Dark Reading

More Than 70% of SOC Analysts Experiencing Burnout

03/04/2022
Nearly 65% of security operations center (SOC) analysts are likely to change jobs in the next year, survey shows.

Companies Can't Just Train Their Way to More Secure Endpoints

03/04/2022
Criminals will keep stealing end-user credentials despite employee awareness, so organizations need high-tech solutions as well.

Most Cybersecurity Vendors at Risk Due to Internet-Exposed IT Assets

03/04/2022
Study shows more than 97% have exposed assets on AWS — among a wide range of other issues.

Diversified Search Group Acquires Alta Associates

03/04/2022
The firm continues rapid growth with the addition of industry-recognized experts on cybersecurity, data privacy, and IT risk management talent.

Vade Releases 2021 Phishers' Favorites Report

03/04/2022
Vade's annual phishing report reveals a sharp rise in Facebook phishing and growing sophistication in Microsoft phishing attacks.

DORA's Global Reach and Why Enterprises Need to Prepare

03/04/2022
The new EU regulation is a response to the rise of ransomware attacks and other new cyberthreats that have proliferated in the wake of the global pandemic.

Accelerated Ransomware Attacks Pressure Targeted Companies to Speed Response

03/03/2022
Threat actors have focused on two ends of the spectrum — quick, impactful attacks or stealthy intrusions — making strong prevention and faster response more important for enterprises.

Cybersecurity Mesh Architecture: Hope or Hype?

03/03/2022
Gartner has touted CSMA as one of the top technology trends for this year. But what is it really?

8-Character Passwords Can Be Cracked in Less than 60 Minutes

03/03/2022
Researchers say passwords with less than seven characters can be hacked "instantly."

Cybersecurity Platform CrowdSec Expands Into the United States

03/03/2022
CrowdSec is launching a new solutions stack, comprised of three main products: CrowdSec Agent, CrowdSec Console, and CrowdSec Threat Intelligence.

Palo Alto Networks Introduces PAN-OS 10.2 Nebula

03/03/2022
Software collects, analyzes, and interprets potential zero-day threats in real time using inline deep learning.

Attivo Expands Active Directory Protection from Unmanaged Devices, Including Mac, Linux, IoT/OT

03/03/2022
Attivo Networks ADSecure-DC solution joins the company’s existing suite of Active Directory protection products.

How to Get One Step Ahead of Mobile Attacks

03/03/2022
The advent of so-called "dropper" apps, which deliver and install malware that can also be later updated, is an emerging threat vector for mobile users.

How Retailers Can Address 'Buy Now, Pay Later' Fraud

03/02/2022
As BNPL platforms grow in popularity, experts warn that cybercriminals could target them using synthetic identity fraud and first-party fraud.

Hundreds of Open Source Components Could Undermine Security, Census Finds

03/02/2022
The Linux Foundation and Harvard University create lists of the top 500 most popular open source projects, highlighting critical software that needs to be secured.

7 Ways to Secure Collaboration Tools in Your Organization

03/02/2022
The push to embrace Slack, Teams, and Zoom at work comes with new security risks for organizations.

Salt Security State of API Security Report Reveals API Attacks Increased 681% in the Last 12 Months

03/02/2022
Key findings show API attack traffic grew at more than twice the rate of non-malicious traffic, and API security concerns are inhibiting innovation for two-thirds of organizations.

Researchers Devise Attack for Stealing Data During Homomorphic Encryption

03/02/2022
A vulnerability in a Microsoft crypto library gives attackers a way to figure out what data is being encrypted in lockpicker-like fashion.

Companies' Code Leaking More Passwords and Secrets

03/02/2022
Software code pushed to online code repositories exposed twice as many secrets compared to last year, putting organizations' security at risk.

Protecting Field Programmable Gate Arrays From Attacks

03/02/2022
FPGAs can be part of physical systems in the aerospace, medical, or industrial fields, so a security compromise can be potentially serious.