Dark Reading

DoD Lets Researchers Target All Publicly Accessible Info Systems

05/05/2021
The Department of Defense expands its vulnerability disclosure program to include a broad range of new targets.

Wanted: The (Elusive) Cybersecurity 'All-Star'

05/05/2021
Separate workforce studies by (ISC) 2 and ISACA point to the need for security departments to work with existing staff to identify needs and bring entry-level people into the field.

Debating Law Enforcement's Role in the Fight Against Cybercrime

05/05/2021
The FBI's action to remove Web shells from compromised Microsoft Exchange Servers sparks a broader discussion about officials' response to cyberattacks.

Will 2021 Mark the End of World Password Day?

05/05/2021
We might be leaving the world of mandatory asterisks and interrobangs behind for good.

Newer Generic Top-Level Domains a Security 'Nuisance'

05/04/2021
Ten years of passive DNS data shows classic TLDs such as .com and .net dominate newer TLDs in popularity and use.

Apple Issues Patches for Webkit Security Flaws

05/04/2021
The vulnerabilities may already be under active attack, Apple says in an advisory.

Planning Our Passwordless Future

05/04/2021
All the talk that passwords could one day go away seemed too good to be true, yet the scales are finally started to tip to a passwordless reality. (Part one of a two-part series.)

Hundreds of Millions of Dell Computers Potentially Vulnerable to Attack

05/04/2021
Hardware maker has issued an update to fix multiple critical privilege escalation vulnerabilities that have gone undetected since 2009.

More Companies Adopting DevOps & Agile for Security

05/04/2021
Measures of programming speed, security, and automation have all significantly increased in the past year, GitLab's latest survey finds.

Scripps Health Responds to Cyberattack

05/04/2021
The health care system says it has suspended access to patient portals and other applications related to operations at Scripps facilities.

Can Organizations Secure Remote Workers for the Long Haul?

05/04/2021
By focusing on protection instead of detection, organizations can defend against targeted attacks without compromising security or productivity.

It's Time to Ditch Celebrity Cybersecurity

05/04/2021
High-profile attacks and solutions are shiny objects that can distract from the defenses that afford the greatest protection.

Researchers Explore Active Directory Attack Vectors

05/03/2021
Incident responders who investigate attacks targeting Active Directory discuss methods used to gain entry, elevate privileges, and control target systems.

Name That Edge Toon: Magical May

05/03/2021
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.

Imperva to Buy API Security Firm CloudVector

05/03/2021
The deal is intended to expand Imperva's API security portfolio, officials say.

Buer Malware Variant Rewritten in Rust Programming Language

05/03/2021
Researchers suggest a few reasons why operators rewrote Buer in an entirely new language

Researchers Find Bugs Using Single-Codebase Inconsistencies

05/03/2021
A Northeastern University research team finds code defects -- and some vulnerabilities -- by detecting when programmers used different code snippets to perform the same functions.

Dark Reading Celebrates 15th Anniversary

05/03/2021
Cybersecurity news site begins 16th year with plans to improve site, deliver more content on cyber threats and best practices.

Stopping the Next SolarWinds Requires Doing Something Different

05/03/2021
Will the SolarWinds breach finally prompt the right legislative and regulatory actions on a broader, more effective scale?

The Edge Pro Tip: Protect IoT Devices

05/03/2021
As Internet-connected devices become more prevalent in organizations, security issues increase as well.