Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Careers and People
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
25 Most Dangerous SW Errors
Memory Buffer issue tops this year's list
FPGAs Do It Faster Than CPUs
Attacks are becoming faster and more efficient
IoT Security: Need to Know
IoT security doesn't match its promises
News & Views
NSA Schools Microsoft About Crypto
Larry Loeb, AuthorCommentary
In an unprecedented move, the National Security Agency advised Microsoft about a bug in one of the CryptoAPI libraries used since NT 4.0 days.
By Larry Loeb Author, 1/16/2020
Comment0 comments  |  Read  |  Post a Comment
Reusing Code? Inspect It First
Larry Loeb, AuthorCommentary
Microsoft is doing something concrete about container security with the release of the Microsoft Application Inspector, a cross-platform tool whose primary objective is to identify source code features in a systematic and scalable way.
By Larry Loeb Author, 1/21/2020
Comment0 comments  |  Read  |  Post a Comment
German Companies Want Even More Local Clouds
Oliver Schonschek, Security Now News AnalystCommentary
The European data infrastructure GAIA-X can help connect thedisparate needs of German firms and create market access for providers from the EU and beyond.
By Oliver Schonschek Security Now News Analyst, 1/16/2020
Comment0 comments  |  Read  |  Post a Comment
GE Medical Instrumentation on the Critical List
Larry Loeb, AuthorCommentary
DHS-CISA has issued a security advisory about GE Carescape medical instrumentation that enumerates many vulnerabilities present in them.
By Larry Loeb Author, 1/24/2020
Comment0 comments  |  Read  |  Post a Comment
Cisco: Privacy Efforts Pay Off Directly
Larry Loeb, AuthorCommentary
Cisco's research has proven that beyond meeting compliance requirements, good privacy is good for business and individuals.
By Larry Loeb Author, 1/31/2020
Comment0 comments  |  Read  |  Post a Comment
All Your Intel L1 Cache Belongs to CacheOut
Larry Loeb, AuthorCommentary
Once again, a novel 'speculative execution side-channel' attack has been discovered by researchers.
By Larry Loeb Author, 1/30/2020
Comment0 comments  |  Read  |  Post a Comment
Ransomware Costs More in Q4
Larry Loeb, AuthorCommentary
In Q4 of 2019, the average ransom payment increased by 104% to $84,116, finds Coveware report.
By Larry Loeb Author, 1/27/2020
Comment0 comments  |  Read  |  Post a Comment
RDG Gets Fooled by UDP
Larry Loeb, AuthorCommentary
Security researchers have found that the implementation in Remote Desktop Gateway of string segmentation lays it open to memory corruption vulnerabilities.
By Larry Loeb Author, 1/28/2020
Comment0 comments  |  Read  |  Post a Comment
EFS Ransomware Slips by AV Products
Larry Loeb, AuthorCommentary
Inside of Windows is a methodology called Encrypting File System. It works on individual files or folders, rather than at the whole disk level like BitLocker does.
By Larry Loeb Author, 1/23/2020
Comment0 comments  |  Read  |  Post a Comment
FireEye Finds Mitigation of CVE-2019-19781 Comes With a Price
Larry Loeb, AuthorCommentary
One threat actor is taking advantage of the current problems with Citrix ADC/Netscaler for their own advantage.
By Larry Loeb Author, 1/20/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current News
1,000+ Attacks in 2 Years: How the SideWinder APT Sheds Its Skin
Researcher to reveal fresh details at Black Hat Asia on a tenacious cyber-espionage group attacking specific military, law enforcement, aviation, and other entities in Central and South Asia.
How to Negotiate With Ransomware Attackers
Researcher to reveal fresh details at Black Hat Asia on a tenacious cyber-espionage group attacking specific military, law enforcement, aviation, and other entities in Central and South Asia.
Cloud Attack Analysis Unearths Lessons for Security Pros
Researcher to reveal fresh details at Black Hat Asia on a tenacious cyber-espionage group attacking specific military, law enforcement, aviation, and other entities in Central and South Asia.
What Happens If Time Gets Hacked
Researcher to reveal fresh details at Black Hat Asia on a tenacious cyber-espionage group attacking specific military, law enforcement, aviation, and other entities in Central and South Asia.
Hacker-for-Hire Group Spied on More Than 3,500 Targets in 18 Months
Researcher to reveal fresh details at Black Hat Asia on a tenacious cyber-espionage group attacking specific military, law enforcement, aviation, and other entities in Central and South Asia.
More Stories
Products & Releases
Federal, State, Local, and Private-Sector Partners Conduct Nationwide Exercise to Test Election Day Plans
ZeroFOX Expands AI Capabilities to Detect Deepfakes
Censys To Unveil Attack Surface Visibility Platform at Black Hat
Digital Guardian Releases Free Forensic Tool
The Infosec Industry Comes Together to Recognize Innovators and Leaders at the First-Ever Cybersecurity Women of the Year Awards
ZeroFOX to Spotlight Social Risk Management at Black Hat 2014
Black Hat Releases Official Schedule
Black Hat: Chief Engineer of NASA's Jet Propulsion Laboratory To Keynote Day Two Of Black Hat USA 2013
More Products & Releases
Twitter Feed
Security Now
From 2017 to 2020, Security Now was one of the Web's top providers of news and analysis on cybersecurity threats, vulnerabilities, and technology. Today, Security Now is part of Dark Reading, the cybersecurity industry's leading news organization. This page is your entry point to the extensive archive of news articles, commentary, and detailed analysis published by Security Now. We hope you'll take this opportunity to browse the full library of Security Now content, which offers unique reporting and enduring insight on cybersecurity challenges, practices, and solutions. This archive is another step in Dark Reading's ongoing effort to provide the most insightful and comprehensive online resource in the cybersecurity industry.
White Papers
Current Issue
Incorporating a Prevention Mindset into Threat Detection and Response
Threat detection and response systems, by definition, are reactive because they have to wait for damage to be done before finding the attack. With a prevention-mindset, security teams can proactively anticipate the attacker's next move, rather than reacting to specific threats or trying to detect the latest techniques in real-time. The report covers areas enterprises should focus on: What positive response looks like. Improving security hygiene. Combining preventive actions with red team efforts.