Dark Reading

OWASP Reshuffles Its Top 10 List, Adds New Categories

09/15/2021
The Open Web Application Security Project reshuffles its list of top threats, putting broken access controls and cryptographic failures at the top and creating three new risk categories.

OMIGOD: Azure Users Warned of Critical OMI Vulnerabilities

09/15/2021
Security researchers share the details of four flaws in Open Management Infrastructure, which is deployed on a large number of Linux virtual machines in Azure.

A Ransomware Recovery Plan That's Solid Gold

09/15/2021
Having a gold copy of critical data offline is essential in every organization's disaster recovery or continuity plan. Follow the 3-2-1-1 rule to secure your data.

ExpressVPN Acquired By Kape Technologies for $936 Million

09/15/2021
Privacy firm Kape says deal will double customer base and broaden reach into consumer VPN market

How Your Printer Is Like Swiss Cheese

09/15/2021
Follow these best practices to avoid the security holes created by these often-overlooked, but ubiquitous, devices.

Microsoft Lets Users Fully Remove Account Passwords

09/15/2021
Users can now delete passwords from their Microsoft account and instead use Windows Hello, Microsoft Authenticator, or physical security keys to log in.

Purchasing Managed Security Services: Strategies for Client References

09/15/2021
There's a scarcity of customers using managed security services who are willing to talk to others about their experiences. Here's how to work with your vendor(s) to leverage their customers' experiences and hard-won wisdom.

Don't Try to Outsmart Cybercriminals. Outnumber Them!

09/15/2021
Why hasn't a problem that's lasted for more than 40 years been solved after hundreds of billions of dollars have been spent? Let's take a new approach.

Microsoft Patches MSHTML Vuln Among 66 CVEs

09/14/2021
This month's Patch Tuesday release addresses a remote code execution bug under active attack and a publicly known flaw in Windows DNS.

API Security Startup Neosec Launches With $20.7M Series A

09/14/2021
Neosec, founded by the security experts behind LightCyber, aims to bring principles from extended detection and response to API security.

Ransomware Operators Ramp Up Pressure on Victims via Multiple Extortion Attacks

09/14/2021
Though overall ransomware attack volumes dipped in the first half of this year, the number of campaigns involving three and four extortion methods increased.

Name That Toon: Congrats! It's a ...

09/14/2021
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Reported Rates of Major Security Incidents by Market

09/14/2021
In the "Proven Success Factors for Endpoint Security" report, Cisco Security shares a global perspective on reported cyber events in the past two years.

Google Patches Chrome Bugs Exploited in the Wild

09/14/2021
CISA advises organizations to patch quickly to protect against zero-day exploits.

Outlining Risks to the World's Vital Cyber-Physical Systems

09/14/2021
The key to protecting these systems is not only to ensure the control environment is secure and protected but also to deploy emerging technologies such as confidential computing.

Nearly 50% of On-Premises Databases Have Vulnerabilities

09/14/2021
A network compromise shouldn't mean "game over" for corporate data, but survey data shows many companies fail to protect their crown jewels.

DHS Secretary Mayorkas Headlines Billington Cybersecurity Summit

09/14/2021
DHS Secretary Mayorkas joins 130+ cyber experts at Billington Cybersecurity Summit that explores ransomware, 5G, zero trust, and more.

Magecart: How Its Attack Techniques Evolved

09/14/2021
Shape-shifting Magecart has shown itself to be highly adaptable in its ability to compromise third-party websites, especially during the pandemic.

Security Fears & Remote Work Drive Continued 2FA Adoption

09/14/2021
Seventy-nine percent of people used two-factor authentication at least once in 2021, with 72% regularly using the technology, as remote work, social media, and online retail spur demand.

Brute-Force Attacks, Vulnerability Exploits Top Initial Attack Vectors

09/13/2021
A new analysis emphasizes how most security incidents can be avoided with strong patch management and password management policies.