Dark Reading

QuSecure Carves Out Space in Quantum Cryptography With Its Vision of a Post-RSA World

05/23/2022
NIST may be on the brink of revealing which post-quantum computing encryption algorithms it is endorsing, solidifying commercial developments like QuProtect.

Malicious Python Repository Package Drops Cobalt Strike on Windows, macOS & Linux Systems

05/23/2022
The PyPI "pymafka" package is the latest example of growing attacker interest in abusing widely used open source software repositories.

Linux Trojan XorDdos Attacks Surge, Targeting Cloud, IoT

05/23/2022
Analysts have seen a massive spike in malicious activity by the XorDdos trojan in the last six months, against Linux cloud and IoT infrastructures .

Why the Employee Experience Is Cyber Resilience

05/23/2022
A culture of trust, combined with tools designed around employee experience, can work in tandem to help organizations become more resilient and secure.

Valeo Networks Acquires Next I.T.

05/23/2022
Next I.T. is the sixth and largest acquisition to date for Valeo Networks.

Kingston Digital Releases Touch-Screen Hardware-Encrypted External SSD for Data Protection

05/23/2022
IronKey Vault Privacy 80 External SSD safeguards against brute-force attacks and BadUSB with digitally-signed firmware.

After the Okta Breach, Diversify Your Sources of Truth

05/23/2022
What subsequent protections do you have in place when your first line of defense goes down?

Chatbot Army Deployed in Latest DHL Shipping Phish

05/20/2022
In a new phishing tactic, faux chatbots establish a conversation with victims to guide them to malicious links, researchers say.

Quantum Key Distribution for a Post-Quantum World

05/20/2022
New versions of QKD use separate wavelengths on the same fiber, improving cost and efficiency, but distance is still a challenge.

Microsoft Rushes a Fix After May Patch Tuesday Breaks Authentication

05/20/2022
Two of Microsoft's Patch Tuesday updates need a do-over after causing certificate-based authentication errors.

Authentication Is Static, Yet Attackers Are Dynamic: Filling the Critical Gap

05/20/2022
To succeed against dynamic cybercriminals, organizations must go multiple steps further and build a learning system that evolves over time to keep up with attacker tactics.

New Open Source Project Brings Consistent Identity Access to Multicloud

05/20/2022
Hexa and IDQL allow organizations using cloud platforms such as Microsoft Azure, Amazon Web Services, and Google Cloud Platform to apply consistent access policy across all applications, regardless of environment.

More Than 1,000 Cybersecurity Career Pursuers Complete the (ISC)² Entry-Level Cybersecurity Certification Pilot Exam

05/19/2022
New professional certification program establishes a pathway into the workforce for students and career changers by demonstrating their foundational knowledge, skills and abilities to employers.

Deadbolt Ransomware Targeting QNAP NAS Devices

05/19/2022
QNAP is urging customers of its NAS products to update QTS and avoid exposing the devices to the Internet.

Pro-Russian Information Operations Escalate in Ukraine War

05/19/2022
In the three months since the war started, Russian operatives and those allied with the nation's interests have unleashed a deluge of disinformation and fake news to try and sow fear and confusion in Ukraine, security vendor says.

DoJ Won't Charge 'Good Faith' Security Researchers

05/19/2022
Revised policy means security analysts won't be charged under the Computer Fraud and Abuse Act.

Dig Exits Stealth With $11M for Cloud Data Detection and Response Solution

05/19/2022
CrowdStrike and CyberArk invest in Dig's seed round, which was led by Team8, alongside Merlin Ventures and chairs of MongoDB and Exabeam.

6 Scary Tactics Used in Mobile App Attacks

05/19/2022
Mobile attacks have been going on for many years, but the threat is rapidly evolving as more sophisticated malware families with novel features enter the scene.

Phishing Attacks for Initial Access Surged 54% in Q1

05/19/2022
For the first time in a year, security incidents involving email compromises surpassed ransomware incidents, a new analysis shows.

MITRE Creates Framework for Supply Chain Security

05/18/2022
System of Trust includes data-driven metrics for evaluating the integrity of software, services, and suppliers.