Cisco Makes Resilience a Cornerstone of Security Strategy

Cisco's Jeetu Patel joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to discuss the power of information sharing.

Sophos: Keeping Tabs on the Bad Guys Using Threat Research

Sophos' John Shier joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to discuss the ransomware problem.

Cisco Revamps Cloud Security Strategy With New Secure Access, SASE Portfolio

The company's vision for the future of cloud security is based on simplified, horizontal coverage across multiple cloud platforms.

Want Better Security? Up Your Collaboration Game

BAE Systems' Peder Jungck joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to discuss the importance of collaboration.

How AI Is Useful — and Not Useful — for Cybersecurity

AI works best when security professionals and AI are complementing each other.

Uptycs: Observability Is Key to Cloud Security

Uptycs' Ganesh Pai joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk about cloud security and observability.

Automox Adds Automation to Patching, Vuln Management

Automox's Paul Zimski joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk about automated patch management.

Why AIs Will Become Hackers

At a 2022 RSA Conference keynote, technologist Bruce Schneier asserted that artificial intelligence agents will start to hack human systems — and what that will mean for us.

ReliaQuest Bolsters Extended Detection With Threat Intelligence

ReliaQuest CTO Joe Partlow joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to discuss extended detection response — and acquisition news.

37 Major Companies and Organizations Pledge to Enhance Cyber Resiliency and Counter Evolving Global Threats

How Poor Communication Opens the Door to Ransomware and Extortion

Organizations can no longer rely on traditional responses to ransomware.

Security & Productivity: The New Power Couple

Seemplicity's Ravid Circus joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk up accelerating time-to-remediation and reducing risk.

Anjuna Security: Tapping ‘Confidential Computing’ to Secure Data, Users, and Organizations

Anjuna Security's Ayal Yogev joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to discuss how confidential computing will improve cloud security.

DeepSurface Security: Risk-Based Prioritization Adds New Depth to Vulnerability Management

DeepSurface's Tim Morgan joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to discuss how to fortify vulnerability management.

China-Sponsored Cyberattackers Target Networking Gear to Build Widespread Attack Infrastructure

Compromised routers, VPNs, and NAS devices from Cisco, Citrix, Pulse, Zyxel, and others are all being used as part of an extensive cyber espionage campaign.

ConcentricAI: How To Maximize Your AI Returns, In and Out of the SOC

Concentric AI's Karthik Krishnan joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to discuss how artificial intelligence has transformed the security landscape.

Cracking the Email Security Code: 12 Best Practices for Small and Midsize Businesses

It only takes one successful attack to spell disaster for a company. Learn how to protect your company with this email security best practice guide.

Getting It Right at the Secure Service Edge

Lookout's Jim Dolce joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to discuss the advantages of Secure Service Edge.

Talon Grasps Victory at a Jubilant RSAC Innovation Sandbox

Spirits were high at the return of the in-person contest, which kicked off by bringing last year's virtual event winner on stage.

Black Basta Ransomware Targets ESXi Servers in Active Campaign

The new ransomware strain Black Basta is now actively targeting VMware ESXi servers in an ongoing campaign, encrypting files inside a targeted volumes folder.

How Do We Secure Our Cities From Attack?

Physical access matters in keeping people and buildings safe. Points to consider when establishing a physical security protocol are ways to lock down an area to keep people safe, approaches to communicate clear safety directions, and access control.

Now Is the Time to Plan for Post-Quantum Cryptography

Panelists from an RSA Conference keynote agreed that organizations need to begin work on PQC migration, if they haven't already.

An Emerging Threat: Attacking 5G Via Network Slices

A successful attack against 5G networks could disrupt critical infrastructure, manipulate sensor data, or even cause physical harm to humans.

Mandia: Keep 'Shields Up' to Survive the Current Escalation of Cyberattacks

As Mandiant CEO Kevin Mandia's company prepares to become part of Google, the incident response company continues to investigate many of the most critical cyber incidents.

Multilevel Extortion: DeadBolt Ransomware Targets Internet-Facing NAS Devices

The innovative ransomware targets NAS devices, has a multitiered payment and extortion scheme as well as a flexible configuration, and takes a heavily automated approach.

How the C-Suite Puts Shoulders Into Zero Trust in 2022

A full 77% of tech executives say they'll increase spending in zero-trust architecture in the coming year.

RSAC Opens With Message of Transformation

Cybersecurity needs to shift its thinking ahead of the next disruption, RSA's CEO said during the opening 2022 conference keynote.

Enterprise Security Around the Dinner Table

Enterprise cybersecurity awareness training has evolved to include informal lessons for employees' family members, and it has many benefits.

7 NFT Scams That Could Be Targeting Your Brand

Brands should be vigilant to ensure sites and listings promoting NFTs for sale are legitimate and not being used as an instrument by fraudsters to swindle customers.

Harnessing AI to Proactively Thwart Threats

By using artificial intelligence to predict how an attacker would carry out their attack, we can deploy defenses and preemptively shut down vulnerable entry points.

Akamai Launches New Malware Protection for Uploaded Files

Edge-based solution detects and blocks malicious files uploaded to Web apps and APIs.

Cybersecurity Industry Leaders Launch Campaign to Close the Cybersecurity Talent Gap

A coalition of over 25 industry leaders, led by NightDragon and non-profit NextGen Cyber Talent, partner to raise $1 million for collegiate cybersecurity education

CISA Challenges Partners and Public to Push for 'More Than a Password' in New Social Media Campaign

Nation’s cyber defense agency urges America to enable multifactor authentication.

Forescout Announces Intent to Acquire Cysiv to Deliver Data-Powered Threat Detection and Response

Acquisition will leverage Forescout’s automated cybersecurity with Cysiv's cloud-native platform to deliver data-powered analytics for 24/7 threat detection and response.

CyberRatings.org Announces Test on Cloud Network Firewall

Fortinet FortiGate-VM receives AAA rating across all five categories in CyberRating's assessment.

Bugcrowd Expands Pen Testing Solutions with New Platform Services

Basic Pen Tests support rapid, basic vulnerability discovery, while Standard Pen Tests provide compliance-driven testing to meet requirements for Web apps, APIs, and networks.

Fortinet Unveils New Digital Risk Protection Offering

FortiRecon combines machine learning, automation, and human intelligence to continually monitor an organization’s external attack surface.

Snowflake Debuts Cybersecurity Workload to Aid Visibility, Automation

The tool underpins cybersecurity capabilities including SIEM, SOAR, compliance automation, and vulnerability management.

Ransomware's ROI Retreat Will Drive More BEC Attacks

Crackdowns are driving down ransomware profits, and analysts see signs that operators are pivoting to business email compromise attacks, security researcher warned.

Communication Is Key to CISO Success

A panel of CISOs at the RSA Conference outlined what a successful first 90-day plan looks like, and it boiled down to effective communication and listening.

Optiv Launches Cyber Recovery Solution Focused on Protection and Rapid Recovery

CRS helps minimize the impact a cyberattack has on business operations, finances and reputation.

BigID Introduces Cloud Data Security On Demand

New SmallID offering brings cloud-native data privacy and protection to organizations of all sizes.

IBM to Buy Attack Surface-Management Firm Randori

Randori’s attack-surface management software will be integrated into IBM Security QRadar extended detection and response (XDR) features.

Cybersecurity M&A Activity Shows No Signs of Slowdown

But valuations have dropped — and investors are paying closer attention to revenues and profitability, industry analysts say.

The CISO Shortlist: Top Priorities at RSAC 2022

The buzz on the show floor during RSA Conference is about aligning the organization's security priorities with the right technology. Will Lin, managing director and founding member at Forgepoint Capital, weighs in on the biggest security priorities for 2022 — and what kind of tech senior-level executives are looking for.

Are You Ready for a Breach in Your Organization's Slack Workspace?

A single compromised Slack account can easily be leveraged to deceive other users and gain additional access to other users and multiple Slack channels.

Name That Edge Toon: Hey, Batter Batter!

Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.

Gathering Momentum: 3 Steps Forward to Expand SBoM Use

New studies show less than a third of organizations use software bills of materials (SBoMs), but momentum is building to boost that number.

FDA: Patch Illumina DNA Sequencing Instruments, Stat

A critical security bug could lead to remote device control, altered lab results, and more, putting patients in danger, agency warns.

YourCyanide Ransomware Propagates With PasteBin, Discord, Microsoft Links

The latest iteration of CMD-based ransomware is sophisticated and tricky to detect – and integrates token theft and worming capabilities into its feature set.

Iconium Software Releases DataLenz v1.3 for IBM zSystems

DataLenz delivers real-time, machine learning-based breach detection with user behavior modeling for IBM zSystems.

Microsoft Disables Iran-Linked Lebanese Hacking Group Polonium

The attack on Israeli organizations is the latest in a long line of attempts to compromise supply chains, as the APT looks to leverage that access to target a multitude of potential victims.

Actively Exploited Atlassian Zero-Day Bug Allows Full System Takeover

A remote code execution (RCE) vulnerability in all versions of the popular Confluence collaboration platform can be abused in credential harvesting, cyber espionage, and network backdoor attacks.

Why Network Object Management Is Critical for Managing Multicloud Network Security

If you want your IT and security administrators to get buried in trivial workloads and productivity bottlenecks, having poor network object management is a great way to accomplish that.

For Ransomware, Speed Matters

Someone interested in putting together a ransomware campaign has to consider several factors. The LockBit group touts its speed over competing families to attract potential buyers for its ransowmare-as-a-service.

Cerberus Sentinel Completes Acquisition of Creatrix, Inc.

U.S. cybersecurity services firm expands security and identity management services with woman-owned business.

Research Reveals 75% of CISOs Are Worried Too Many Application Vulnerabilities Leak Into Production, Despite a Multi-Layered Security Approach

79% of CISOs say continuous runtime vulnerability management is an essential capability to keep up with the expanding complexity of modern multi-cloud environments.

Intel Chipset Firmware Actively Targeted by Conti Group

Conti threat actors are betting chipset firmware is updated less frequently than other software — and winning big, analysts say.

Gurucul Launches Cloud-Native SOC Platform Pushing the Boundaries of Next-Gen SIEM and XDR with Identity Threat Detection and Response

Gurucul automating threat detection, investigation and response (TDIR) with advanced analytics, comprehensive threat content, and a flexible enterprise risk engine for hybrid and multi-cloud environments.

Phishers Having a Field Day on WhatsApp, Telegraph

A pair of phishing campaigns against users of WhatsApp and Telegram's Telegraph expose them to extortion, credential harvesting, and even account takeover.