Dark Reading

Adapting to the Security Threat of Climate Change

05/13/2021
Business continuity plans that address natural and manmade disasters can help turn a cataclysmic business event into a minor slowdown.

Defending the Castle: How World History Can Teach Cybersecurity a Lesson

05/13/2021
Cybersecurity attackers follow the same principles practiced in warfare for millennia. They show up in unexpected places, seeking out portions of an organization's attack surface that are largely unmonitored and undefended.

Verizon DBIR 2021: "Winners" No Surprise, But All-round Vigilance Essential

05/13/2021
Verizon's Data Breach Investigations Report (DBIR) covers 2020 -- a year like no other. Phishing, ransomware, and innovation caused big problems.

Despite Heightened Breach Fears, Incident Response Capabilities Lag

05/12/2021
Many organizations remain unprepared to detect, respond, and contain a breach, a new survey shows.

Researchers Unearth 167 Fake iOS & Android Trading Apps

05/12/2021
The apps are disguised as financial trading, banking, and cryptocurrency apps from well-known and trusted organizations.

Putting The Spotlight on DarkSide

05/12/2021
Incident responders share insight on the DarkSide ransomware group connected to the recent Colonial Pipeline ransomware attack.

66% of CISOs Feel Unprepared for Cyberattacks

05/12/2021
More than half of CISOs surveyed are more concerned about a cyberattack in 2021 than in 2020, researchers report.

Vulnerable Protocols Leave Firms Open to Further Compromises

05/12/2021
Companies may no longer have Internet-facing file servers or weakly secured Web servers, but attackers that get by the perimeter have a wide-open landscape of vulnerability.

Hashes, Salts, and Rainbow Tables: Confessions of a Password Cracker

05/12/2021
Understanding a few basics about how password crackers think and behave could help you keep your users safer.

Cybersecurity: What Is Truly Essential?

05/12/2021
In an effort to protect their organizations, security professionals can overdo it. The result often works against them.

Why You Should Be Prepared to Pay a Ransom

05/12/2021
Companies that claim they'll never pay up in a ransomware attack are more likely to get caught flat-footed.

The Long Road to Rebuilding Trust After 'Golden SAML'-Like Attacks

05/12/2021
Eradicating 'privileged intruders' from the network in the aftermath of an attack poses major challenges, experts say.

A Startup With NSA Roots Wants Silently Disarming Cyberattacks on the Wire to Become the Norm

05/11/2021
Trinity Cyber takes a new spin on some traditional network-security techniques, but can its approach catch on widely?

Adobe Issues Patch for Acrobat Zero-Day

05/11/2021
The vulnerability is being exploited in limited attacks against Adobe Reader users on Windows.

Application Attacks Spike as Criminals Target Remote Workers

05/11/2021
Application-specific and Web application attacks made up 67% of all attacks in 2020 as criminal strategies shifted in the pandemic.

Microsoft Patch Tuesday: 4 Critical CVEs, 3 Publicly Known, 1 Wormable

05/11/2021
Microsoft releases security patches for 55 vulnerabilities in its monthly roundup, which includes a critical, wormable flaw in the HTTP protocol stack.

Cartoon Caption Winner: Greetings, Earthlings

05/11/2021
And the winner of Dark Reading's April cartoon caption contest is ...

3 Cybersecurity Myths to Bust

05/11/2021
Deeply rooted cybersecurity misconceptions are poisoning our ability to understand and defend against attacks.

Critical Infrastructure Under Attack

05/11/2021
Several recent cyber incidents targeting critical infrastructure prove that no open society is immune to attacks by cybercriminals. The recent shutdown of key US energy pipeline marks just the tip of the iceberg.

Colonial Pipeline Cyberattack: What Security Pros Need to Know

05/10/2021
As the massive US pipeline operator works to restore operations after a DarkSide ransomware attack late last week, experts say it's a cautionary tale for critical infrastructure providers.