Category: Dark Reading

Why Security Practitioners Should Understand Their Business

The sooner CISOs become proactive in understanding the flip side of the organizations they protect, the better they’ll be at their jobs. This article has been indexed from Dark Reading Read the original article: Why Security Practitioners Should Understand Their…

How Patch Tuesday Keeps the Beat After 20 Years

Patch Tuesday turned security updates from chaotic events into a routine. Here’s how we got here, and where things might be heading. This article has been indexed from Dark Reading Read the original article: How Patch Tuesday Keeps the Beat…

Microsoft Zero-Day Bugs Allow Security Feature Bypass

Security vendors urge organizations to fix the actively exploited bugs, in Microsoft Outlook and the Mark of the Web feature, immediately. This article has been indexed from Dark Reading Read the original article: Microsoft Zero-Day Bugs Allow Security Feature Bypass

LockBit Threatens to Leak Stolen SpaceX Schematics

The ransomware group sent a message directly to Elon Musk: Pay or the confidential SpaceX information goes up for grabs on the Dark Web. This article has been indexed from Dark Reading Read the original article: LockBit Threatens to Leak…

Orgs Have a Long Way to Go in Securing Remote Workforce

Organizations recognize they are responsible for protecting remote workers from cyber threats, but they have a long way to go in deploying the necessary security technologies. This article has been indexed from Dark Reading Read the original article: Orgs Have…

5 Lessons Learned From Hundreds of Penetration Tests

Developers must balance creativity with security frameworks to keep applications safe. Correlating business logic with security logic will pay in safety dividends. This article has been indexed from Dark Reading Read the original article: 5 Lessons Learned From Hundreds of…

BlackLotus Secure Boot Bypass Malware Set to Ramp Up

BlackLotus is the first in-the-wild malware to exploit a vulnerability in the Secure Boot process on Windows, and experts expect copycats and imminent increased activity. This article has been indexed from Dark Reading Read the original article: BlackLotus Secure Boot…

Avast Introduces Avast One Platinum

New premium service provides all-in-one personal protection beyond device security to include identity restoration and unlimited 24/7 tech support. This article has been indexed from Dark Reading Read the original article: Avast Introduces Avast One Platinum

AT&T Vendor Breach Exposes Data on 9M Wireless Accounts

AT&T is notifying customers of a Customer Proprietary Network Information compromise, exposing years-old upgrade details. This article has been indexed from Dark Reading Read the original article: AT&T Vendor Breach Exposes Data on 9M Wireless Accounts

5 Reasons You Should Care About Unmanaged Assets

Unmanaged devices pose a significant challenge and risk for many organizations. Here are the five reasons you should care about unmanaged devices and assets. This article has been indexed from Dark Reading Read the original article: 5 Reasons You Should…

How to Jump-Start Your Cybersecurity Career

With more than 700,000 cybersecurity jobs available, now is a good time to consider a career change. This article has been indexed from Dark Reading Read the original article: How to Jump-Start Your Cybersecurity Career

5 Critical Components of Effective ICS/OT Security

These agile controls and processes can help critical infrastructure organizations build an ICS security program tailored to their own risk profile. This article has been indexed from Dark Reading Read the original article: 5 Critical Components of Effective ICS/OT Security

Emotet Resurfaces Yet Again After 3-Month Hiatus

More than two years after a major takedown by law enforcement, the threat group is once again proving just how impervious it is against disruption attempts. This article has been indexed from Dark Reading Read the original article: Emotet Resurfaces…

Lacework Launches Secured by Women Initiative

For International Women’s Month, new ongoing initiative is aimed at celebrating women and bringing visibility to those making cybersecurity history. This article has been indexed from Dark Reading Read the original article: Lacework Launches Secured by Women Initiative

Tech Giants Go Cloud-Native Shopping

Cisco’s acquisition of cloud-native firewall provider Valtix and HPE’s deal to buy SSE provider Axis Security fill gaps in their existing portfolios. This article has been indexed from Dark Reading Read the original article: Tech Giants Go Cloud-Native Shopping

Acer Confirms Data Offered Up for Sale Was Stolen

An Acer statement confirms that a document server for repair techs was compromised, but says customer data doesn’t appear to be part of the leak. This article has been indexed from Dark Reading Read the original article: Acer Confirms Data…

Hacker Cracks Toyota Customer Search Tool

Flaw in Toyota’s C360 customer relationship management tool exposed personal data of unknown number of customers in Mexico, a disclosure says. This article has been indexed from Dark Reading Read the original article: Hacker Cracks Toyota Customer Search Tool

Scams Security Pros Almost Fell For

By working together as an industry, we can develop the technologies needed to account for human error. This article has been indexed from Dark Reading Read the original article: Scams Security Pros Almost Fell For

Cyber Security Works to Rebrand As Securin Inc.

Securin Inc. will provide tech-enabled security solutions, vulnerability intelligence and deep domain expertise. This article has been indexed from Dark Reading Read the original article: Cyber Security Works to Rebrand As Securin Inc.

NIST’s Quantum-Proof Algorithm Has a Bug, Analysts Say

A team has found that the Crystals-Kyber encryption algorithm is open to side-channel attacks, under certain implementations. This article has been indexed from Dark Reading Read the original article: NIST’s Quantum-Proof Algorithm Has a Bug, Analysts Say

Rapid7 Brings Threat Intel Data to USF Cybersecurity Lab

The Rapid7 Cyber Threat Intelligence Laboratory at the University of South Florida will provide data on real-world threats for faculty and students to use in their research. This article has been indexed from Dark Reading Read the original article: Rapid7…

Indigo Books Refuses LockBit Ransomware Demand

Canada’s largest bookseller rejected the pressure of the ransomware gang’s countdown timer, despite data threats. This article has been indexed from Dark Reading Read the original article: Indigo Books Refuses LockBit Ransomware Demand

Polish Politician’s Phone Patrolled by Pegasus

A mayor backing Polish opposition elections in parliament has been targeted by special services with Pegasus spyware. This article has been indexed from Dark Reading Read the original article: Polish Politician’s Phone Patrolled by Pegasus

Chick-fil-A Customers Have a Bone to Pick After Account Takeovers

A two-month-long automated credential-stuffing campaign exposed personal information of Chick-fil-A customers, including birthdays, phone numbers, and membership details. This article has been indexed from Dark Reading Read the original article: Chick-fil-A Customers Have a Bone to Pick After Account Takeovers

3 Ways Security Teams Can Use IP Data Context

Innocently or not, residential proxy networks can obscure the actual geolocation of an access point. Here’s why that’s not great and what you can do about it. This article has been indexed from Dark Reading Read the original article: 3…

Chick-fil-A Gives Customers a Bone to Pick After Data Breach

A two-month-long automated credential-stuffing campaign exposed personal information of Chick-fil-A customers, including birthdays, phone numbers, and membership details. This article has been indexed from Dark Reading Read the original article: Chick-fil-A Gives Customers a Bone to Pick After Data Breach

IBM Contributes Supply Chain Security Tools to OWASP

License Scanner and SBOM Utility will boost the capabilities of OWASP’s CycloneDX Software Bill of Materials standard. This article has been indexed from Dark Reading Read the original article: IBM Contributes Supply Chain Security Tools to OWASP

BlackLotus Bookit Found Targeting Windows 11

Sold for around $5,000 in hacking forums, the BlackLotus UEFI bootkit is capable of targeting even updated systems, researchers find. This article has been indexed from Dark Reading Read the original article: BlackLotus Bookit Found Targeting Windows 11

On Shaky Ground: Why Dependencies Will Be Your Downfall

There’s never enough time or staff to scan code repositories. To avoid dependency confusion attacks, use automated CI/CD tools to make fixes in hard-to-manage software dependencies. This article has been indexed from Dark Reading Read the original article: On Shaky…