Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content tagged with Operations
Page 1 / 2   >   >>
COVID-19: Latest Security News & Commentary
News  |  10/30/2020  | 
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
SANS Launches New CyberStart Program for All High School Students
News  |  10/30/2020  | 
Free program lets students solve real-world security problems - and learn about cybersecurity.
McAfee Launches XDR, Browser Isolation, Cloud App Security Tools
Quick Hits  |  10/29/2020  | 
New additions are built to help organizations better respond to threats and protect applications and data in the cloud.
Ransomware Wave Targets US Hospitals: What We Know So Far
News  |  10/29/2020  | 
A joint advisory from the CISA, FBI, and HHS warns of an "increased and imminent" threat to US hospitals and healthcare providers.
'Act of War' Clause Could Nix Cyber Insurance Payouts
News  |  10/29/2020  | 
The indictment of six members of the Russian military for the NotPetya ransomware attack places companies on notice that insurance "is not a get-out-of-jail-free card."
New Report Links Cybersecurity and Sustainability
Quick Hits  |  10/26/2020  | 
Some have also created the role of chief sustainability officer, according to Kaspersky.
The Story of McAfee: How the Security Giant Arrived at a Second IPO
News  |  10/26/2020  | 
Industry watchers explore the story of McAfee, from its founding in 1987, to its spinoff from Intel, to how it's keeping up with competitors.
US Treasury Sanctions Russian Institution Linked to Triton Malware
Quick Hits  |  10/23/2020  | 
Triton, also known as TRISIS and HatMan, was developed to target and manipulate industrial control systems, the US Treasury reports.
A Pause to Address 'Ethical Debt' of Facial Recognition
Commentary  |  10/23/2020  | 
Ethical use will require some combination of consistent reporting, regulation, corporate responsibility, and adversarial technology.
McAfee Raises $740M in Second IPO
Quick Hits  |  10/22/2020  | 
The security software giant and its investors sold 37 million shares priced at $20 each, putting McAfee's value around $8.6 billion.
Implementing Proactive Cyber Controls in OT: Myths vs. Reality
Commentary  |  10/22/2020  | 
Debunking the myths surrounding the implementation of proactive cyber controls in operational technology.
Dealing With Insider Threats in the Age of COVID
Commentary  |  10/21/2020  | 
Dangerous gray areas like new BYOD policies and shadow IT devices have increased, thanks to the rapid shift to remote working.
Are You One COVID-19 Test Away From a Cybersecurity Disaster?
Commentary  |  10/21/2020  | 
One cybersecurity failure can result in a successful ransomware attack or data breach that could cause tremendous damage. There's no need to panic, but neither is there time to ignore the issue.
Modern Day Insider Threat: Network Bugs That Are Stealing Your Data
Commentary  |  10/21/2020  | 
Attacks involving an unmanaged device and no malware expose gaps in cybersecurity that must be addressed.
Farsight Labs Launched as Security Collaboration Platform
Quick Hits  |  10/20/2020  | 
Farsight Security's platform will offer no-cost access to certain tools and services.
Businesses Rethink Endpoint Security for 2021
News  |  10/20/2020  | 
The mass movement to remote work has forced organizations to rethink their long-term plans for endpoint security. How will things look different next year?
Building the Human Firewall
Commentary  |  10/20/2020  | 
Cybersecurity was a challenge before COVID-19 sent millions of employees home to work from their own devices and networks. Now what?
A New Risk Vector: The Enterprise of Things
Commentary  |  10/19/2020  | 
Billions of devices -- including security cameras, smart TVs, and manufacturing equipment -- are largely unmanaged and increase an organization's risk.
London Borough of Hackney Investigates 'Serious' Cyberattack
Quick Hits  |  10/14/2020  | 
London's Hackney Council says some services may be slow or unavailable as it looks into a cyberattack affecting services and IT systems.
Microsoft Fixes Critical Windows TCP/IP Flaw in Patch Rollout
News  |  10/13/2020  | 
The October 2020 Patch Tuesday fixed 87 vulnerabilities, including 21 remote code execution flaws, in Microsoft products and services.
Where Are the 'Great Exits' in the Data Security Market?
Commentary  |  10/13/2020  | 
If data security were a student, its report card would read "Not performing to potential." Here's why.
Online Voting Is Coming, but How Secure Will It Be?
Commentary  |  10/13/2020  | 
It's time for state governments to act as leaders, adopt digital ID standards, enable new online voting systems, and provide broad-based access to all communities for the benefit of all.
A 7-Step Cybersecurity Plan for Healthcare Organizations
Slideshows  |  10/12/2020  | 
With National Cybersecurity Awareness Month shining a spotlight on the healthcare industry, security pros share best practices for those charged with protecting these essential organizations.
CISOs Planning on Bigger Budgets: Report
Quick Hits  |  10/9/2020  | 
Budgets are on the rise, even in a time of revenue worries across the industry.
Why MSPs Are Hacker Targets, and What To Do About It
Commentary  |  10/9/2020  | 
Managed service providers are increasingly becoming the launching pad of choice for ransomware and other online malfeasance.
Scale Up Threat Hunting to Skill Up Analysts
Commentary  |  10/8/2020  | 
Security operation centers need to move beyond the simplicity of good and bad software to having levels of "badness," as well as better defining what is good. Here's why.
The New War Room: Cybersecurity in the Modern Era
Commentary  |  10/7/2020  | 
The introduction of the virtual war room is a new but necessary shift. To ensure its success, security teams must implement new systems and a new approach to cybersecurity.
How Netflix Makes Security Decisions: A Peek Inside the Process
News  |  10/6/2020  | 
A senior information security risk engineer explains how Netflix's risk management program helps businesses leaders make key decisions.
Google Brings Password Protection to iOS, Android in Chrome 86
Quick Hits  |  10/6/2020  | 
Chrome 86 will alert users when stored passwords are compromised, and block or warn of insecure downloads, among other security updates.
6 Best Practices for Using Open Source Software Safely
Slideshows  |  10/6/2020  | 
Open source software is critical yet potentially dangerous. Here are ways to minimize the risk.
Android Camera Bug Under the Microscope
News  |  10/5/2020  | 
Critical Android vulnerability CVE-2019-2234 could enable attackers to take control of a victim's camera and take photos, record videos, and learn location.
Biometric Data Collection Demands Scrutiny of Privacy Law
News  |  10/2/2020  | 
An IT lawyer digs into the implications of collecting biometric data, why it can't be anonymized, and what nations are doing about it.
Singapore Asks Big Cybersecurity Questions to Improve National Defense
News  |  10/1/2020  | 
An executive from Singapore's Cyber Security Agency examines the role of security in a nation increasingly dependent on technology.
Rise in Remote MacOS Workers Driving Cybersecurity 'Rethink'
News  |  10/1/2020  | 
With twice as much malware now targeting Macs, IT pros need to scramble to adapt to a large, and likely permanent, work-from-home population, experts say.
Cloud Misconfiguration Mishaps Businesses Must Watch
News  |  9/30/2020  | 
Cloud security experts explain which misconfigurations are most common and highlight other areas of the cloud likely to threaten businesses.
Ivanti Acquires Two Security Companies
Quick Hits  |  9/28/2020  | 
Purchase of MobileIron and Pulse Secure announced simultaneously.
9 Tips to Prepare for the Future of Cloud & Network Security
Slideshows  |  9/28/2020  | 
Cloud and network security analysts outline trends and priorities businesses should keep top of mind as they grow more reliant on cloud.
Navigating the Asia-Pacific Threat Landscape: Experts Dive In
News  |  9/25/2020  | 
At next week's virtual Black Hat Asia, threat intelligence pros will discuss the threats local organizations should prioritize and how they can prepare.
Solving the Problem With Security Standards
Commentary  |  9/24/2020  | 
More explicit threat models can make security better and open the door to real and needed innovation.
Google Cloud Debuts Threat-Detection Service
News  |  9/23/2020  | 
Lockdown economics are driving a threat-intelligence business boom. Chronicle Detect is Google's answer to monitoring so much log data created by the distributed workforce.
Microsoft's Azure Defender for IoT Uses CyberX Tech
Quick Hits  |  9/23/2020  | 
Azure Defender for IoT is built to help IT and OT teams discover IoT and OT assets, identify critical flaws, and detect malicious behavior.
Permission Management & the Goldilocks Conundrum
Commentary  |  9/22/2020  | 
In today's COVID-19 era, managing access has become even more difficult, especially for large organizations. Here's how to get it "just right."
Nearly 70% of IT & Security Pros Hone Their Cyber Skills Outside of Work
News  |  9/22/2020  | 
New research shows how security skills are lacking across multiple IT disciplines as well - including network engineers, sys admins, and cloud developers.
Remote Work Exacerbating Data Sprawl
News  |  9/21/2020  | 
More than three-quarters of IT executives worry that data sprawl puts their data at risk, especially with employees working from insecure home networks, survey finds.
Patch by Tonight: CISA Issues Emergency Directive for Critical Netlogon Flaw
Quick Hits  |  9/21/2020  | 
The directive requires all federal agencies to apply a patch for Windows Netlogon vulnerability CVE-2020-1472 by midnight on Sept. 21.
Sumo Logic IPO Prices Higher Than Expected
News  |  9/17/2020  | 
Co-founder and CTO Christian Beedgen explains what this means for the future of the cloud-based data analytics company.
8 Reasons Perimeter Security Alone Won't Protect Your Crown Jewels
Commentary  |  9/16/2020  | 
Most firewalls and security devices effectively protect systems and data, but are they enough to safeguard business-critical applications?
Cybersecurity Bounces Back, but Talent Still Absent
Commentary  |  9/16/2020  | 
While the demand for cybersecurity talent rebounds, organizations will need to focus on cyber-enabled roles to fill immediate skills gaps.
Rethinking Resilience: Tips for Your Disaster Recovery Plan
News  |  9/15/2020  | 
As more organizations face disruptions, a defined approach to recovery is imperative so they can successfully recover, experts say.
CISA Issues Alert for Microsoft Netlogon Vulnerability
Quick Hits  |  9/15/2020  | 
CISA has issued an alert following the discovery of publicly available exploit code for Windows elevation of privilege flaw CVE-2020-1472.
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/30/2020
'Act of War' Clause Could Nix Cyber Insurance Payouts
Robert Lemos, Contributing Writer,  10/29/2020
6 Ways Passwords Fail Basic Security Tests
Curtis Franklin Jr., Senior Editor at Dark Reading,  10/28/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How to Measure and Reduce Cybersecurity Risk in Your Organization
In this Tech Digest, we examine the difficult practice of measuring cyber-risk that has long been an elusive target for enterprises. Download it today!
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27652
PUBLISHED: 2020-10-29
Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.
CVE-2020-27653
PUBLISHED: 2020-10-29
Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.
CVE-2020-27654
PUBLISHED: 2020-10-29
Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp.
CVE-2020-27655
PUBLISHED: 2020-10-29
Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to access restricted resources via inbound QuickConnect traffic.
CVE-2020-27656
PUBLISHED: 2020-10-29
Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors.