Cybersecurity News
RSAC 2020 Keynote: Changing the World’s False Perception of Cybersecurity
The reality of the cybersecurity industry is starkly different than what's perceived by the rest of the world.
25 February 2020
Cybersecurity Industry: It's Time to Stop the Victim Blame Game
There are far more ways to be helpful than adding to the noise of what a company probably did wrong.25 February 2020
Wendy Nather on How to Make Security 'Democratization' a Reality
Ahead of her keynote at the RSA Conference, Cisco's head of advisory CISOs outlines to Dark Reading a unique paradigm that asks security teams to stop fighting their users, and start sharing control with them.
25 February 2020
Sen. Schumer Pushes for TSA Employee Ban on TikTok App at Work
The Department of Homeland Security and two U.S. military branches already had discontinued use of the app based on concerns over Chinese data-security and censorship practices.
25 February 2020
McAfee Acquires Light Point for Browser Isolation Tech
Company plans to integrate Light Point Security's technology into the McAfee Secure Web Gateway and its Mvision UCE platform.25 February 2020
Firefox for Mac and Linux to get a new security sandbox system
Firefox's new RLBox sandbox system to ship to Linux users in Firefox 74 and Mac users in Firefox 75.25 February 2020
UK financial watchdog admits to leaking confidential consumer data
A Freedom of Information Act request published on the FCA website revealed more than it should.25 February 2020
McAfee acquires Light Point Security team to bring browser isolation tech to MVISION UCE
McAfee’s aim is to improve browser protections by isolating potentially malicious code in virtual environments.25 February 2020
Google patches Chrome zero-day under active attacks
This is the third Chrome zero-day discovered being exploited in the wild in the past year.25 February 2020
Mozilla enables DOH by default for all Firefox users in the US
The rollout begins today and will continue over the next few weeks to confirm no major issues are discovered as DoH is enabled for Firefox's US-based users.25 February 2020
Wanted: Hands-On Cybersecurity Experience
Organizations lament a lack of qualified job candidates as they continue to struggle to hire and retain security teams, the new ISACA State of Cybersecurity 2020 report shows.25 February 2020
Verizon: Attacks on Mobile Devices Rise
Companies of all sizes are being hit by mobile attacks and feeling the effects for extended periods of time, according to the 2020 Verizon Mobile Security Index.25 February 2020
PayPal accounts are getting abused en-masse for unauthorized payments
All signs point to an attack exploiting PayPal's Google Pay integration.24 February 2020
Security, Networking Collaboration Cuts Breach Cost
CISOs report increases in alert fatigue and the number of records breached, as well as the struggle to secure mobile devices in a new Cisco study.24 February 2020
Apple Takes Heat Over ‘Vulnerable’ iOS Cut-and-Paste Data
Software developer builds a malicious proof-of-concept iOS app that can read data temporarily saved to the device’s clipboard.
24 February 2020
Forget passwords: Secure yourself with a passphrase and these tools
Passphrases are much stronger than ordinary passwords -- and a heck of a lot easier to remember. But that's only the start to securing yourself on today's hostile internet. Here's how to protect yourself.24 February 2020
SSRF 101: How Server-Side Request Forgery Sneaks Past Your Web Apps
Server-side request forgery is a dangerous attack method that is also becoming an issue for the cloud. Here are some of the basics to help keep your Web server from turning against you.
24 February 2020
Enterprise Cloud Use Continues to Outpace Security
Nearly 60% of IT and security pros say deployment of business services in the cloud has rushed past their ability to secure them.24 February 2020
Zyxel Fixes 0day in Network Storage Devices
Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them. The patch comes 12 days after KrebsOnSecurity alerted the company that precise instructions for exploiting the vulnerability were being sold for $20,000 in the cybercrime underground. Based in Taiwan, Zyxel Communications Corp. (a.k.a "ZyXEL") is a maker of networking devices, including Wi-Fi routers, NAS products and hardware firewalls. The company has roughly 1,500 employees and boasts some 100 million devices deployed worldwide. While in many respects the class of vulnerability addressed in this story is depressingly common among Internet of Things (IoT) devices, the flaw is notable because it has attracted the interest of groups specializing in deploying ransomware at scale.24 February 2020