Clicking on a news article below will cause another browser window to open. Your browser window on the LCG website will also remain open.
Cool photo. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here....
Researchers discover attackers abusing the latest version of the remote desktop ActiveX control class introduced for Windows 10.
For years, Humble Bundle has been selling great books at a "pay what you can afford" model. This month, they're featuring as many as nineteen cybersecurity books for as little as $1, […]
If your web server is running on Apache Tomcat, you should immediately install the latest available version of the server application to prevent hackers from taking unauthorized control over it. […]
Google presented its system of using deep-learning techniques to identify malicious email attachments: At the RSA security conference in San Francisco on Tuesday, Google's security and anti-abuse […]
Check out Dark Reading's updated, exclusive coverage of the news and security themes that are dominating RSA Conference 2020 in San Francisco.
Disinformation goes far beyond just influencing election outcomes. Here's what security pros need to know.
Reports find that mobile malware appears on the decline, but the exploitation of vulnerabilities along with phishing has led to a rise in compromises, experts say.
Let's Encrypt, a free, automated, and open certificate signing authority (CA) from the nonprofit Internet Security Research Group (ISRG), has said it's issued a billion certificates since its launch […]
The City of Baltimore was under cyber-attack last year, with hackers demanding $76,000 in ransom. Though the city chose not to pay the ransom, the attack still cost them nearly $18 million in […]
A group of academics from Ruhr University Bochum and New York University Abu Dhabi have uncovered security flaws in 4G LTE and 5G networks that could potentially allow hackers to impersonate users on […]
Customers for the controversial facial recognition company were detailed in a log file leaked to news organizations.
Data shows 73% are concerned about municipal ransomware threats but only 38% are trained on preventing these attacks.
CEO Mary T. Barra addressed the high stakes in rolling out self-driving cars and biometric-enhanced vehicles, where one cyber-event could derail plans for emerging automotive technologies.
As an industry, we must move beyond one-dimensional approaches to assessing ransomware exposures. Asking these four questions will help.
This law journal article discusses the role of class-action litigation to secure the Internet of Things. Basically, the article postulates that (1) market realities will produce insecure IoT devices, […]
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and […]
Sometimes, good old-fashioned tools can help an enterprise create a cost-effective risk management strategy.
Cybersecurity researchers today uncovered a new high-severity hardware vulnerability residing in the widely-used Wi-Fi chips manufactured by Broadcom and Cypress—apparently powering over a […]
Good security programs start with a mindset that it's not about the tools, it's what you do with them. Here's how to get out of a reactive fire-drill mode with vulnerability management.
On Monday, networking hardware maker Zyxel released security updates to plug a critical security hole in its network attached storage (NAS) devices that is being actively exploited by crooks who […]
Analysis of 92 billion rejected emails reveals a range of simple and complex attack techniques for the last quarter of 2019.
Google today published a blog post recommending mobile app developers to encrypt data that their apps generate on the users' devices, especially when they use unprotected external storage that's […]
The New York Times is reporting on the NSA's phone metadata program, which the NSA shut down last year: A National Security Agency system that analyzed logs of Americans' domestic phone calls and […]
If you use the Firefox web browser, here's an important update that you need to be aware of. Starting today, Mozilla is activating the DNS-over-HTTPS security feature by default for all Firefox […]
Take a comprehensive approach to better protect your organization. Security hygiene is a must, but also look at your risk posture through a data protection lens.
This is good news: Whenever you visit a website -- even if it's HTTPS enabled -- the DNS query that converts the web address into an IP address that computers can read is usually unencrypted. […]
There are far more ways to be helpful than adding to the noise of what a company probably did wrong.
OpenSMTPD has been found vulnerable to yet another critical vulnerability that could allow remote attackers to take complete control over email servers running BSD or Linux operating systems. […]
You are a cybersecurity professional with the responsibility to keep your organization secured, you know your job chapter and verse, from high level reporting duties to the bits and bytes of what […]
Google yesterday released a new critical software update for its Chrome web browser for desktops that will be rolled out to Windows, Mac, and Linux users over the next few days. The latest Chrome […]
Phishing attacks have become one of the business world's top cybersecurity concerns. These social engineering attacks have been rising over the years, with the most recent report from the […]
Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them. The patch […]
Trusting the cloud involves a change in mindset. You must be ready to use runtime encryption in the cloud.
The Times of London is reporting that Russian agents are in Ireland probing transatlantic communications cables. Ireland is the landing point for undersea cables which carry internet traffic between […]
Security experts discuss the threats putting mobile devices at risk and how businesses can better defend against them.
It's probably a juvenile: Researchers aboard the New Zealand-based National Institute of Water and Atmospheric Research Ltd (NIWA) research vessel Tangaroa were on an expedition to survey hoki, New […]
A resurgence in Emotet malware may make it one of the most pervasive security threats of 2020.
For decades, I have been talking about the importance of individual privacy. For almost as long, I have been using the metaphor of digital feudalism to describe how large companies have become […]
The distributed denial-of-service attacks took a congressional candidate's website offline for a total of 21 hours during the campaign for office.
Almost within a year after releasing Microsoft Defender Advanced Threat Protection (ATP) for macOS computers, Microsoft today announced a public preview of its antivirus software for various Linux […]
The organization, which sells patient administration tools to hospitals, could not confirm whether patient data was accessed.
Destructive attacks and disinformation will likely target the Summer Olympics in Tokyo, two groups of threat experts say.
The incident cut off access to e-mail and shared IT services across customer sites of the multinational Denmark-based facility-management firm.
Readers of Security Now will join the Dark Reading community, gaining access to a wide range of cybersecurity content.
Sometime around 1993 or 1994, during the first Crypto Wars, I was part of a group of cryptography experts that went to Washington to advocate for strong encryption. Matt Blaze and Ron Rivest were […]
Google has banned nearly 600 Android apps from the Play Store for bombarding users with disruptive ads and violating its advertising guidelines. The company categorizes disruptive ads as "ads that […]
Cybersecurity researchers have discovered a large-scale ongoing fraud scheme that lures unsuspecting Russian Internet users with promises of financial rewards to steal their payment card […]
Cloud computing and networking are two of the most significant areas of growth in the IT business. Companies need engineers who can maintain distributed software and keep the company connected. If […]
Adobe today released out-of-band software updates for After Effects and Media Encoder applications that patch a total of two new critical vulnerabilities. Both critical vulnerabilities exist due to […]
WHY CHOOSE LCG?