Dark Reading

New Survey Illustrates Real-World Difficulties in Cloud Security

03/22/2018
Depending on traditional models makes cloud security more challenging for organizations, according to a Barracuda Networks report.

Criminals Using Web Injects to Steal Cryptocurrency

03/22/2018
Man-in-the-browser attacks targeting Blockchain.info and Coinbase websites, SecurityScorecard says.

Is Application Security Dead?

03/22/2018
The nature of the field has changed greatly because of the move to the cloud and enterprise digital transformation.

Hunting Cybercriminals with AWS Honey Tokens

03/22/2018
Researchers at Black Hat Asia demonstrated how they used AWS honey tokens to detect security breaches at scale.

US Federal Spending Bill Includes $380 Million for Securing Election Systems

03/22/2018
Spending bill includes election technology grants for states to shore up security of their voting systems, reports say.

5 Ways to Get Ready for Public Cloud Deployment

03/22/2018
Syncing security and product development early is now a "must do."

7 Ways to Protect Against Cryptomining Attacks

03/22/2018
Implementing basic security hygiene can go a long way in ensuring your systems and website don't get hijacked.

Applications & Identities Initial Targets in 86% of Breaches: Report

03/22/2018
The startling numbers of breached data are sobering: 11.8 billion records compromised in 337 of 433 incidents examined by F5 researchers. They include 10.3 billion usernames, passwords, and email accounts.

Supply Chain Cyberattacks Surged 200% in 2017

03/22/2018
Symantec's annual Internet Security Threat Report also shows that zero-day exploits fizzled and cryptocurrency mining exploded.

GandCrab Ransomware Goes 'Agile'

03/21/2018
GandCrab ransomware's developers have iterated the code rapidly, researchers found.

Gartner Expects 2018 IoT Security Spending to Reach $1.5 Billion

03/21/2018
Regulations, breach concerns will push spending to over $3 billion by 2021, analyst firm says.

SOC in Translation: 4 Common Phrases & Why They Raise Flags

03/21/2018
By keeping an ear out for out for catchphrases like "Just ask Stu" or "I've got a bad feeling about this," CISOs can overcome the barriers that get between business leaders and their security teams.

DHS Chief: Election Security Now Top Priority Among Critical Systems

03/21/2018
Homeland Security Secretary Kirstjen Nielsen told Congress today that her department is working to assist states with their election systems' security.

Puerto Rico's Electric Utility Hacked in Weekend Attack

03/21/2018
Service was disrupted but no customer records compromised, officials said.

How Serverless Computing Reshapes Security

03/21/2018
The new division of responsibility moves some security concerns off a business's plate while changing priorities for other risks.

Online Sandboxing: A Stash for Exfiltrated Data?

03/21/2018
SafeBreach researchers extend leaky sandbox research to show how services like VirusTotal and Hybrid Analysis could be used to steal data from air-gapped systems.

Cybersecurity Spring Cleaning: 3 Must-Dos for 2018

03/21/2018
Why 'Spectre' and 'Meltdown,' GDPR, and the Internet of Things are three areas security teams should declutter and prioritize in the coming months.

A Look at Cybercrime's Banal Nature

03/20/2018
Cybercrime is becoming a more boring business, a new report shows, and that's a huge problem for victims and law enforcement.

Azure Guest Agent Design Enables Plaintext Password Theft

03/20/2018
Researchers find attackers can abuse the design of Microsoft Azure Guest Agent to recover plaintext administrator passwords.

Critical Infrastructure: Stop Whistling Past the Cyber Graveyard

03/20/2018
An open letter to former colleagues in Homeland Security, peers in private sector cybersecurity firms, those who own and operate critical systems, academics, and politicians.