Dark Reading:

Do Standards Exist That Certify Secure IoT Systems?

The IoT industry remains fragmented with a lot of players, big and small, churning out a lot of products.

Dark Reading:

NSA Reveals the Top 25 Vulnerabilities Exploited by Chinese Nation-State Hackers

Officials urge organizations to patch the vulnerabilities most commonly scanned for, and exploited by, Chinese attackers.

Dark Reading:

The Cybersecurity Maturity Model Certification: Are You in Compliance?

Not only can this framework help companies remain solvent, but it will also protect critical information from getting into the wrong hands.

Dark Reading:

Farsight Labs Launched as Security Collaboration Platform

Farsight Security's platform will offer no-cost access to certain tools and services.

Dark Reading:

Businesses Rethink Endpoint Security for 2021

The mass movement to remote work has forced organizations to rethink their long-term plans for endpoint security. How will things look different next year?

Dark Reading:

Building the Human Firewall

Cybersecurity was a challenge before COVID-19 sent millions of employees home to work from their own devices and networks. Now what?

Dark Reading:

Trickbot Tenacity Shows Infrastructure Resistant to Takedowns

Both the US Cyber Command and a Microsoft-led private-industry group have attacked the infrastructure used by attackers to manage Trickbot -- but with only a short-term impact.

Dark Reading:

NSS Labs Shuttered

The testing firm's website says it has "ceased operations" as of Oct. 15.

Dark Reading:

Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns

US Department of Justice charges members of Sandworm/APT28 for BlackEnergy, NotPetya, Olympic Destroyer, and other major attacks.

Dark Reading:

GravityRAT Spyware Targets Android & MacOS in India

The Trojan once used in attacks against Windows systems has been transformed into a multiplatform tool targeting macOS and Android.

Dark Reading:

IoT Vulnerability Disclosure Platform Launched

VulnerableThings.com is intended to help vendors meet the terms of a host of new international IoT security laws and regulations.

Dark Reading:

Microsoft Tops Q3 List of Most-Impersonated Brands

The technology sector was also the most likely targeted industry for brand phishing attacks, according to Check Point's latest report on brand phishing.

Dark Reading:

Trickbot, Phishing, Ransomware & Elections

The botnet has taken some hits lately, but that doesn't mean the threat is over. Here are some steps you can take to keep it from your door.

Dark Reading:

7 Tips for Choosing Security Metrics That Matter

Experts weigh in on picking metrics that demonstrate how the security team is handling operational efficiency and reducing risk.

Dark Reading:

Chart: The Pandemic Reprioritizes Security Projects

Responses among IT and security pros reflect concern over vulnerabilities incurred by workers accessing the enterprise network from poorly protected home networks.

Dark Reading:

A Swift Reminder About Cybersecurity

The hackers gonna crack, crack, crack, crack, crack ...

Dark Reading:

Expert Tips to Keep WordPress Safe

The most widely used content management system on the Web relies heavily on plug-ins and add-on software -- and that requires rigorous security measures at every level.

Dark Reading:

A New Risk Vector: The Enterprise of Things

Billions of devices -- including security cameras, smart TVs, and manufacturing equipment -- are largely unmanaged and increase an organization's risk.

Dark Reading:

Massive New Phishing Campaigns Target Microsoft, Google Cloud Users

At least three campaigns are now underway.

Dark Reading:

US Counterintelligence Director & Fmr. Europol Leader Talk Election Security

The US counterintelligence lead joins a former Europol cyber chief to discuss modern election threats and the benefits of public-private collaboration.

Dark Reading:

An Uncommon 20 Years of Commonly Enumerating Vulns

Larry Cashdollar, a researcher with more than 300 CVEs to his credit, looks back at his favorite vulnerabilities (and being the only individual CNA on Mitre's list).

Dark Reading:

Academia Adopts Mitre ATT&CK Framework

Security pros and academic researchers discuss the best ways to use MITRE's framework to inform cybersecurity efforts, analyze threats, and teach future workers.

Dark Reading:

Cybercrime Losses Up 50%, Exceeding $1.8B

Fewer companies are being hit by cyber incidents, but those that do get hit are hit harder and more often.

Dark Reading:

Prolific Cybercrime Group Now Focused on Ransomware

Cybercriminal team previously associated with point-of-sale malware and data theft has now moved almost completely into the more lucrative crimes of ransomware and extortion.

Dark Reading:

US Indicts Members of Transnational Money-Laundering Organization

Members of the QQAAZZ group helped cybercriminals conceal origins of stolen funds, DoJ alleges.

Dark Reading:

Twitter Hack Analysis Drives Calls for Greater Security Regulation

New York's Department of Financial Services calls for more cybersecurity regulation at social media firms following the "jarringly easy" Twitter breach.

Dark Reading:

Barnes & Noble Warns Customers About Data Breach

Famed bookseller says non-financial data was exposed in a new attack.

Dark Reading:

Overcoming the Challenge of Shorter Certificate Lifespans

We could be in the middle of a major transition to shorter and shorter certificate life spans, which has significant implications for how IT organizations manage certificates across the enterprise.

Dark Reading:

The Ruthless Cyber Chaos of Business Recovery

Critical technology initiatives leveraging the best of technology solutions are the only way through the cyber chaos of 2020.

Dark Reading:

Microsoft Office 365 Accounts a Big Target for Attackers

Just as they did with PowerShell for Windows, threat actors are abusing native O365 capabilities for lateral movement, command-and-control communication, and other malicious activity.

Dark Reading:

Zoom Announces Rollout of End-to-End Encryption

Phase 1 removes Zoom servers from the key generation and distribution processes.

Dark Reading:

London Borough of Hackney Investigates 'Serious' Cyberattack

London's Hackney Council says some services may be slow or unavailable as it looks into a cyberattack affecting services and IT systems.

Dark Reading:

What's Really Happening in Infosec Hiring Now?

As the pandemic continues, security teams still need help they can't get. But the "skills shortage" is only part of the story.

Dark Reading:

Assuring Business Continuity by Reducing Malware Dwell Time

Here's how CISOs and IT security operations teams can best address key challenges to network monitoring that could increase malware dwell time.

Dark Reading:

Intel's Ice Lake Beefs Up CPU Security for Cloud Workloads

The third-generation Xeon processors build in hardware security features to provide extra protection to data in transit, at rest, and in use.

Dark Reading:

NIST Quantum Cryptography Program Nears Completion

The National Institute of Standards and Technology's first post-quantum cryptography standard will address key issues, approaches, an arms race, and the technology's uncertain future.

Dark Reading:

Microsoft Fixes Critical Windows TCP/IP Flaw in Patch Rollout

The October 2020 Patch Tuesday fixed 87 vulnerabilities, including 21 remote code execution flaws, in Microsoft products and services.

Dark Reading:

Coalition Pokes Five Eyes on Call for Backdoors

The Five Eyes international law enforcement group had called for implementing backdoors for law enforcement in all encryption implementations.

Dark Reading:

Phishing in Troubled Waters: 3 Ways Email Attacks May Impact Elections

The state of email defenses has a role to play in the US presidential election.

Dark Reading:

Treasury Dept. Advisory Shines Spotlight on Ransomware Negotiators

With attacks showing no signs of abating, some companies have begun offering services to help reduce ransom demands, buy more time, and arrange payments.

Dark Reading:

25% of BEC Cybercriminals Based in the US

While the US is known to be a prime target for BEC attacks, just how many perpetrators are based there came as a surprise to researchers.

Dark Reading:

Where are the 'Great Exits' in the Data Security Market?

If data security were a student, its report card would read "Not performing to potential." Here's why.

Dark Reading:

Trickbot Botnet Response Highlights Partnerships Preventing US Election Interference

Recent efforts by USCYBERCOM and Microsoft to disrupt the Trickbot botnet highlight the importance of partnerships in successful malware botnet disruption.

Dark Reading:

Security Officers, Are Your Employees Practicing Good Habits from Home?

Even if you can't see your employees in the office, they still need to be reminded that criminals are always trying to spot a weak link in the chain.

Dark Reading:

Online Voting Is Coming, but How Secure Will It Be?

It's time for state governments to act as leaders, adopt digital ID standards, enable new online voting systems, and provide broad-based access to all communities for the benefit of all.

Dark Reading:

Software AG Continues Efforts Against $20M Ransomware Attack

The attack, which now includes extortion components, has moved into its second week.

Dark Reading:

Security Firms & Financial Group Team Up to Take Down Trickbot

Microsoft and security firms ESET, Black Lotus Labs, and Symantec collaborated with the financial services industry to cut off the ransomware operation's C2 infrastructure.

Dark Reading:

What Is End-to-End Encryption?

Many services advertise E2EE, but not all of them actually offer it.

Dark Reading:

Security Officers, Are Your Employers Practicing Good Habits from Home?

Even if you can't see your employees in the office, they still need to be reminded that criminals are always trying to spot a weak link in the chain.

Dark Reading:

A 7-Step Cybersecurity Plan for Healthcare Organizations

With National Cybersecurity Awareness Month shining a spotlight on the healthcare industry, security pros share best practices for those charged with protecting these essential organizations.

Dark Reading:

How to Pinpoint Rogue IoT Devices on Your Network

Researchers explain how security practitioners can recognize when a seemingly benign device could be malicious.

Dark Reading:

Security and DevOps

Dark Reading:

Latest Version of MalLocker Android Ransomware Packs New Tricks

Like most such mobile malware, the new one doesn't encrypt data but attempts to make an infected system impossible to use, Microsoft says.

Dark Reading:

Apple Pays Bug Bounty to Enterprise Network Researchers

So far, the company has doled out $288,000 to five researchers who, in three months, found 55 vulnerabilities in its corporate infrastructure.

Dark Reading:

Critical Zerologon Flaw Exploited in TA505 Attacks

Microsoft reports a new campaign leveraging the critical Zerologon vulnerability just days after nation-state group Mercury was seen using the flaw.

Dark Reading:

CISOs Planning on Bigger Budgets: Report

Budgets are on the rise, even in a time of revenue worries across the industry.

Dark Reading:

Why MSPs Are Hacker Targets, and What To Do About It

Managed service providers are increasingly becoming the launching pad of choice for ransomware and other online malfeasance.

Dark Reading:

Emotet 101: How the Ransomware Works -- and Why It's So Darn Effective

In recent weeks, Emotet has emerged as the most common form of ransomware. Managing the risk involves starts with understanding the way it works.

Dark Reading:

Cyberattacks Up, But Companies (Mostly) Succeed in Securing Remote Workforce

Despite fears that the burgeoning population of remote workers would lead to breaches, companies have held their own, a survey of threat analysts finds.

Dark Reading:

Scale Up Threat Hunting to Skill Up Analysts

Security operation centers need to move beyond the simplicity of good and bad software to having levels of "badness," as well as better defining what is good. Here's why.