Dark Reading

NFTs Emerge as the Next Enterprise Attack Vector

05/09/2022
Cybersecurity has to be a top priority as enterprises begin incorporating the use of nonfungible tokens into their business strategies, brand-awareness campaigns, and employee-communication efforts, experts say.

Deloitte Launches Expanded Cloud Security Management Platform

05/09/2022
The CSM by Deloitte platform includes cloud security policy orchestration, cyber predictive analytics, attack surface management, and cyber cloud managed services.

Security Stuff Happens: Where Do You Go From Here?

05/09/2022
Despite what it may feel like when you're in the trenches after a security incident, the world doesn't stop moving. (Part 3 of a series.)

Post-Quantum Cryptography Set to Replace RSA, AES, ECC

05/06/2022
In the next 10 years, public-key encryption needs to be replaced by post-quantum techniques that can stand up to the new challenges.

Ikea Canada Breach Exposes 95K Customer Records

05/06/2022
An unauthorized employee accessed Ikea's customer database, but it's unclear what the intention was.

What We've Learned in the 12 Months Since the Colonial Pipeline Attack

05/06/2022
The attack may have been "a major wake-up call" about the need for greater resilience in IT environments, but have security teams hit the snooze bar one too many times?

Scammer Infects His Own Machine with Spyware, Reveals True Identity

05/06/2022
An operational slip-up led security researchers to an attacker associated with Nigerian letter scams and malware distribution, after he infected himself with Agent Tesla.

White House Moves to Shore Up US Post-Quantum Cryptography Posture

05/06/2022
Biden's executive order pushes new NIST quantum-cryptography standards and directs federal government to move toward quantum-resistant cybersecurity.

AT&T Expands Access to Advanced Secure Edge and Remote Workforce Capabilities

05/06/2022
AT&T SASE with Cisco Meraki offers fully integrated network and security tools for convenient, high-performing, and protected access from anywhere

Passwords: Do Actions Speak Louder Than Words?

05/06/2022
For most of us, passwords are the most visible security control we deal with on a regular basis, but we are not very good at it.

Colonial Pipeline 1 Year Later: What Has Yet to Change?

05/06/2022
The incident was a devastating attack, but it exposed gaps in cybersecurity postures that otherwise would have gone unnoticed.

Microsoft, Apple, and Google Promise to Expand Passwordless Features

05/05/2022
The passwordless future just became closer to reality, as Microsoft, Apple, and Google pledge to make the standard possible across operating systems and browsers.

Heroku: Cyberattacker Used Stolen OAuth Tokens to Steal Customer Account Credentials

05/05/2022
The same attack that allowed a threat actor to steal data from private Heroku GitHub repositories also resulted in the compromise of customer credentials, the company now says.

NIST Issues Guidance for Addressing Software Supply-Chain Risk

05/05/2022
Amid ongoing software supply-chain jitters, the US' top tech division is offering a finalized, comprehensive cybersecurity control framework for managing risk.

A Third of Americans Use Easy-to-Guess Pet Passwords

05/05/2022
Far too many turn to Jingles, Mittens, or Bella for password inspiration, given that these are some of the easiest passwords to crack.

Critical Cisco VM-Escape Bug Threatens Host Takeover

05/05/2022
The vendor also disclosed two other security vulnerabilities that would allow remote, unauthenticated attackers to inject commands as root and snoop on sensitive user information.

FBI: Bank Losses From BEC Attacks Top $43B

05/05/2022
Law enforcement attributes a recent 65% spike in BEC attack losses to COVID-19 restrictions and the ongoing reality of a remote workforce.

Magnet Forensics Acquires Cybersecurity Software Firm Comae Technologies

05/05/2022
The company will continue the development of Comae’s memory analysis platform and seek to incorporate its capabilities into existing solutions

Cisco Announces Cloud Controls Framework Is Now Available to Public

05/05/2022
The Cisco CCF helps save resources by enabling organizations to achieve cloud security certifications more efficiently.

Multichannel Phishing Concerns Cybersecurity Leaders in 2022

05/05/2022
With 80% of companies using cloud collaboration tools, cybercriminals are using multichannel phishing attacks to exploit security gaps in the hybrid work model.