Dark Reading

Cut Down on Alert Overload and Leverage Layered Security Measures

03/17/2022
Feeling overwhelmed by the number of alerts? It doesn't have to be that way.

Enhancing DLP With Natural Language Understanding for Better Email Security

03/16/2022
Natural language understanding is well-suited for scanning enterprise email to detect and filter out spam and other malicious content. Armorblox introduces a data loss prevention service to its email security platform using NLU.

How Pen Testing Gains Critical Security Buy-in and Defense Insight

03/16/2022
It's more important than ever for companies to challenge their defenses, learning about new gaps and opportunities for improvement along the way.

4 Critical Capabilities for a SaaS Security Posture Management (SSPM) Solution

03/16/2022
The need for deep visibility and remediation for SaaS security settings is critical. If you're considering a SaaS Security Posture Management solution, here’s a checklist of what to look for.

CSC Unveils 3D Domain Monitoring Solution on DomainSec Platform

03/16/2022
Continuing CSC research indicates over 70% of brand-specific domains are fake.

Microsoft the No. 1 Most-Spoofed Brand in Phishing Attacks

03/16/2022
New Barracuda Networks data shows attackers sent some 3 million emails from around 12,000 pilfered accounts.

What the Newly Signed US Cyber-Incident Law Means for Security

03/16/2022
Bipartisan cybersecurity legislation comes amid increased worries over ransomware, and fears of cyberattacks from Russia in the wake of its invasion of Ukraine.

VPNs Give Russians an End Run Around Censorship

03/16/2022
As the invasion of Ukraine continues, Russian citizens have turned to virtual private networks — boosting demand for the software by 27x — to circumvent the government's blocks on social media and news sites critical of the war.

Russia State-Sponsored Hackers Used Misconfigured MFA to Breach NGO

03/16/2022
FBI and CISA warn of attack on multifactor authentication account to exploit "PrintNightmare" exploit.

Would 'Cyber Geneva Conventions' Defuse Online Aggression?

03/16/2022
International treaties could force nation-states to police bad actors within their borders to avoid penalties.

How Should My Security Analyst Use the MITRE ATT&CK Framework?

03/16/2022
As a curated knowledgebase for adversary behavior, the MITRE ATT&CK framework can guide defenders on how to conduct an investigation and the order of things to look for.

What Kind Of Security Tools Should I Provide My Developers?

03/15/2022
Who says developers don't care about security? Give them the tools to help them build security into their code.

Private Equity Firm Snaps Up RSA Conference

03/15/2022
Crosspoint Capital Partners, along with Clearlake Capital Group and Symphony Technology Group, are setting up RSA Conference as a separate company from RSA Security.

NAS Vendor Says Several of Its Products Likely Contain Linux 'Dirty Pipe' Flaw

03/15/2022
QNAP's disclosure this week is the latest reminder of the potentially wide impact of privilege escalation flaw in the Linux kernel.

Mobile App Developers Leave Behind 2,100 Open Databases

03/15/2022
A simple request to the VirusTotal scanning service reveals thousands of mobile-application databases left open to the public by developers in a three-month period.

Incognia Introduces New Location Identity Fraud Detection Tools

03/15/2022
Modules include Location Spoofing Detection, Global Mobile Address Validation, and Trusted Device Intelligence.

Praetorian Launches Chariot Total Attack Life Cycle Solution

03/15/2022
New platform combines AI-based attack surface management automation with offensive security managed services to identify exposures and prioritize risk management.

OneLayer Secures $8.2M Seed Round to Protect Private 5G Networks

03/15/2022
OneLayer plans to use the funds to build its product suite.

Fortress Information Security’s New Trust Center Allows Suppliers to Bridge the Cyber Communication Gap with Patrons

03/15/2022
Suppliers participating in the A2V Library now have a powerful new information-sharing tool.

e2e-assure Launches New Microsoft Defender-Focused SOC Services

03/15/2022
They are aimed at helping organizations kickstart their cyber-risk management.