Dark Reading

Ransomware Is Not the Problem

06/09/2021
Arbitrarily powerful software -- applications, operating systems -- is a problem, as is preventing it from running on enterprise systems.

Phished Account Credentials Mostly Verified in Hours

06/08/2021
Almost two-thirds of all phished credentials are verified by attackers within a day and then used in a variety of schemes, including business email compromise and targeting other users with malicious code.

Microsoft Patches 6 Zero-Days Under Active Attack

06/08/2021
The June 2021 Patch Tuesday fixes 50 vulnerabilities, six of which are under attack and three of which were publicly known at the time of disclosure.

FBI Issued Encrypted Devices to Capture Criminals

06/08/2021
A sting operation delivered devices into the hands of global criminals and used the intelligence gathered to stop drug crimes.

Colonial Pipeline CEO: Ransomware Attack Started via Pilfered 'Legacy' VPN Account

06/08/2021
No multifactor authentication was attached to the stolen VPN password used by the attackers, Colonial Pipeline president & CEO Joseph Blount told a Senate committee today.

Microsoft CISO Shares Remote Work Obstacles & Lessons Learned

06/08/2021
Bret Arsenault explains changes he implemented along the way as Microsoft's workforce went from 20% to 97% remote.

How Employees Can Keep Their 401(k)s Safe From Cybercriminals

06/08/2021
As retirement fund balances grow, cybercriminals are becoming more brazen in their efforts to deplete people's savings.

Cyber Resilience: The Emerald City of the Security World

06/08/2021
Small and midsize businesses and managed service providers must use their heart, brain, and courage as they follow the Yellow Brick Road to cyber resilience.

An Answer to APP Scams You Can Bank On

06/08/2021
Financial institutions' usual fraud-detection methods can't detect most authorized push payment (APP) scams, putting customers and banks at risk.

First Known Malware Surfaces Targeting Windows Containers

06/07/2021
Siloscape is designed to create a backdoor in Kubernetes clusters to run malicious containers.

DoJ Seizes $2.3M in Bitcoin Paid to Colonial Pipeline Attackers

06/07/2021
The amount allegedly represents a May 8 payment to the DarkSide ransomware group.

Latvian Woman Charged for Role In Crafting Trickbot Malware

06/07/2021
Alla Witte and her associates are accused of using Trickbot to infect tens of millions of computers around the world, the Justice Department reports.

CISA Warns Criminals Seek to Exploit Critical VMware Bug

06/07/2021
Organizations running vCenter Server and VMware Cloud Foundation are urged to apply fixes deployed on May 25.

Cartoon Caption Winner: Road Trip

06/07/2021
And the winner of Dark Reading's cartoon caption contest is ...

Cyber Athletes Compete to Form US Cyber Team

06/07/2021
Here's how security pros can showcase value to future employers: a field of friendly strife to measure their aptitude against competitors.

NortonLifeLock Criticized for New Cryptomining Feature

06/07/2021
While the crypto crowd applauds the move, critics worry about the environmental impact, supporting a currency used for ransomware, and mining further slowing down systems.

How Can I Test the Security of My Home-Office Employees' Routers?

06/07/2021
From the most accurate to the most practical, here are a few ways to ensure both employees and organizations are protected from risk.

The US Must Redefine Critical Infrastructure for the Digital Era

06/07/2021
The template being used to manage essential connectivity isn't just outdated, it's actively counter-productive.

SentinelOne Files S-1 for IPO

06/04/2021
The security company looks to raise up to $100 million in its IPO, its filing reveals.

Organizations Shift Further Left in App Development

06/04/2021
Most IT and security professionals surveyed think security is a critical enough reason to pause app development.