Category: Dark Reading

Stop Blaming the End User for Security Risk

Don’t count on securing end users for system security. Instead, focus on better securing the systems — make them closed by default and build with a security-first approach. This article has been indexed from Dark Reading Read the original article:…

Spera Takes Aim at Identity Security Posture Management

ISPM is a combination of identity attack surface management, and risk reduction, as well as identity threat prevention, detection, and response. This article has been indexed from Dark Reading Read the original article: Spera Takes Aim at Identity Security Posture…

Spira Takes Aim at Identity Security Posture Management

ISPM is a combination of identity attack surface management, and risk reduction, as well as identity threat prevention, detection, and response. This article has been indexed from Dark Reading Read the original article: Spira Takes Aim at Identity Security Posture…

Trojan-Rigged Tor Browser Bundle Drops Malware

Attackers are targeting cryptocurrency accounts belonging to users in Russia and more than 50 other countries. This article has been indexed from Dark Reading Read the original article: Trojan-Rigged Tor Browser Bundle Drops Malware

Phishing Emails Up a Whopping 569% in 2022

Credential phishing emails are the clear favorite of threat actors, with a 478% spike last year, new research shows. This article has been indexed from Dark Reading Read the original article: Phishing Emails Up a Whopping 569% in 2022

The CISO Mantra: Get Ready to Do More With Less

For the foreseeable future, with the spigots closing shut, CISOs will need to find ways to do more with less. This article has been indexed from Dark Reading Read the original article: The CISO Mantra: Get Ready to Do More…

How Does Data Literacy Enhance Data Security?

With the rise in cloud-based security concerns and other issues, organizations must improve data literacy across the enterprise. This article has been indexed from Dark Reading Read the original article: How Does Data Literacy Enhance Data Security?

How CISOs Can Reduce the Danger of Using Data Brokers

Without proof that it was collected legally, purchased data can threaten an enterprise’s security compliance and may expose the company to litigation. This article has been indexed from Dark Reading Read the original article: How CISOs Can Reduce the Danger…

Drive to Pervasive Encryption Boosts Key Management

Key vaults, aka key management as a service (KMaaS), promise to allow companies to encrypt sensitive data across cloud and third parties with granular control. This article has been indexed from Dark Reading Read the original article: Drive to Pervasive…

Cybersecurity vs. Everyone: From Conflict to Collaboration

Don’t assume stakeholders outside security understand your goals and priorities, but consider how you’ll communicate with them to gain their support. This article has been indexed from Dark Reading Read the original article: Cybersecurity vs. Everyone: From Conflict to Collaboration

Malicious ChatGPT Extensions Add to Google Chrome Woes

The second malicious ChatGPT extension for Chrome has been discovered, giving malicious actors access to users’ Facebook accounts through stolen cookies. This article has been indexed from Dark Reading Read the original article: Malicious ChatGPT Extensions Add to Google Chrome…

Red Teaming at Scale to Uncover Your Big Unknowns

A contrarian mindset with applied imagination allows security professionals to assess problems in their organization, prevent failure, or mitigate vulnerabilities. This article has been indexed from Dark Reading Read the original article: Red Teaming at Scale to Uncover Your Big…

MITRE Rolls Out Supply Chain Security Prototype

Cloud-based System of Trust application now available for test-driving quantitative risk assessment of suppliers of hardware, software, services. This article has been indexed from Dark Reading Read the original article: MITRE Rolls Out Supply Chain Security Prototype

The Board of Directors Will See You Now

Help the board understand where the business is vulnerable, where controls end, and where exposure begins. This article has been indexed from Dark Reading Read the original article: The Board of Directors Will See You Now

Okta Post-Exploitation Method Exposes User Passwords

Accidentally typing a password in the username field of the platform saves them to audit logs, to which threat actors can gain access and use to compromise enterprise services. This article has been indexed from Dark Reading Read the original…

BreachForums Shuts Down in Wake of Leader’s Arrest

Administrator shutters the forum on fears that it had been breached by federal authorities but assured members it’s not the end for the popular underground hacking site. This article has been indexed from Dark Reading Read the original article: BreachForums…

10 Vulnerabilities Types to Focus On This Year

A new Tech Insight report examines how the enterprise attack surface is expanding and how organizations must deal with vulnerabilities in emerging technologies. This article has been indexed from Dark Reading Read the original article: 10 Vulnerabilities Types to Focus…

How to Keep Incident Response Plans Current

Review and update plans to minimize recovery time. Practice and a well-thumbed playbook that considers different scenarios will ensure faster recovery of critical data. This article has been indexed from Dark Reading Read the original article: How to Keep Incident…

.NET Devs Targeted With Malicious NuGet Packages

In a possible first for the NuGet repository, more than a dozen components in the .NET code repository run a malicious script upon installation, with no warning or alert. This article has been indexed from Dark Reading Read the original…

Cyberpion Rebrands As IONIX

IONIX illuminates exploitable risks across the real attack surface and its digital supply chain providing security teams with critical focus to accelerate risk reduction. This article has been indexed from Dark Reading Read the original article: Cyberpion Rebrands As IONIX

Renowned Researcher Kelly Lum Passes Away

The application security expert, who went by “@aloria,” is being remembered for her brilliance and generosity, as tributes start to pour in honoring her life. This article has been indexed from Dark Reading Read the original article: Renowned Researcher Kelly…

Name That Toon: It’s E-Live!

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. This article has been indexed from Dark Reading Read the original article: Name That Toon: It’s E-Live!

ChatGPT Gut Check: Cybersecurity Threats Overhyped or Not?

UK cybersecurity authorities and researchers tamp down fears that ChatGPT will overwhelm current defenses, while the CEO of OpenAI worries about its use in cyberattacks. This article has been indexed from Dark Reading Read the original article: ChatGPT Gut Check:…

AI Has Your Business Data

No-code has lowered the barrier for non-developers to create applications. AI will completely eliminate it. This article has been indexed from Dark Reading Read the original article: AI Has Your Business Data

Cops Nab BreachForums Boss in New York

The alleged mastermind of hacker forum Breach Forums, “pompompurin,” has been arrested in New York City, according to court documents. This article has been indexed from Dark Reading Read the original article: Cops Nab BreachForums Boss in New York

Cyberattackers Hoop NBA Fan Data via Third-Party Vendor

The basketball playoffs are around the corner and convincing social-engineering attacks on fans using NBA-themed lures could be too. This article has been indexed from Dark Reading Read the original article: Cyberattackers Hoop NBA Fan Data via Third-Party Vendor

The Ethics of Network and Security Monitoring

The chances of getting hacked are no longer low. Companies need to rethink their data collection and monitoring strategies to protect employee privacy and corporate integrity. This article has been indexed from Dark Reading Read the original article: The Ethics…

$3B Crypto-Mixer Money Laundering Operation Seized by Cops

The ‘ChipMixer’ cryptocurrency service for cybercriminals was shut down by law enforcement, and its alleged operator has been charged. This article has been indexed from Dark Reading Read the original article: $3B Crypto-Mixer Money Laundering Operation Seized by Cops

$3B Crypto Laundering Operation Seized by Cops

The ChipMixer cryptocurrency service for cybercriminals was shut down by law enforcement and its alleged operator charged. This article has been indexed from Dark Reading Read the original article: $3B Crypto Laundering Operation Seized by Cops

How Do Attackers Hijack Old Domains and Subdomains?

Here is a cautionary tale of what happens if side-projects or sections of the website becomes obsolete. If you don’t remove them, someone might hijack your subdomain. This article has been indexed from Dark Reading Read the original article: How…

How do attackers hijack old domains and subdomains?

Here is a cautionary tale of what happens if side-projects or sections of the website becomes obsolete. If you don’t remove them, someone might hijack your subdomain. This article has been indexed from Dark Reading Read the original article: How…

Hornetsecurity Launches VM Backup V9

Hornetsecurity research highlights that more than 1 in 4 companies have fallen victim to ransomware attacks, with 14.1% losing data and 6.6% paying a ransom. This article has been indexed from Dark Reading Read the original article: Hornetsecurity Launches VM…

Cyberattackers Continue Assault Against Fortinet Devices

Patched earlier this month, a code-execution vulnerability is the latest FortiOS weakness to be exploited by attackers, who see the devices as well-placed targets for initial access operations. This article has been indexed from Dark Reading Read the original article:…