Dark Reading

Ransomware Task Force Publishes Framework to Fight Global Threat

04/30/2021
An 81-page report details how ransomware has evolved, along with recommendations on how to deter attacks and disrupt its business model.

MITRE Adds MacOS, More Data Types to ATT&CK Framework

04/30/2021
Version 9 of the popular threat matrix will improve support for a variety of platforms, including cloud infrastructure.

MITRE Adds MacOS, Linux, More Data Types to ATT&CK Framework

04/30/2021
Version 9 of the popular threat matrix will improve support for a variety of platforms, including cloud infrastructure.

Survey Finds Broad Concern Over Third-Party App Providers Post-SolarWinds

04/30/2021
Most IT and cybersecurity professionals think security is important enough to delay deployment of applications, survey data shows.

Ghost Town Security: What Threats Lurk in Abandoned Offices?

04/30/2021
Millions of office buildings and campuses were rapidly abandoned during the pandemic. Now it's a year later. What happened in those office parks and downtown ghost towns? What security dangers lurk there now, waiting to ambush returning businesses?

7 Modern-Day Cybersecurity Realities

04/30/2021
Security pros may be working with a false sense of security. We explore seven places where old methods and techniques have to change to keep their organizations safe.

The Ticking Time Bomb in Every Company's Code

04/30/2021
Developers must weigh the benefits and risks of using third-party code in Web apps.

XDR Pushing Endpoint Detection and Response Technologies to Extinction

04/29/2021
Ironically, EDR's success has spawn demand for technology that extends beyond it.

Researchers Connect Complex Specs to Software Vulnerabilities

04/29/2021
Following their release of 70 different vulnerabilities in different implementations of TCP/IP stacks over the past year, two companies find a common link.

'BadAlloc' Flaws Could Threaten IoT and OT Devices: Microsoft

04/29/2021
More than 25 critical memory allocation bugs could enable attackers to bypass security controls in industrial, medical, and enterprise devices.

Your Digital Identity's Evil Shadow

04/29/2021
In the wrong hands, these shady shadows are stealthy means to bypass security systems by hiding behind a proxy with legitimate IP addresses and user agents.

The Challenge of Securing Non-People Identities

04/29/2021
Non-people identities, which can act intelligently and make decisions on behalf of a person's identity, are a growing cybersecurity risk.

Adobe Open Sources Tool for Anomaly Research

04/28/2021
The One-Stop Anomaly Shop (OSAS) project packages machine-learning algorithms into a Docker container for finding anomalies in security log data.

FluBot Malware's Rapid Spread May Soon Hit US Phones

04/28/2021
The FluBot Android malware has spread throughout several European countries through an SMS package delivery scam.

FBI Works With 'Have I Been Pwned' to Notify Emotet Victims

04/28/2021
Officials shared 4.3 million email addresses with the HIBP website to help inform companies and individuals if Emotet compromised their accounts.

How to Secure Employees' Home Wi-Fi Networks

04/28/2021
Businesses must ensure their remote workers' Wi-Fi networks don't risk exposing business data or secrets due to fixable vulnerabilities.

Cartoon Caption Winner: Rough Patch?

04/28/2021
And the winner of The Edge's April cartoon caption contest is ...

Is Your Cloud Raining Sensitive Data?

04/28/2021
Learn common Kubernetes vulnerabilities and ways to avoid them.

Attacks Targeting ADFS Token Signing Certificates Could Become Next Big Threat

04/28/2021
New research shows how threat actors can steal and decrypt signing certificates so SAML tokens can be forged.

Do Cyberattacks Affect Stock Prices? It Depends on the Breach

04/27/2021
A security researcher explores how data breaches, ransomware attacks, and other types of cybercrime influence stock prices.