AWS CISO Talks Risk Reduction, Development, Recruitment
Steve Schmidt says limiting access to data has dramatically changed the security posture across Amazon Web Services.
Author Archives: Kelly Sheridan Staff Editor, Dark Reading
A Socio-Technical Approach to Cybersecurity’s Problems
Researchers explore how modern security problems can be solved with an examination of society, technology, and security.
Cyber-Risks Hiding Inside Mobile App Stores
As the number of blacklisted apps on Google Play continues to drop, attackers find new ways to compromise smartphones.
With GDPR’s ‘Right of Access,’ Who Really Has Access?
How a security researcher learned organizations willingly hand over sensitive data with little to no identity verification.
As Cloud Adoption Grows, DLP Remains Key Challenge
As businesses use the cloud to fuel growth, many fail to enforce data loss prevention or control how people share data.
How Fraudulent Domains ‘Hide in Plain Sight’
Cybercriminals use new types of top-level domains, topical keywords, and targeted emails to trick victims into clicking malicious links.
10 Notable Security Acquisitions of 2019 (So Far)
In a year when security companies have been snapped up left and right, these deals stand out from the chaos.
CrowdStrike Prices IPO Above Range at $34
The endpoint security firm raised $612 million ahead of today's public debut.
Microsoft Issues Fixes for 88 Vulnerabilities
Four of the flaws are publicly known but none have been listed as under active attack.
Cognitive Bias Can Hamper Security Decisions
A new report sheds light on how human cognitive biases affect cybersecurity decisions and business outcomes.
Cognitive Bias Can Help Shape Security Decisions
A new report sheds light on how human cognitive biases affect cybersecurity decisions and business outcomes.
The Minefield of Corporate Email
Email security challenges CISOs as cybercriminals target corporate inboxes with malware, phishing attempts, and various forms of fraud.
6 Security Scams Set to Sweep This Summer
Experts share the cybersecurity threats to watch for and advice to stay protected.
Inside the Criminal Businesses Built to Target Enterprises
Researchers witness an increase in buying and selling targeted hacking services, custom malware, and corporate network access on the Dark Web.
How Today’s Cybercriminals Sneak into Your Inbox
The tactics and techniques most commonly used to slip past security defenses and catch employees off guard.
Microsoft Urges Businesses to Patch ‘BlueKeep’ Flaw
Fearing another worm of WannaCry severity, Microsoft warns vulnerable users to apply the software update for CVE-2019-0708.
2.3B Files Currently Exposed via Online Storage
Digital Shadows researchers scanned various online file-sharing services and concluded the number of exposed files is up 50% from March of 2018.
Impersonation Attacks Up 67% for Corporate Inboxes
Nearly three-quarters of organizations hit with impersonation attacks experienced direct losses of money, customers, and data.
Emotet Made Up 61% of Malicious Payloads in Q1
The botnet has displaced credential stealers, stand-alone downloaders, and RATs in the overall threat landscape.
Web App Vulnerabilities Flying Under Your Radar
A penetration tester shows how low-severity Web application bugs can have a greater effect than businesses realize.
To Manage Security Risk, Manage Data First
At Interop 2019, IT and security experts urged attendees to focus on data asset management as a means of mitigating risk.
Alphabet’s Chronicle Explores Code-Signing Abuse in the Wild
A new analysis highlights the prevalence of malware signed by certificate authorities and the problems with trust-based security.
Data Asset Management: What Do You Really Need?
At Interop, a cybersecurity and privacy leader explains her approach to data management and governance at a massive, decentralized company.
Think Data Security, Not Endpoint Security
A strong data protection strategy is essential to protect information as it moves across endpoints and in the cloud.
Data Security: Think Beyond the Endpoint
A strong data protection strategy is essential as data moves across endpoints and in the cloud.
When Older Windows Systems Won’t Die
Microsoft's decision to patch unsupported machines for the critical CVE-2019-0708 flaw is a reminder that XP, 2003, and other older versions of Windows still run in some enterprises.
Google to Replace Titan Security Keys Affected by Bluetooth Bug
A misconfiguration in Bluetooth Titan Security Keys' pairing protocols could compromise users under specific circumstances.
Microsoft Builds on Decentralized Identity Vision
The company elaborates on its plan to balance data control between businesses and consumers by giving more autonomy to individuals.
Microsoft Patches Wormable Vuln in Windows 7, 2003, XP, Server 2008
Microsoft releases security updates for some out-of-support systems to fix a bug that could be weaponized as a worm if exploited.
LockerGoga, MegaCortex Ransomware Share Unlikely Traits
New form of ransomware MegaCortex shares commonalities with LockerGoga, enterprise malware recently seen in major cyberattacks.
Demystifying the Dark Web: What You Need to Know
The Dark Web and Deep Web are not the same, neither is fully criminal, and more await in this guide to the Internet's mysterious corners.