Dark Reading

Report: Financial Institutions Overly Complacent About Current Authentication Methods

07/13/2022
New research report finds most financial organizations have experienced a breach due to an authentication weakness, yet only a third took action

Mozilla: EU's eIDAS Proposal Attracts Growing Criticism

07/13/2022
In the wrong hands, the changes could enable state-sponsored internet surveillance says Mozilla's Chief Security Officer

MacOS Bug Could Let Malicious Code Break Out of Application Sandbox

07/13/2022
Microsoft reveals now-fixed flaw in Apple's App Sandbox controls could allow attackers to escalate device privileges and deploy malware.

The 3 Critical Elements You Need for Vulnerability Management Today

07/13/2022
Most organizations are flying blind when remediating vulnerabilities. We lack the tooling to secure software fast enough. We need a new approach to vulnerability management now.

Internet Searches Reveal Surprisingly Prevalent Ransomware

07/13/2022
Two mostly defunct threats — WannaCry and NonPetya — top the list of ransomware searches, but does that mean they are still causing problems?

3 Golden Rules of Modern Third-Party Risk Management

07/13/2022
It's time to expand the approach of TPRM solutions so risk management is more effective in the digital world.

Survey: Small Cybersecurity Teams Face Greater Risk from Attacks than Larger Enterprises

07/13/2022
Cynet CISO survey reveals lack of staff, skills, and resources driving smaller teams to outsource security with advanced tools, technologies, and services.

Microsoft: 10,000 Orgs Targeted in Phishing Attack That Bypasses Multifactor Authentication

07/13/2022
The massive phishing campaign does not exploit a vulnerability in MFA. Instead, it spoofs an Office 365 authentication page to steal credentials.

US Government and QuSecure Orchestrate First-Ever Post-Quantum Encryption Communication over a Government Network

07/13/2022
QuSecure’s QuProtect leverages unique post-quantum cryptographic algorithm on government legacy systems to achieve world’s first and only post-quantum resilient channel within a government facility.

New Research Reveals 93% of Organizations Surveyed Have Had Failed IIoT/OT Security Projects

07/13/2022
Barracuda research finds organizations are struggling to protect operational technology and getting breached as a result.

Keep Humans in the Loop in SOC Operations

07/13/2022
Machine learning and automation can help free up security pros for higher-value tasks.

Exostar Empowers SMBs with Enhanced, Low-Cost, Easy-to-Use Microsoft 365 and CMMC 2.0 Solutions

07/13/2022
Upgrades to the Exostar platform promote secure, compliant collaboration and handling of controlled unclassified information.

QuickBooks Vishing Scam Targets Small Businesses

07/13/2022
Businesses receive an invoice via email with a credit card charge and are asked to call a fake number and hand over personal information to receive a refund.

Getting Up and Running with Windows Autopatch

07/12/2022
This Tech Tip outlines how system administrators can get started with automated continuous patching for their Windows devices and applications.

PyPI Mandates 2FA, Plans Google Titan Key Giveaway

07/12/2022
Python's most popular package manager is intent on securing the supply chain by requiring developers to enable two-factor authentication.

Microsoft Issues Fixes for 84 Vulnerabilities: Here's What to Patch Now

07/12/2022
July's security update included fixes for one actively exploited flaw, more than 30 bugs in Azure Site Recovery, and four privilege escalation bugs in Windows Print Spooler.

Understanding the Omdia Threat Detection Data Life Cycle

07/12/2022
Data quality is key in an effective TDIR solution. Omdia's threat detection data life cycle highlights the considerations for effective data-driven threat detection.