delivered less stress and more aromatherapy.

A Day in The Life of a Pen Tester

04/02/2020
Two penetration testers share their day-to-day responsibilities, challenges they encounter, and the skills they value most on the job.

Bad Bots Build Presence Across the Web

04/02/2020
Bots that mimic human behavior are driving a growing percentage of website traffic while contributing to an avalanche of misinformation.

Companies Are Failing to Deploy Key Solution for Email Security

04/02/2020
A single -- albeit complex-to-deploy -- technology could stop the most expensive form of fraud, experts say. Why aren't more companies adopting it?

Prioritizing High-Risk Assets: A 4-Step Approach to Mitigating Insider Threats

04/02/2020
Sound insider threat detection programs combine contextual data and a thorough knowledge of employee roles and behaviors to pinpoint the biggest risks.

5 Ways Enterprises Inadvertently Compromise Their Network Security

04/02/2020
Is your organization carelessly leaving its networks vulnerable to invasion? Check out these five common oversights to see if your resources are at risk.

A Hacker's Perspective on Securing VPNs As You Go Remote

04/02/2020
As organizations rush to equip and secure their newly remote workforce, it's important to keep things methodical and purposeful

Best Practices to Manage Third-Party Cyber-Risk Today

04/02/2020
Bold new thinking is needed to solve the rapidly evolving challenge of third-party risk management.

Vulnerability Researchers Focus on Zoom App's Security

04/02/2020
With videoconferencing's rise as an essential tool for remote work comes a downside: more security scrutiny, which has turned up a number of security weaknesses.

Attackers Leverage Excel File Encryption to Deliver Malware

04/01/2020
Technique involves saving malicious Excel file as "read-only" and tricking users into opening it, Mimecast says.

Why All Employees Are Responsible for Company Cybersecurity

04/01/2020
It's not just the IT and security team's responsibility to keep data safe -- every member of the team needs to be involved.

Defense Evasion Dominated 2019 Attack Tactics

03/31/2020
Researchers mapped tactics and techniques to the MITRE ATT&CK framework to determine which were most popular last year.

Researchers Uncover Unsophisticated - But Creative - Watering-Hole Attack

03/31/2020
Holy Water campaign is targeting users of a specific religious and ethnic group in Asia, Kaspersky says.

Researchers Spot Sharp Increase in Zoom-Themed Domain Registrations

03/30/2020
Attackers are attempting to take advantage of the surge in teleworking prompted by COVID-19, Check Point says.