Dark Reading

Microsoft Details Recent Damaging Malware Attacks on Ukrainian Organizations

01/18/2022
"WhisperGate" malware was used to overwrite Master Boot Record and other files to render systems inoperable at several organizations in Ukraine, Microsoft says.

Researchers Explore Hacking VirusTotal to Find Stolen Credentials

01/18/2022
VirusTotal can be used to collect large amounts of credentials without infecting an organization or buying them online, researchers found.

End Users Remain Organizations' Biggest Security Risk

01/18/2022
Yet they're showing signs of improvement across several important areas, a Dark Reading survey reveals.

Take 'Urgent' Steps to Secure Systems From Damaging Attacks, CISA Says

01/18/2022
CISA issues alert for senior leadership of US organizations amid rising tensions between Russia and Ukraine.

Kaspersky Announces Takedown Service

01/18/2022
Service facilitates the removal of malicious and phishing domains.

Kovrr Translates Cyber Risk into Business Impact with its Quantum Platform

01/18/2022
On-demand cyber risk quantification platform enables C-suite to prioritize and justify cybersecurity investments through financial quantification.

Europol Shuts Down Popular Cybercriminal VPN Service

01/18/2022
VPNLab was used to support criminal activity, including ransomware campaigns and other attacks, Europol officials report.

US Search for Vulnerabilities Drives 10x Increase in Bug Reports

01/18/2022
Cross-site scripting and broken access controls continued to be the top classes of vulnerabilities researchers discovered, according to Bugcrowd's annual vulnerability report.

Name That Toon: Nowhere to Hide

01/18/2022
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

5 Reasons Why M&A Is the Engine Driving Cybersecurity

01/18/2022
Consistent acquisition of key technologies and talent is a proven strategy for growth.

Mastering the Art of Cloud Tagging Using Data Science

01/17/2022
Cloud tagging, the process of labeling cloud assets by certain attributes or operational values, can unlock behavioral insights to optimize and automate cyber asset management at scale.

Russia Takes Down REvil Ransomware Operation, Arrests Key Members

01/14/2022
Timing of the move has evoked at least some skepticism from security experts about the country's true motives.

The Cybersecurity Measures CTOs Are Actually Implementing

01/14/2022
Companies look to multifactor authentication and identity and access management to block attacks, but hedge their bets with disaster recovery.

Maryland Dept. of Health Responds to Ransomware Attack

01/14/2022
An attack discovered on Dec. 4, 2021 forced the Maryland Department of Health to take some of its systems offline.

White House Meets With Software Firms and Open Source Orgs on Security

01/14/2022
The Log4j vulnerability is only the latest security flaw to have global impact, prompting the Biden administration and software developers to pledge to produce more secure software.

What's Next for Patch Management: Automation

01/14/2022
The next five years will bring the widespread use of hyperautomation in patch management. Part 3 of 3.

BlueNoroff Threat Group Targets Cryptocurrency Startups

01/13/2022
A series of attacks against small and medium-sized businesses has led to major cryptocurrency losses for the victims.

Fighting Back Against Pegasus, Other Advanced Mobile Malware

01/13/2022
Detecting infection traces from Pegasus and other APTs can be tricky, complicated by iOS and Android security features.

How to Protect Your Phone from Pegasus and Other APTs

01/13/2022
The good news is that you can take steps to avoid advanced persistent threats. The bad news is that it might cost you iMessage. And FaceTime.

New Vulnerabilities Highlight Risks of Trust in Public Cloud

01/13/2022
Major cloud providers are vulnerable to exploitation because a single flaw can be turned into a global attack using trusted core services.