Dark Reading

How 2 New Executive Orders May Reshape Cybersecurity & Supply Chains for a Post-Pandemic World

A modernized US technology strategy must account for the growing ideological divide between authoritarians and democracies over the use of cyber and emerging technologies.

Cobalt Strike Becomes a Preferred Hacking Tool by Cybercrime, APT Groups

Incident response cases and research show how the red-team tool has become a become a go-to for attackers.

SolarWinds CEO: Attack Began Much Earlier Than Previously Thought

Investigation shows threat actors began probing SolarWinds' network in January 2019, according to Sudhakar Ramakrishna.

Google Chrome Makes It Easier to Update Compromised Passwords

A new capability will use Google's Duplex technology to alert people when their passwords are compromised and help change them.

Attackers Took 5 Minutes to Start Scanning for Exchange Server Flaws

Research underscores the acceleration of attack activity and points to a growing concern that defenders can't keep pace.

Automation & Pervasive, Connected Technology to Pose Cyber Threats in 2030

A project to look at potential cybersecurity threats in a decade sees hackers and marketers sending spam directly to our vision, while attackers' automated systems adapt faster than defenses.

Colonial Pipeline CEO Confirms Ransom Payment

CEO Joseph Blount says the $4.4 million payment was a necessary decision amid high-stakes infrastructure disruption.

How to Adapt to Rising Consumer Expectations of Invisible Security

Working from home has changed users' ideas about seamless security. Here's how to address them.

Credential Stuffing Reaches 193 Billion Login Attempts Annually

More attacks does not necessarily mean more threats, but all attacks types have increased, according to Akamai's new "State of the Internet" report.

How Ransomware Encourages Opportunists to Become Criminals

And what's needed to stop it: Better information sharing among private organizations and with law enforcement agencies.

How Attackers Weigh the Pros and Cons of BEC Techniques

Security researchers discuss attackers' evolving methodologies in business email compromise and phishing campaigns.

How to Get Employees to Care About Security

Want to a security awareness program that sticks? Make it fun and personal -- and offer free lunch.

Splunk to Acquire TruStar for Data Management

Splunk said it will integrate TruStar's data-sharing capabilities into its Data-to-Everything platform following the acquisition.

FBI's IC3 Logs 1M Complaints in 14 Months

The FBI's IC3 reports COVID-related scams and an increase in online retail may be behind the upswing in complaints.

Why Anti-Phishing Training Isn't Enough

Not only is relying on employees' awareness insufficient to prevent sophisticated social engineering attacks, some training methods can create other problems.

Best 11 Quotes From Cryptographers' Panel

Cryptographers at an RSA Conference panel aren't worried about adversarial quantum cryptography. Machine learning, though, causes pressing practical issues.

Researchers Create Covert Channel Over Apple AirTag Network

Small amounts of data could be sent from nearly anywhere using Apple's "Find My" network, hidden in the large volume of traffic as AirTags become widely used, two researchers say.

How to Mitigate Against Domain Credential Theft

Attackers routinely reuse stolen domain credentials. Here are some ways to thwart their access.

Cisco Plans to Create 'Premium' SecureX Offering With Kenna Security Features

Executives from Cisco share insights on the networking giant's ambitious security strategy.

Latest Security News From RSAC 2021

Check out Dark Reading's updated, exclusive coverage of the news and security themes that are dominating RSA Conference 2021.