By Robert Lemos, Contributing Writer, Dark Reading
Existing software security firms and new startups tackle the tasks of exposing dependencies and helping developers manage their use of open-source components.
Security teams have to protect an increasingly complex enterprise environment. Here are five elements of attack surface management they should consider.
Killnet calls on other groups to launch similar attacks against US civilian infrastructure, including marine terminals and logistics facilities, weather monitoring centers, and healthcare systems.
By Robert Lemos, Contributing Writer, Dark Reading
An analysis of the malware and its infection strategies finds nearly 21,000 minor and 139 major variations on the malware β complexity that helps it dodge analysis.
By James Turgal, VP of Cyber Risk, Strategy & Board Relations, Optiv
A CISO's responsibilities have evolved immensely in recent years, so their first three months on the job should look a different today than they might have several years ago.
By Robert Lemos, Contributing Writer, Dark Reading
About 1 in 5 phishing email messages reach workers' inboxes, as attackers get better at dodging Microsoft's platform defenses and defenders run into processing limitations.
A boom in artificial intelligence-powered detection and remediation tools pushes security spending to the top of the AI market, according to Forrester.
Current and former employees and members are being offered complimentary credit monitoring and
identity protection services as some personal information may have been accessed.
The group has been operating for over a year, promoting their tools in hacking forums, stealing credit card information, and using typosquatting techniques to target open source software flaws.
Some 400 mobile apps have posed as legitimate software on Google Play and the Apple App Store over the past year, and were designed to steal Facebook user credentials.
Test methodologies published today, and their scope includes security effectiveness, performance, stability and reliability, and total cost of ownership.
By Elizabeth Montalbano, Contributor, Dark Reading
The malware-as-a-service group Eternity is selling a one-stop shop for various malware modules it's been distributing individually via a subscription model on Telegram.
Amid an economic downturn, cybersecurity staffing shortages, and endless cyberattacks, financially motivated attacks are the top concern among IT professionals.
By Robert Lemos, Contributing Writer, Dark Reading
Advanced attackers gained access to Microsoft Exchange services, conducted searches of email, and used an open source toolkit to collect data from the network for nearly a year.
Users and malicious actors interact with your business through the application layer. Build trust in your software by securing this first line of defense.
By John Anthony Smith, Chief Listening Officer, CEO, & Founder, Conversant Group/Fenix 24
As threat actors' sophistication has grown dramatically in the last few years, organizations haven't kept up with implementing the necessary countermeasure controls.
By Alex Romero, Co-Founder and COO, Constella Intelligence
Executives fear "malicious insiders" as top cyber threat to companies, research shows. Reasonable steps to secure and monitor systems may prevent reputational damage but are not enough.
By Elizabeth Montalbano, Contributor, Dark Reading
A novel mobile malware found lurking behind a phone-spoofing app is being distributed via Telegram and a dedicated website, in a broad operation to monitor corporate victims.
By Robert Lemos, Contributing Writer, Dark Reading
Announcing its exposure management platform, Tenable joins other companies in offering ways β such as attack surface management β to look at business networks through the eyes of attackers.
By Elizabeth Montalbano, Contributor, Dark Reading
Attackers are using the recently emerged browser-in-the-browser phishing technique to steal accounts from Valve's popular gaming platform, but it's a warning shot to businesses.
The new round highlights market demand to protect global businesses from soaring breaches through supply chains of critical hardware, devices, firmware, and software.
By Robert Lemos, Contributing Writer, Dark Reading
Responding to cyberattacks is extraordinarily stressful, but better planning, frequent practice, and the availability of mental health services can help IR professionals, a survey finds.