Dark Reading

4 Steps for Fostering Collaboration Between IT Network and Security Teams

09/13/2021
Successful collaboration requires a four-pronged approach that considers operations and infrastructure, leverages shared data, supports new workflows, and is formalized with documentation.

Groove Ransomware Gang Tries New Tactic to Attract Affiliates

09/10/2021
The threat group, which leaked some 500,000 credentials for Fortinet SSL VPN devices, views ransomware as just one way to profit from compromised networks, experts say.

Recent Breaches Underscore High Healthcare Security Risk

09/10/2021
Healthcare institutions in California and Arizona are sending breach notification letters after attackers compromised thousands of patients' data.

UN Confirms April 2021 Data Breach

09/10/2021
UN official also confirms further attacks connected to the initial breach have been detected and are under investigation.

How Can I Reduce the Chances of My Company Getting Hit by Ransomware?

09/10/2021
A few cyber-hygiene best practices can get you started.

Steel Root Inc. Announces College Scholarship Promoting Cybersecurity Education

09/10/2021
Scholarship provides $10,000 in financial support to help underprivileged youth; highlights growing demand for skilled applicants in field of cybersecurity.

Piratica Is Back at Hack For Troops' Fundraising Event

09/10/2021
All proceeds from global Capture the Flag event go toward tech investments and IT reskilling programs for U.S. veterans.

Application Security a Growing Priority Among Security Pros

09/10/2021
A Dark Reading survey finds most IT and security managers would rather wait to deploy applications than risk security flaws.

IAM Stakeholders: The Business Operations Point of View

09/10/2021
As the number of identities managed by enterprise skyrockets, organizations are taking steps to better align security and identity.

REvil Ransomware Group's Sudden Re-emergence Sparks Concerns

09/09/2021
Some had hoped the notorious Russia-based group had been pressured to quit for good after a couple of especially egregious attacks on US targets earlier this year.

Microsoft Warns of Vuln That Allowed Access to Azure Infrastructure

09/09/2021
Microsoft ran a five-year-old component that allowed vulnerability researchers to punch through the isolation that normally protects cloud tenants, researchers found.

Sidewalk Malware Tied to China-Linked Espionage Group

09/09/2021
The Sidewalk backdoor has been connected to the Grayfly espionage group and seen in attacks in Asia and North America.

Researchers Play Leading Role in Detecting Cloud Misconfiguration

09/09/2021
A new report finds 62% of cloud misconfiguration incidents are reported by independent researchers before criminals can find them.

How to Bust Through Barriers for a More Diverse Cybersecurity Workforce

09/09/2021
Diversity is the topic du jour, but cybersecurity professionals of color still face a lot of hurdles to enter and grow within the industry. Organizations such as Blacks in Cybersecurity are providing some of these under-represented groups with a voice.

FragAttacks Foil 2 Decades of Wireless Security

08/06/2021
Wireless security protocols have improved, but product vendors continue to make implementation errors that allow a variety of attacks.

Researchers Call for 'CVE' Approach for Cloud Vulnerabilities

08/06/2021
New research suggests isolation among cloud customer accounts may not be a given -- and the researchers behind the findings issue a call to action for cloud security.

HTTP/2 Implementation Errors Exposing Websites to Serious Risks

08/05/2021
Organizations that don't implement end-to-end HTTP/2 are vulnerable to attacks that redirect users to malicious sites and other threats, security researcher reveals at Black Hat USA.

CISA Launches JCDC, the Joint Cyber Defense Collaborative

08/05/2021
"We can't do this alone," the new CISA director told attendees in a keynote at Black Hat USA today.

Incident Responders Explore Microsoft 365 Attacks in the Wild

08/05/2021
Mandiant experts discuss the novel techniques used to evade detection, automate data theft, and achieve persistent access.

Researchers Find Significant Vulnerabilities in macOS Privacy Protections

08/05/2021
Attacks require executing code on a system but foil Apple's approach to protecting private data and systems files.