Dark Reading

Instagram Impersonators Target Thousands, Slipping by Microsoft's Cybersecurity

11/17/2022
The socially engineered campaign used a legitimate domain to send phishing emails to large swaths of university targets.

Spacecraft Vulnerable to Failure, Thanks to Aerospace Networking Bug

11/17/2022
A single device with malicious code can foil a networking protocol used by spacecraft, aircraft, and industrial control systems, resulting in unpredictable operations and possible failures.

TMI Tech: How to Stop Vulnerable Software from 'Oversharing'

11/17/2022
Stop chatty apps from oversharing and eliminate a hacker backdoor — train developers on "security first" while subjecting APIs to least-privilege zero-trust policies.

Cyber Monday Will Be the Most Fraudulent Day of the Season, Says SEON

11/17/2022
Online fraud prevention company predicts Cyber Monday will see a 100% increase in online fraud attempts.

China-Based Billbug APT Infiltrates Certificate Authority

11/16/2022
Access to digital certificates would allow the Chinese-speaking espionage group to sign its custom malware and skate by security scanners.

MITRE Engenuity Launches Evaluations for Security Service Providers

11/16/2022
The results are labor-intensive to parse, so knowing how to interpret them is key, security experts say.

Are We Ready for AI-Generated Code?

11/16/2022
Autocompleted code is convenient and quick, but it may expose your organization to security and compliance risks.

The Future of Cybersecurity Recruiting: Lessons on What Employers Want and What Students Need

11/16/2022
The cybersecurity industry is facing a challenge to find qualified candidates. Here’s what recruiters, educators, and employers can do to fill the talent gap.

BoostSecurity Emerges From Stealth With SaaS DevSecOps Platform

11/16/2022
Fresh startup BoostSecurity has an SaaS platform for developers and security teams that provides automated tools to shore up cybersecurity within the software supply chain.

New Ransomware Data Is In: What's Happening and How to Fight Back

11/16/2022
Be proactive about data defense. Start with the right data, leverage domain expertise, and create models that help you target the most critical vulnerabilities.

Thousands of Amazon RDS Snapshots Are Leaking Corporate PII

11/16/2022
A service that allows organizations to back up data in the cloud can accidentally leak sensitive data to the public Internet, paving the way for abuse by threat actors.

Vectra Unveils Global Managed Detection and Response (MDR) Services With Game-Changing Attack Signal Intelligence™

11/16/2022
Embracing shared responsibility, Vectra MDR reinforces customers’ SOC teams with 24/7/365 skills and expertise to mitigate today’s most advanced cyber threats.

BitSight Enhances Its Third-Party Risk Management Platform to Help Organizations Respond to Major Vulnerabilities

11/16/2022
Additional functionality also added to the fourth-party risk solution is providing better visibility and insights into vendor risk.

Palo Alto Networks Announces PAN-OS 11.0 Nova to Help Keep Organizations One Step Ahead of Zero-Day Threats

11/16/2022
Nova introduces innovations to help stop zero-day threats, simplify security architectures, and reduce the risk of costly misconfigurations.

Cymulate Survey Finds Consolidation Is Happening, but Only 20% Cite Cost As the Reason

11/16/2022
Economic anxiety, staffing challenges, and growing supply chain threats are among other factors impacting cybersecurity spending and planning.

Cybersecurity Best Practice Is Critical for Winning the New Space Race

11/16/2022
The race is actually a relay — one that requires collaboration to win.

What Is Top of Mind for CISOs Right Now?

11/16/2022
Security executives are leaning into the powerful twinning of XDR and automated management to reduce the risk and impact of ransomware.

Viakoo Announces Strategic Alliance With Nozomi Networks to Deliver Agentless, End-to-End IoT Security at Scale

11/16/2022
Leaders in operational technology/Internet of Things (OT/IoT) discovery and remediation partner to deliver best-in-class IoT enterprise security management solution.