- Defense Evasion Dominated 2019 Attack Tactics
Researchers mapped tactics and techniques to the MITRE ATT&CK framework to determine which were most popular last year.
- Researchers Uncover Unsophisticated – But Creative – Watering-Hole Attack
Holy Water campaign is targeting users of a specific religious and ethnic group in Asia, Kaspersky says.
- Data from 5.2M Marriott Loyalty Program Members Hit by Breach
The data was breached through the credentials of two franchisee employees.
- Latest Security News & Commentary about COVID-19
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
- Why Third-Party Risk Management Has Never Been More Important
Given today's coronavirus pandemic, the need for companies to collect cybersecurity data about their business partners is more critical than ever. Here's how to start.
- Patching Poses Security Problems with Move to More Remote Work
Security teams were not ready for the wholesale move to remote work and the sudden expansion of the attack surface area, experts say.
- Palo Alto Networks to Buy CloudGenix for $420M
Palo Alto Networks plans to integrate CloudGenix's SD-WAN technology into its Prisma SASE platform following the deal.
- Does the 2020 Online Census Account for Security Risk?
Experts discuss the security issues surrounding a census conducted online and explain how COVID-19 could exacerbate the risk.
- How Much Downtime Can Your Company Handle?
Why every business needs cyber resilience and quick recovery times.
- Limited-Time Free Offers to Secure the Enterprise Amid COVID-19
These products and services could be of immediate help to infosec pros now protecting their organizations while working from home.
- Researchers Spot Sharp Increase in Zoom-Themed Domain Registrations
Attackers are attempting to take advantage of the surge in teleworking prompted by COVID-19, Check Point says.
- Microsoft Edge Will Tell You If Credentials Are Compromised
Password Monitor, InPrivate mode, and ad-tracking prevention are three new additions to Microsoft Edge.
- HackerOne Drops Mobile Voting App Vendor Voatz
Bug bounty platform provider cited "Voatz's pattern of interactions with the research community" in its decision to halt the app vendor's vuln disclosure program on HackerOne.
- Untangling Third-Party Risk (and Fourth, and Fifth…)
Third parties bring critical products and services to your organization. They also bring risk that must be understood and managed.
- Securing Your Remote Workforce: A Coronavirus Guide for Businesses
Often the hardest part in creating an effective awareness program is deciding what NOT to teach.
- Malicious USB Drive Hides Behind Gift Card Lure
Victims are being enticed to insert an unknown USB drive into their computers.
- Virgin Media Could Pay GB pound 4.5B for Leak Affecting 900,000 Customers
A misconfigured database holding personal data was left available online between April 2019 and February 2020.
- The Wild, Wild West(world) of Cybersecurity
Though set in the future, HBO's "Westworld" works as an allegory for the present moment in cybersecurity.
- Purported Brute-Force Attack Aims at Linksys Routers as More People Work Remotely
The attack takes control of poorly secured network devices, redirecting Web addresses to a COVID-themed landing page that attempts to fool victims into downloading malware.
- Cyber Version of 'Justice League' Launches to Fight COVID-19 Related Hacks
Goal is to help organizations – especially healthcare entities – protect against cybercriminals trying to take advantage of the pandemic.