Dark Reading

3 Tips for Creating a Security Culture

07/29/2022
Trying to get the whole organization on board with better cybersecurity is much tougher than it may sound.

Patch Now: Atlassian Confluence Bug Under Active Exploit

07/28/2022
Attackers almost immediately leapt on a just-disclosed bug, CVE-2022-26138, affecting Atlassian Confluence, which allows remote, unauthenticated actors unfettered access to Confluence data.

What the White House's Cybersecurity Workforce Plan Should Look Like

07/28/2022
By embracing cybersecurity as a critical part of our national security and education strategy, and working together to invest in opportunities for all, we can create a safer, more secure world.

APT-Like Phishing Threat Mirrors Landing Pages

07/28/2022
By dynamically mirroring an organization’s login page, threat actors are propagating legitimate-looking phishing attacks that encourage victims to offer up access to the corporate crown jewels.

What Women Should Know Before Joining the Cybersecurity Industry

07/28/2022
Three observations about our industry that might help demystify security for women entrants.

1,000s of Phishing Attacks Blast Off From InterPlanetary File System

07/28/2022
The peer-to-peer network IPFS offers an ingenious base for cyberattacks and is seeing a stratospheric increase in malicious hosting.

In a Post-Macro World, Container Files Emerge as Malware-Delivery Replacement

07/28/2022
With Microsoft disabling Office macros by default, threat actors are increasingly using ISO, RAR, LNK, and similar files to deliver malware because they can get around Windows protections.

When Human Security Meets PerimeterX

07/27/2022
Dark Reading's analysis suggests that the merger between Human Security and PerimeterX will bring modern defense strategies to disrupt cybercrime and fraud.

Overcoming the Fail-to-Challenge Vulnerability With a Friendly Face

07/27/2022
Ahead of their Black Hat USA talk in August, Simon Pavitt and Stephen Dewsnip explain the value of helping people practice cyber defense via a "malicious floorwalker" exercise.

Multiple Windows, Adobe Zero-Days Anchor Knotweed Commercial Spyware

07/27/2022
Microsoft flagged the company's Subzero tool set as on offer to unscrupulous governments and shady business interests.

US Offers $10M Double-Reward for North Korea Cyberattacker Info

07/27/2022
North Korean state-sponsored actors, who help economically prop up Kim Jong Un's dictatorship, continue to pummel US infrastructure.

Average Data Breach Costs Soar to $4.4M in 2022

07/27/2022
Call it a "cyber tax": Those costs are usually passed on to consumers, not investors, as compromised businesses raise prices for goods and services.

Is Your Home or Small Business Built on Secure Foundations? Think Again…

07/27/2022
Did you know that the standard router relied upon in homes and by thousands of small businesses is the most frequently attacked IoT device? James Willison, Project and Engagement Manager, IoT Security Foundation, explores the issue and reveals an ongoing initiative from the foundation that is designed to better secure the devices.

First Cohort Graduates from PSM Cyber Stars Program at Liverpool FC

07/27/2022
New careers in IT open up for former footballers.

The Great BizApp Hack: Cyber-Risks in Your Everyday Business Applications

07/27/2022
IT admins can lock some of the obvious open doors in business applications, but system visibility is key. Build automatic monitoring defenses and adopt a Git-like tool so you can "version" your business apps to restore prior states.

8 Hot Summer Fiction Reads for Cybersecurity Pros

07/27/2022
A reading list of recommended novels curated by cybersecurity experts for cybersecurity experts.

Norton Consumer Cyber Safety Pulse Report: Phishing for New Bait on Social Media

07/26/2022
Year-long analysis from Norton Labs finds nearly three-quarters of phishing sites imitate Facebook.