Dark Reading

Bolstering Our Nation's Defenses Against Cybersecurity Attacks

04/14/2021
Shawn Henry, former Executive Assistant Director of the FBI and current CrowdStrike president of services and CSO, shares the top three cybersecurity priorities that the Biden administration needs to address.

Dependency Problems Increase for Open Source Components

04/14/2021
The number of components in the average application rose 77% over two years. No wonder, then, that 84% of codebases have at least one vulnerability.

DNS Vulnerabilities Expose Millions of Internet-Connected Devices to Attack

04/13/2021
Researchers uncover a fresh set of nine vulnerabilities in four TCP/IP stacks that are widely used in everything from powerful servers and firewalls to consumer IoT products.

NSA Alerted Microsoft to New Exchange Server Vulnerabilities

04/13/2021
Microsoft today patched 114 CVEs to address the Exchange Server flaws, more than 50 remote code execution vulnerabilities, and one zero-day.

Compromised Microsoft Exchange Server Used to Host Cryptominer

04/13/2021
Researchers say an unknown attacker is targeting vulnerable Exchange Servers with a payload hosted on a compromised Exchange Server.

Global Dwell Time Drops as Ransomware Attacks Accelerate

04/13/2021
The length of time attackers remain undiscovered in a target network has fallen to 24 days, researchers report, but ransomware plays a role.

Dark Reading to Upgrade Site Design, Performance

04/13/2021
Improvements will make site content easier to navigate, faster, and more functional.

5 Objectives for Establishing an API-First Security Strategy

04/13/2021
With APIs predicted to be the most common attack vector by 2022, an API-first security strategy is critical now more than ever.

Clear & Present Danger: Data Hoarding Undermines Better Security

04/13/2021
Facebook and Google can identify patterns of attack within their own data, but smaller businesses rarely see enough traffic to successfully identify an attack or warn users.

Biden Nominates Former NSA Officials for Top Cybersecurity Roles

04/12/2021
President Biden has nominated Jen Easterly as the new director of CISA and is expected to nominate Chris Inglis as the first national cyber director.

Microsoft Warns of Malware Delivery via Google URLs

04/12/2021
A new campaign abuses legitimate website contact forms to send URLs that ultimately deliver the IcedID banking Trojan.

Federal Reserve Chairman Says Cyber-Risk a Top Threat to National Economy

04/12/2021
Jerome Powell tells 60 Minutes that cyberattacks have the potential to do major damage to US financial system.

Microsoft Uses Machine Learning to Predict Attackers' Next Steps

04/12/2021
Researchers build a model to attribute attacks to specific groups based on tactics, techniques, and procedures, and then figure out their next move.

New Malware Downloader Spotted in Targeted Campaigns

04/12/2021
Saint Bot is being used to drop stealers on compromised systems but could be used to deliver any malware.

Wake Up and Smell the JavaScript

04/12/2021
The SolarWinds attack showed the true meaning of a supply chain breach. And it's the canary in the coal mine for sensitive data on the Web.

Omdia Research Spotlight: XDR

04/12/2021
Few emerging cybersecurity market segments are garnering more attention than XDR. Here, Omdia highlights its recent research on XDR.

Unofficial Android App Store APKPure Infected With Malware

04/09/2021
The APKPure app store was infected with malware that can download Trojans to other Android devices, researchers report.

CISA Launches New Threat Detection Dashboard

04/09/2021
Aviary is a new dashboard that works with CISA's Sparrow threat detection tool.

Battle for the Endpoint

04/09/2021
How to build a new cyber strategy for 2021 and beyond.

8 Security & Privacy Apps to Share With Family and Friends

04/09/2021
Mobile apps to recommend to the people in your life who want to improve their online security and privacy.