Dark Reading

Cyber Analytics Database Exposed 5 Billion Records Online

06/14/2021
In an ironic twist, Cognyte's data alerts customers to third-party data exposures.

Google Workspace Adds Client-Side Encryption

06/14/2021
Users given control over encryption keys, Google says.

New Top 20 Secure-Coding List Positions PLCs as Plant 'Bodyguards'

06/14/2021
Best practices guide encompasses integrity, hardening, resilience, and monitoring of PLCs in industrial networks.

Know Thy Enemy: Fighting Half-Blind Against Ransomware Won't Work

06/14/2021
We lack reliable, representative, actionable data about ransomware's actual scope, scale, and impact. The Ransom Incident Response Network could change that.

Name That Toon: Sight Unseen

06/14/2021
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.

Colonial Pipeline Cyberattack Proves a Single Password Isn't Enough

06/14/2021
Since the attack, it's been revealed that it was down to a single password. Yes, ransomware needs to be on your radar -- but a focus on credentials is vital.

Trickbot Investigation Shows Details of Massive Cybercrime Effort

06/11/2021
Nearly a score of cybercriminals allegedly worked together to create the Trickbot malware and deploy it against more than a million users, an unsealed indictment claims.

McDonald's Data Breach Exposed Business & Customer Data

06/11/2021
An investigation has revealed company data has been breached in the United States, South Korea, and Taiwan.

Details Emerge on How Gaming Giant EA Was Hacked

06/11/2021
Hacking group stole source code to FIFA 21 and the company's Frostbite engine.

Many Mobile Apps Intentionally Using Insecure Connections for Sending Data

06/11/2021
A new analysis of iOS and Android apps released to Apple's and Google's app stores over the past five years found many to be deliberately breaking HTTPS protections.

Secure Access Trade-offs for DevSecOps Teams

06/11/2021
Thanks to recent advancements in access technologies, everyone can apply identity-based authentication and authorization and zero-trust principles for their computing resources.

New Ransomware Group Claiming Connection to REvil Gang Surfaces

06/10/2021
'Prometheus' is the latest example of how the ransomware-as-a-service model is letting new gangs scale up operations quickly.

'Fancy Lazarus' Criminal Group Launches DDoS Extortion Campaign

06/10/2021
The group has re-emerged after a brief hiatus with a new email campaign threatening a DDoS attack against businesses that don't pay ransom.

Healthcare Device Security Firm COO Charged with Hacking Medical Center

06/10/2021
Vikas Singla, chief operating officer of security firm that provides products and services to the healthcare industry, faces charges surrounding a cyberattack he allegedly conducted against Duluth, Ga.-based Gwinnett Medial Center.

JBS CEO Says Company Paid $11M in Ransom

06/10/2021
The decision to pay attackers was a difficult one, CEO Andre Nogueira said in a statement.

'Beware the Lady Named Katie'

06/10/2021
A semester-long course boiled down to two minutes and 45 seconds.

The Workforce Shortage in Cybersecurity Is a Myth

06/10/2021
What we really have is an automation-in-the-wrong-place problem.

Intl. Law Enforcement Operation Disrupts Slilpp Marketplace

06/10/2021
A seizure warrant affidavit unsealed today states Slilpp had sold allegedly stolen login credentials since 2012.

Deepfakes Are on the Rise, but Don't Panic Just Yet

06/10/2021
Deepfakes will likely give way to deep suspicion, as users try to sort legitimate media from malicious.

11 Cybersecurity Vendors to Watch in 2021

06/10/2021
The cybersecurity landscape continues to spawn new companies and attract new investments. Here is just a sampling of what the industry has to offer.