Dark Reading

Privacy4Cars Secures Fourth Patent to Remove Privacy Information From Vehicles and Create Compliance Logs

11/14/2022
Data-deletion service's patent covers removing personal information such as geolocation, biometrics, and phone records from a vehicle by using a user-computing device

Avatier Achieves ISO 27001 Certification for its Information Security Management System

11/14/2022
Designation recognizes highest caliber of information security.

Quantum Cryptography Apocalypse: A Timeline and Action Plan

11/14/2022
Quantum computing's a clear threat to encryption, and post-quantum crypto means adding new cryptography to hardware and software without being disruptive.

How APIs and Applications Can Live Happily Ever After

11/14/2022
Solutions that allow businesses to reduce complexity, develop and deploy applications and APIs, and protect those applications and APIs are no fairy tale.

Why Cybersecurity Should Highlight Veteran-Hiring Programs

11/11/2022
Military veterans tend to have the kind of skills that would make them effective cybersecurity professionals, but making the transition is not that easy.

Cybersecurity 'Nutrition' Labels Still a Work in Progress

11/11/2022
Pretty much every aspect of the effort to create easy-to-understand labels for Internet-of-Things (IoT) products is up in the air, according to participants in the process.

Cookies for MFA Bypass Gain Traction Among Cyberattackers

11/11/2022
Multifactor authentication has gained adoption among organizations as a way of improving security over passwords alone, but increasing theft of browser cookies undermines that security.

Knock, Knock: Aiphone Bug Allows Cyberattackers to Literally Open (Physical) Doors

11/11/2022
The bug affects several Aiphone GT models using NFC technology and allows malicious actors to potentially gain access to sensitive facilities.

Uyghurs Targeted With Spyware, Courtesy of PRC

11/11/2022
Chinese government employs spyware to detect so-called "pre-crimes" including using a VPN, religious apps, or WhatsApp, new analysis reveals.

Why CVE Management as a Primary Strategy Doesn't Work

11/11/2022
With only about 15% of vulnerabilities actually exploitable, patching every vulnerability is not an effective use of time.

Okta Launches New Workforce Identity Cloud

11/10/2022
Okta Worforce Identity Cloud has all three identity functions – identity access management, identity governance, and privilege access management – under the hood.

Cyberwar and Cybercrime Go Hand in Hand

11/10/2022
The line between criminal and political aims has become blurred, but motivations matter less than the effects of a breach.

5 Easy Steps to Bypass Google Pixel Lock Screens

11/10/2022
PIN-locked SIM card? No problem. It's easy for an attacker to bypass the Google Pixel lock screen on unpatched devices.

Veterans Day Salute: 6 Reasons Why You Want Vets in Your Cyber Platoon

11/10/2022
We commend vets in cyber, with this slideshow look at how the training and experience of former military personnel can be a big, differentiating asset in cybersecurity environments.

Twitter's CISO Takes Off, Leaving Security an Open Question

11/10/2022
Lea Kissner was one of three senior executives to quit this week, leaving many to wonder if the social media giant is ripe for a breach and FTC action.

LockBit Bigwig Arrested for Ransomware Crimes

11/10/2022
A dual Russian-Canadian citizen is being extradited to the US to face charges related to LockBit ransomware activities.

Managing and Mitigating Risk From Unknown Unknowns

11/10/2022
Five practical steps to up-level attack surface management programs and gain greater visibility and risk mitigation around the extended ecosystem.

Evasive KmsdBot Cryptominer/DDoS Bot Targets Gaming, Enterprises

11/10/2022
KmsdBot takes advantage of SSH connections with weak login credentials to mine currency and deplete network resources, as it gains a foothold on enterprise systems.

Amazon, Microsoft Cloud Leaks Highlight Lingering Misconfiguration Issues

11/10/2022
Cloud storage databases, often deployed as "rogue servers" without the blessing of the IT department, continue to put companies and their sensitive data at risk.

How to Close Kubernetes' Network Security Gap

11/10/2022
StackRox bridges network security and other gaps and makes applying and managing network isolation and access controls easier while extending Kubernetes' automation and scalability benefit.