Security experts criticize company for reversing course, albeit temporarily, on a decision it made just this February to block macros in files downloaded from the Internet.
Funding from Allianz X, Valor Equity Partners, Kinetic Partners, and existing investors will accelerate Coalitionβs vision to provide security for all.
By Tara Seals, Managing Editor, News, Dark Reading
Dark Reading's digest of the other don't-miss stories of the week, including a new ransomware targeting QNAP gear, and a destructive attack against the College of the Desert that lingers on.
Improper implementations of authentication APIs at a global crypto wallet service provider could have resulted in the loss of account control β and millions of dollars β from personal and business accounts.
When examining the modern threat landscape, empowering your security operations and overcoming the limitations inherent with other malware prevention solutions is imperative.
By Gage Mele, Manager of Cyber Intelligence, Anomali
It's time to tap the large reservoir of talent with analytical skills to help tackle cybersecurity problems. Train workers in cybersecurity details while using their ability to solve problems.
By Robert Lemos, Contributing Writer, Dark Reading
With the world potentially less than a decade away from breaking current encryption around critical data, researchers weigh in on planning for the post-quantum world.
They may be environmentally friendly, but the surging popularity of electric cars and plug-in hybrids puts the nation's electrical grid at greater risk for malfeasance.
The unsecured server exposed more than 1.5 million files, including airport worker ID photos and other PII, highlighting the ongoing cloud-security challenges worldwide.
By Ericka Chickowski, Contributing Writer, Dark Reading
New research says IAM spending will grow on the back of affordable subscription services, spurred by cloud and mobile adoption, IoT, and continued remote working.
By Tara Seals, Managing Editor, News, Dark Reading
Our roundtable of cybersecurity experts weighs in on what makes QNAP network-attached storage catnip for attackers, and what organizations can do about it.
The US Department of Commerce's National Institute of Standards and Technology has announced the first group of encryption tools that will become part of its post-quantum cryptographic standard.
Company says it is making changes to its security controls to prevent malicious insiders from doing the same thing in future; reassures bug hunters their bounties are safe.
A widespread campaign uses more than 24 malicious NPM packages loaded with JavaScript obfuscators to steal form data from multiple sites and apps, analysts report.
Companies need to consider the cost to disengage from the cloud along with proactive risk management that looks at governance issues resulting from heavy use of low- and no-code tools.
Even as more attacks target humans, lack of dedicated staff, relevant skills, and time are making it harder to develop a security-aware and engaged workforce, SANS says.
Cyber mercenaries in countries like India, Russia, and the UAE are carrying out data theft and hacking missions for a wide range of clients across regions, a couple of new reports said.
By Tara Seals, Managing Editor, News, Dark Reading
It didn't have to be this way: So far 2022's tranche of zero-days shows too many variants of previously patched security bugs, according Google Project Zero.
By Robert Lemos, Contributing Writer, Dark Reading
A recent analysis of breaches involving application programming interfaces (APIs) arrives at some eye-popping damage figures, but which companies are most affected, and in what ways?
Titaniamβs βState of Data Exfiltration & Extortion Reportβ also finds that while over 70% of organizations had heavy investments in prevention, detection, and backup solutions, the majority of victims ended up giving into attackers' demands.
An unauthenticated remote code execution vulnerability found in Zohoβs compliance tool could leave organizations exposed to an information disclosure catastrophe, new analysis shows.
Microsoft is urging organizations that don't have automatic updates enabled to update to the latest version of Linux Server Fabric to thwart the "FabricScape" cloud bug.
The malware has been in circulation since 2020, with sophisticated, advanced malicious actors taking advantage of the vulnerabilities in SOHO routers as the work-from-home population expands rapidly.