Dark Reading

Consumers Share Security Fears as Risky Behaviors Persist

09/24/2021
While most US adults know they aren't sufficiently protecting their data online, many find security time-consuming or don't know the steps they should take.

TangleBot Campaign Underscores SMS Threat

09/24/2021
The attack targets Android devices and starts with a malicious SMS message that aims to bring malware onto compromised devices.

Contrast Application Security Platform Scales to Support OWASP Risks

09/24/2021
Contrast's platform detects and prevents against OWASP Top Ten risks from development to production with out-of-the-box policy rules and automated compliance reporting.

Our Eye Is on the SPARROW

09/24/2021
How unauthorized users can exploit wireless infrastructures for covert communication.

Endpoint Still a Prime Target for Attack

09/24/2021
A vast majority of security professionals surveyed think any exploit will start with the endpoint.

Google Spots New Technique to Sneak Malware Past Detection Tools

09/23/2021
The operator behind OpenSUpdater is using a new way to sneak adware and other malware past security tools.

Primer: Microsoft Active Directory Security for AD Admins

09/23/2021
Nearly all AD environments are vulnerable to identity attack paths -- a powerful, widespread, and difficult-to-detect attack technique. But we didn't say impossible. Here's how admins can stop them.

FamousSparrow APT Group Flocks to Hotels, Governments, Businesses

09/23/2021
The cyber espionage group has a custom backdoor and has added the ProxyLogon Microsoft Exchange flaw to its toolkit.

SAIC Appoints Kevin Brown as Chief Information Security Officer

09/23/2021
Industry leader with decades of information security experience manages SAIC’s security strategy and oversees critical cybersecurity operations.

Supply Chain and Ransomware Threats Drove 60% Increase in Global Cyber Intelligence Sharing Among Financial Firms

09/23/2021
AMEX, Banco Falabella, IAG, and UBS win global award for annual cyber intelligence sharing efforts.

BlackFog ARM 64 Edition Provides Anti Data Exfiltration Across New Patforms

09/23/2021
New BlackFog ARM 64 edition maximizes performance, battery life, and data security.

Apple Patches Zero-Days in iOS, Known Vuln in macOS

09/23/2021
One of the iOS vulnerabilities was discovered by Citizen Lab; the Google Threat Analysis Group reported iOS and macOS flaws.

Microsoft Exchange Autodiscover Flaw Leaks Thousands of Credentials

09/23/2021
Researchers claim to have accessed hundreds of thousands of Windows credentials using a bug in the Autodiscover protocol.

How to Implement a Security Champions Program

09/23/2021
A Security Champions program is a great way to enhance security maturity, reduce vulnerabilities, and make security top of mind throughout the business.

Panorays Closes $42 Million Series B Funding Round

09/23/2021
Funding comes on the heels of 500% growth in client base.

NIST Brings Threat Modeling into the Spotlight

09/23/2021
NIST recommendations typically become part of government procurement, which means threat modeling will soon be written into questions for organizations that sell to the federal government.

Password Reuse Problems Persist Despite Known Risks

09/22/2021
The vast majority of users worry about compromised passwords, but two-thirds continue to use the same password or a variation, a survey finds.

What Are the Different Types of Cyber Insurance?

09/22/2021
Even with the best cybersecurity defenses in place, organizations can fall victim to a cyberattack.

6 Lessons From Major Data Breaches This Year

09/22/2021
Though many incidents stemmed from familiar security failures, they served up — or resurfaced — some important takeaways.

Who Is BlackMatter?

09/22/2021
Researchers piece together the origins of the group that made headlines this week as the perpetrator behind a ransomware attack on New Cooperative.