Dark Reading

CISA Launches New Website to Aid Ransomware Defenders

07/15/2021
StopRansomware.gov provides information to help organizations protect against, and respond to, ransomware attacks.

Microsoft: Israeli Firm's Tools Used to Target Activists, Dissidents

07/15/2021
Candiru sold spyware that exploited Windows vulnerabilities and had been used in attacks against dissidents, activists, and journalists.

IoT-Specific Malware Infections Jumped 700% Amid Pandemic

07/15/2021
Gafgyt and Mirai malware represented majority of IoT malware, new data from Zscaler shows.

How to Bridge On-Premises and Cloud Identity

07/15/2021
Identity fabric, a cloud-native framework, removes the need for multiple, siloed, proprietary identity systems.

What to Look for in an Effective Threat Hunter

07/15/2021
The most important personality traits, skills, and certifications to look for when hiring a threat hunting team.

SonicWall: 'Imminent' Ransomware Attack Targets Older Products

07/14/2021
The attack exploits a known vulnerability that was fixed in new versions of firmware released this year.

Google to Bring HTTPS-First Mode to Chrome Browser

07/14/2021
Beginning in M94, Chrome will offer HTTPS-First Mode, which will attempt to upgrade all page loads to HTTPS.

Targeted Attack Activity Heightens Need for Orgs. to Patch New SolarWinds Flaw

07/14/2021
A China-based threat actor -- previously observed targeting US defense industrial base organizations and software companies -- is exploiting the bug in SolarWinds' Serv-U software, Microsoft says.

Did the Cybersecurity Workforce Gap Distract Us From the Leak?

07/14/2021
Cyber games can play a critical role in re-engaging our workforce and addressing the employee retention crisis.

10 Mistakes Companies Make In Their Ransomware Responses

07/14/2021
Hit by ransomware? These missteps can take a bad scenario and make it even worse.

4 Integrated Circuit Security Threats and How to Protect Against Them

07/14/2021
Little-understood threats involving the IC supply chain are putting organizations around the world at risk.

New Phishing Campaign Targets Individuals of Interest to Iran

07/13/2021
TA453 group spoofed two scholars at University of London to try and gain access to email inboxes belonging to journalists, think tank personnel, academics, and others, security vendor says.

Microsoft Patches 3 Windows Zero-Days Amid 117 CVEs

07/13/2021
The July Patch Tuesday release also includes the out-of-band fix for the Windows Print Spooler remote code execution flaw under attack.

DoD-Validated Data Security Startup Emerges From Stealth

07/13/2021
The Code-X platform has been tested by the US Department of Defense and members of the intelligence community.

Why We Need to Raise the Red Flag Against FragAttacks

07/13/2021
Proliferation of wireless devices increases the risk that corporate networks will be attacked with this newly discovered breed of Wi-Fi-based cyber assault.

Enterprises Altering Their Supply Chain Defenses on Heels of Latest Breaches

07/13/2021
More than half of enterprises surveyed for Dark Reading's State of Malware Threats report indicate they are making at least a few changes to their supply chain security defenses following recent attacks on software vendors such as SolarWinds.

Can Government Effectively Help Businesses Fight Cybercrime?

07/13/2021
From the Biden administration's pledge to take action to INTERPOL's focus on ransomware as a global threat, governments are looking to help businesses cope with cyberattacks. But can it really work?

The Trouble With Automated Cybersecurity Defenses

07/13/2021
While there's enormous promise in AI-powered tools and machine learning, they are very much a double-edged sword.

Tool Sprawl & False Positives Hold Security Teams Back

07/13/2021
Security teams spend as much time addressing false positive alerts as they do addressing actual cyberattacks, survey data shows.

SolarWinds Discloses Zero-Day Under Active Attack

07/12/2021
The company confirms this is a new vulnerability that is not related to the supply chain attack discovered in December 2020.