Dark Reading

Biden Broadens NSA Oversight of National Security Systems

01/20/2022
New Cybersecurity National Security Memorandum will let the spy agency "identify vulnerabilities, detect malicious threat activity and drive mitigations," agency cybersecurity director says.

(ISC)² Appoints Jon France, CISSP, as Chief Information Security Officer

01/20/2022
Accomplished cybersecurity leader will advocate globally for best practices in risk management and head up association security operations.

Researchers Discover Dangerous Firmware-Level Rootkit

01/20/2022
MoonBounce is the latest in a small but growing number of implants found hidden in a computer's Unified Extensible Firmware Interface (UEFI).

Automating Response Is a Marathon, Not a Sprint

01/20/2022
Organizations should balance process automation and human interaction to meet their unique security requirements.

Red Cross Hit via Third-Party Cyberattack

01/20/2022
The incident compromised the personal data and confidential information of more than 515,000 "highly vulnerable people," the Red Cross reports.

Enterprises Are Sailing Into a Perfect Storm of Cloud Risk

01/20/2022
Policy as code and other techniques can help enterprises steer clear of the dangers that have befallen otherwise sophisticated cloud customers.

4 Ways to Develop Your Team's Cyber Skills

01/20/2022
Organizations need to invest in professional development — and then actually make time for it.

Cisco's Kenna Security Research Shows the Relative Likelihood of an Organization Being Exploited

01/20/2022
A record-breaking 20,130 vulnerabilities were reported in 2021. However, only 4% pose a high risk to organizations.

FireEye & McAfee Enterprise Renamed as Trellix

01/19/2022
Symphony Technology Group announces a name for the newly merged company, which aims to become a leader in extended detection and response (XDR).

What Happens to My Organization If APIs Are Compromised?

01/19/2022
Once attackers have obtained access, they can compromise other systems or pivot within your networks.

Nigerian Police Arrest 11 Individuals in BEC Crackdown

01/19/2022
More than 50,000 targets around the world have been affected by the business email compromise scams, Interpol reports.

Revamped Community-Based DDoS Defense Tool Improves Filtering

01/19/2022
Team Cymru updates its Unwanted Traffic Removal Service (UTRS), adding more granular controls and greater ranges of both IPv4 and IPv6 addresses.

1Password Raises $620M Series C, Now Valued at $6.8B

01/19/2022
The massive funding round comes as the rise of cloud and remote work led to new threats and growing security and privacy concerns.

5 AI and Cybersecurity Predictions for 2022

01/19/2022
Among them: Explainable artificial intelligence (XAI) will improve the ways humans and AI interact, plus expect a shift in how organizations fight ransomware.

When Patching Security Flaws, Smarter Trumps Faster

01/19/2022
Just turning the patch dial to "high" is not enough, and if your company is using the Common Vulnerability Scoring System (CVSS) to prioritize software patching, you are doing it wrong.

Cloud Adoption Widens the Cybersecurity Skills Gap

01/19/2022
No matter what cloud services you employ, you are still responsible for protecting the security of your data.

LogPoint Releases LogPoint 7, Adding SOAR Capabilities Within SIEM

01/19/2022
LogPoint 7 includes ready-made integrations to connect with existing security technologies, including endpoint protection, network detection, and threat management.

(ISC)² Launches Entry-Level Cybersecurity Course

01/19/2022
Prospective entrants to the sector will receive instruction on fundamental cybersecurity concepts on which they will be evaluated during the new (ISC)² entry-level cybersecurity certification pilot exam.

Preparing for the Next Cybersecurity Epidemic: Deepfakes

01/19/2022
Using blockchain, multifactor authentication, or signatures can help boost authentication security and reduce fraud.

Cloud Identity Startup Permiso Launches With $10M Seed

01/18/2022
Permiso's co-founders say the No. 1 problem in the cloud is identity, and their platform is designed to tackle the notoriously difficult challenge of monitoring the activity of those identities.