Dark Reading

Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?

06/17/2021
Consider four factors and behaviors that impact a particular employee's risk, and how security training should take them into account.

Mission Critical: What Really Matters in a Cybersecurity Incident

06/17/2021
The things you do before and during a cybersecurity incident can make or break the success of your response.

Ukraine Police Disrupt Cl0p Ransomware Operation

06/16/2021
Growing list of similar actions in recent months may finally be scaring some operators into quitting, but threat is far from over, security experts say.

Ransomware Operators' Strategies Evolve as Attacks Rise

06/16/2021
Security researchers find ransomware operators rely less on email and more on criminal groups for initial access into target networks.

Biden Tells Putin Critical Infrastructure Sectors 'Off Limits' to Russian Hacking

06/16/2021
President Joe Biden said he and Russian President Vladimir Putin agreed to discuss boundaries in cyber activity.

Security Flaw Discovered In Peloton Equipment

06/16/2021
The vulnerability could give attackers remote root access to the bike's tablet, researchers report.

Cars, Medicine, Electric Grids: Future Hackers Will Hit Much More Than Networks in an IT/OT Integrated World

06/16/2021
Intelligent systems must include the right cybersecurity protections to prevent physical threats to operational technology.

Russian National Convicted on Charges Related to Kelihos Botnet

06/16/2021
Oleg Koshkin was arrested in 2019 and faces a maximum penalty of 15 years in prison, the DoJ reports.

Is an Attacker Living Off Your Land?

06/16/2021
Living-off-the-land attacks pose significant risks to organizations and, on top of that, are difficult to detect. Learn the basics about how these attacks operate and ways to limit their damage.

Keeping Your Organization Secure When Dealing With the Unexpected

06/16/2021
There's no way to anticipate every possible scenario, but the right approach to business continuity can help you respond effectively in any situation.

Don't Get Stymied by Security Indecision

06/16/2021
You might be increasing cyber-risk by not actively working to reduce it.

Thousands of VMware vCenter Servers Remain Open to Attack Over the Internet

06/15/2021
Three weeks after company disclosed two critical vulnerabilities in the workload management utility, many organizations have not patched the technology yet, security vendor says.

Microsoft Disrupts Large-Scale BEC Campaign Across Web Services

06/15/2021
Attackers had used the cloud-based infrastructure to target mailboxes and add forwarding rules to learn about financial transactions.

Security Experts Scrutinize Apple, Amazon IoT Networks

06/15/2021
Both companies have done their due diligence in creating connected-device networks, but the pervasiveness of the devices worries some security researchers.

Andariel Group Targets South Korean Entities in New Campaign

06/15/2021
Andariel, designated as a sub-group of the Lazarus Group APT, has historically targeted South Korean organzations.

Deloitte Buys Terbium Labs to Expand Threat Intel Capabilities

06/15/2021
Terbium Labs' products and services will become part of Deloitte's Detect & Respond lineup, the company confirms.

What Industrial Control System Vulnerabilities Can Teach Us About Protecting the Supply Chain

06/15/2021
Older technologies used in industrial and critical infrastructure leave the sector highly vulnerable to attack, but organizations can take steps to better protect themselves.

How President Biden Can Better Defend the US From Russian Hacks

06/15/2021
Wilson Center cybersecurity expert Meg King pinpoints five ambitious steps the administration should take, including a comprehensive national data breach notification protocol.

How Does the Government Buy Its Cybersecurity?

06/15/2021
The federal government is emphasizing cybersecurity regulation, education, and defense strategies this year.

VPN Attacks Surged in First Quarter

06/14/2021
But volume of malware, botnet, and other exploit activity declined because of the Emotet botnet takedown.