Dark Reading

Critical Start to Buy Advanced Threat Analytics

03/15/2018
Firms previously had teamed up in SOC services.

Palo Alto Buys Evident.io to Secure the Cloud

03/15/2018
The $300 million deal is part of an industry-wide consolidation of cloud, data, and network security companies.

Voice-Operated Devices, Enterprise Security & the 'Big Truck' Attack

03/15/2018
The problem with having smart speakers and digital assistants in the workplace is akin to having a secure computer inside your office while its wireless keyboard is left outside for everyone to use.

(ISC)2 Report: Glaring Disparity in Diversity for US Cybersecurity

03/15/2018
While the average US security salary is $122,000, the average salary for people of color is $115,000, with men identifying as minorities making $6000 more than minority women.

New 'Mac-A-Mal' Tool Automates Mac Malware Hunting & Analysis

03/14/2018
Researchers at Black Hat Asia will demonstrate a new framework they created for catching and studying Apple MacOS malware.

New Hosted Service Lowers Barriers to Malware Distribution

03/14/2018
BlackTDS is a traffic distribution service for directing users to malware and exploit kits based on specific parameters.

77% of Businesses Lack Proper Incident Response Plans

03/14/2018
New research shows security leaders have false confidence in their ability to respond to security incidents.

Segmentation: The Neglected (Yet Essential) Control

03/14/2018
Failure to deploy measures to contain unauthorized intruders is a recipe for digital disaster.

SEC Charges Former Equifax Exec with Insider Trading

03/14/2018
CIO of a US business unit within Equifax had reportedly learned of the company's data breach and sold his shares for nearly $1 million.

Electric Utility Hit with Record Fine for Vulnerabilities

03/14/2018
An unnamed power company has consented to a record fine for leaving critical records exposed.

A Secure Enterprise Starts with a Cyber-Aware Staff

03/14/2018
An attack doesn't have to be super high-tech to cause a lot of damage. Make sure your employees know how to spot an old-fashioned phishing campaign.

Medical Apps Come Packaged with Hardcoded Credentials

03/14/2018
A trio of static accounts in EMR and billing software from DocuTrac can lead to serious vulnerabilities in sensitive data bases.

How to Interpret the SEC's Latest Guidance on Data Breach Disclosure

03/14/2018
Forward-looking organizations should view this as an opportunity to reevaluate their cybersecurity posture and install best practices that should have already been in place.

Microsoft Report Details Different Forms of Cryptominers

03/13/2018
A new report explores different ways legitimate and malicious coin miners are appearing in the enterprise.

Microsoft Patch Tuesday: Prioritize Browser Updates

03/13/2018
All of the critical vulnerabilities Microsoft patched on March 13 were within, and related to, browsers.

AMD Investigating Report of Vulnerabilities in its Microprocessors

03/13/2018
Israel-based firm says it found critical bugs in AMD's newest chip families.

What CISOs Should Know About Quantum Computing

03/13/2018
As quantum computing approaches real-world viability, it also poses a huge threat to today's encryption measures.

Google 'Distrust Dates' Are Coming Fast

03/13/2018
All the tools are in place for the migration of SSL digital certificates on a scale that is unprecedented for the certificate authority industry. Are you ready?

Microsoft Remote Access Protocol Flaw Affects All Windows Machines

03/13/2018
Attackers can exploit newly discovered critical crypto bug in CredSSP via a man-in-the-middle attack and then move laterally within a victim network.

What's the C-Suite Doing About Mobile Security?

03/13/2018
While most companies have security infrastructure for on-premises servers, networks, and endpoints, too many are ignoring mobile security. They'd better get moving.