Dark Reading

New Zero-Trust Maturity Data: Charting Your Own Organization

08/24/2022
Every organization is on a zero-trust journey. Learn about how critical identity is to your security evolution, and how your organization can move forward.

Unusual Microsoft 365 Phishing Campaign Spoofs eFax Via Compromised Dynamics Voice Account

08/24/2022
In a widespread campaign, threat actors use a compromised Dynamics 365 Customer Voice business account and a link posing as a survey to steal Microsoft 365 credentials.

Nearly 3 Years Later, SolarWinds CISO Shares 3 Lessons From the Infamous Attack

08/24/2022
SolarWinds CISO Tim Brown explains how organizations can prepare for eventualities like the nation-state attack on his company’s software.

Acronis' Midyear Cyberthreats Report Finds Ransomware Is the No. 1 Threat to Organizations, Projects Damages to Exceed $

08/24/2022
Increasing complexity in IT continues to lead to breaches and compromises, highlighting the need for more holistic approaches to cyber protection.

Why Empathy Is the Key to Better Threat Modeling

08/24/2022
Avoid the disconnect between seeing the value in threat modeling and actually doing it with coaching, collaboration, and integration. Key to making it "everybody's thing" is communication between security and development teams.

CyberRatings.org Announces New Web Browser Test Results for 2022

08/24/2022
Three of the world's leading browsers were measured for phishing and malware protection, with time to block and protection over time as key metrics in test scores.

Report: Financial Institutions Are Overwhelmed When Facing Growing Firmware Security and Supply Chain Threats

08/24/2022
New research report reveals financial organizations are failing to act despite majority experiencing a firmware-related breach.

DevSecOps Gains Traction — but Security Still Lags

08/23/2022
Almost half of teams develop and deploy software using a DevSecOps approach, but security remains the top area of investment, a survey finds.

Thoma Bravo Buying Spree Highlights Hot Investor Interest in IAM Market

08/23/2022
M&A activity in the identity and access management (IAM) space has continued at a steady clip so far this year.

Mudge Blows Whistle on Alleged Twitter Security Nightmare

08/23/2022
Lawmakers and cybersecurity insiders are reacting to a bombshell report from former Twitter security head Mudge Zatko, alleging reckless security lapses that could be exploited by foreign adversaries.

Proofpoint Introduces a Smarter Way to Stay Compliant with New Intelligent Compliance Platform

08/23/2022
Integrated solution offers enterprises modern regulatory compliance safeguards while simplifying corporate legal protection practices.

Facing the New Security Challenges That Come With Cloud

08/23/2022
Organizations relying on multicloud or hybrid-cloud environments without a true understanding of their security vulnerabilities do so at their peril.

Secure Code Warrior Spotlights the Importance of Developer Security Skills with 2nd Annual Devlympics Competition

08/23/2022
The global secure coding competition will be held In October, during Cybersecurity Awareness Month.

One-Third of Popular PyPI Packages Mistakenly Flagged as Malicious

08/23/2022
The scans used by the Python Package Index (PyPI) to find malware fail to catch 41% of bad packages, while creating plentiful false positives.

Coalfire Federal Among First Authorized to Conduct CMMC Assessments

08/23/2022
Company fortifies its ability to help organizations prepare and obtain CMMC certification.

Apathy Is Your Company's Biggest Cybersecurity Vulnerability — Here's How to Combat It

08/23/2022
Make security training more engaging to build a strong cybersecurity culture. Here are four steps security and IT leaders can take to avoid the security disconnect.

Meta Takes Offensive Posture With Privacy Red Team

08/23/2022
Engineering manager Scott Tenaglia describes how Meta extended the security red team model to aggressively protect data privacy.

Novant Health Notifies Patients of Potential Data Privacy Incident

08/23/2022
Patients face possible disclosure of protected health information (PHI) to Meta, Facebook's parent company, resulting from an incorrect configuration of an online tracking tool.

Charming Kitten APT Wields New Scraper to Steal Email Inboxes

08/23/2022
Google researchers say the nation-state hacking team is now employing a data-theft tool that targets Gmail, Yahoo, and Microsoft Outlook accounts using previously acquired credentials.

Fake DDoS Protection Alerts Distribute Dangerous RAT

08/22/2022
Adversaries are injecting malicious JavaScript into numerous WordPress websites that triggers phony bot-related checks.