Dark Reading

3 Tips for Creating a Security Culture

Trying to get the whole organization on board with better cybersecurity is much tougher than it may sound.

Patch Now: Atlassian Confluence Bug Under Active Exploit

Attackers almost immediately leapt on a just-disclosed bug, CVE-2022-26138, affecting Atlassian Confluence, which allows remote, unauthenticated actors unfettered access to Confluence data.

What the White House's Cybersecurity Workforce Plan Should Look Like

By embracing cybersecurity as a critical part of our national security and education strategy, and working together to invest in opportunities for all, we can create a safer, more secure world.

APT-Like Phishing Threat Mirrors Landing Pages

By dynamically mirroring an organization’s login page, threat actors are propagating legitimate-looking phishing attacks that encourage victims to offer up access to the corporate crown jewels.

What Women Should Know Before Joining the Cybersecurity Industry

Three observations about our industry that might help demystify security for women entrants.

1,000s of Phishing Attacks Blast Off From InterPlanetary File System

The peer-to-peer network IPFS offers an ingenious base for cyberattacks and is seeing a stratospheric increase in malicious hosting.

In a Post-Macro World, Container Files Emerge as Malware-Delivery Replacement

With Microsoft disabling Office macros by default, threat actors are increasingly using ISO, RAR, LNK, and similar files to deliver malware because they can get around Windows protections.

When Human Security Meets PerimeterX

Dark Reading's analysis suggests that the merger between Human Security and PerimeterX will bring modern defense strategies to disrupt cybercrime and fraud.

Overcoming the Fail-to-Challenge Vulnerability With a Friendly Face

Ahead of their Black Hat USA talk in August, Simon Pavitt and Stephen Dewsnip explain the value of helping people practice cyber defense via a "malicious floorwalker" exercise.

Multiple Windows, Adobe Zero-Days Anchor Knotweed Commercial Spyware

Microsoft flagged the company's Subzero tool set as on offer to unscrupulous governments and shady business interests.

US Offers $10M Double-Reward for North Korea Cyberattacker Info

North Korean state-sponsored actors, who help economically prop up Kim Jong Un's dictatorship, continue to pummel US infrastructure.

Average Data Breach Costs Soar to $4.4M in 2022

Call it a "cyber tax": Those costs are usually passed on to consumers, not investors, as compromised businesses raise prices for goods and services.

Is Your Home or Small Business Built on Secure Foundations? Think Again…

Did you know that the standard router relied upon in homes and by thousands of small businesses is the most frequently attacked IoT device? James Willison, Project and Engagement Manager, IoT Security Foundation, explores the issue and reveals an ongoing initiative from the foundation that is designed to better secure the devices.

First Cohort Graduates from PSM Cyber Stars Program at Liverpool FC

New careers in IT open up for former footballers.

The Great BizApp Hack: Cyber-Risks in Your Everyday Business Applications

IT admins can lock some of the obvious open doors in business applications, but system visibility is key. Build automatic monitoring defenses and adopt a Git-like tool so you can "version" your business apps to restore prior states.

8 Hot Summer Fiction Reads for Cybersecurity Pros

A reading list of recommended novels curated by cybersecurity experts for cybersecurity experts.

Norton Consumer Cyber Safety Pulse Report: Phishing for New Bait on Social Media

Year-long analysis from Norton Labs finds nearly three-quarters of phishing sites imitate Facebook.