| Dark Reading: |
|---|
| Speed of Digital Transformation May Lead to Greater App Vulnerabilities |
| The fastest-moving industries are struggling to produce secure code, according to AppSec experts. |
| How Cybersecurity Newbs Can Start Out on the Right Foot |
| Cybersecurity experts share their savvy tips and useful resources for infosec hopefuls. |
| Why North Korea Excels in Cybercrime |
| North Korea is laser-focused on boosting its cyber capabilities, and it's doing a remarkable job of it. |
| DreamBus, FreakOut Botnets Pose New Threat to Linux Systems |
| Researchers from Zscaler and Check Point describe botnets as designed for DDoS attacks, cryptocurrency mining, and other malicious purposes. |
| Breach Data Shows Attackers Switched Gears in 2020 |
| Attackers focused more on ransomware, while the consolidation of data into large databases led to fewer reported breaches but more records leaked. |
| Attackers Leave Stolen Credentials Searchable on Google |
| Operators behind a global phishing campaign inadvertently left thousands of stolen credentials accessible via Google Search. |
| Cloud Jacking: The Bold New World of Enterprise Cybersecurity |
| Increased reliance on cloud computing puts more weight on robust authentication systems to protect data against hijackers. |
| 7 Steps to Secure a WordPress Site |
| Many companies operate under the assumption that their WordPress sites are secure -- and that couldn't be anything further from the truth. |
| Hacker Pig Latin: A Base64 Primer for Security Analysts |
| The Base64 encoding scheme is often used to hide the plaintext elements in the early stages of an attack that can't be concealed under the veil of encryption. Here's how to see through its tricks. |
| Rethinking IoT Security: It's Not About the Devices |
| Keeping IoT safe in the future will require securing the networks themselves. Focusing on the devices is a never-ending battle that will only become more burdensome. |
| Microsoft Releases New Info on SolarWinds Attack Chain |
| Threat actors went to elaborate lengths to maintain operational security around second-stage payload activation, company says. |
| SolarWinds Attack, Cyber Supply Chain Among Priorities for Biden Administration |
| During Senate confirmation hearings, the nominees for Secretary of Homeland Security and Director of National Intelligence pledged to focus on cybersecurity. |
| Tips for a Bulletproof War Room Strategy |
| The techniques used in real-world combat apply in cybersecurity operations, except that instead of bullets flying downrange, it's packets. |
| Vulnerabilities in Popular DNS Software Allow Poisoning |
| Seven flaws in DNSMasq have limited impact, but in combination they could be chained to create a multistaged attack. |
| Microsoft to Launch 'Enforcement Mode' for Zerologon Flaw |
| Enforcement mode for the Netlogon Domain Controller will be enabled by default with the Feb. 9 security update. |
| SolarWinds Attack Underscores 'New Dimension' in Cyber-Espionage Tactics |
| Meanwhile, Malwarebytes is the latest victim, Symantec discovers a fourth piece of malware used in the massive attack campaign, and FireEye Mandiant releases a free tool to help spot signs of the attack. |
| 4 Intriguing Email Attacks Detected by AI in 2020 |
| Here's to the sneakiest of the sneaky. These clever phishing messages -- that standard validation measures often missed -- deserve proper dishonor. (Sponsored) |
| The Most Pressing Concerns Facing CISOs Today |
| Building security into the software development life cycle creates more visibility, but CISOs still need stay on top of any serious threats on the horizon, even if they are largely unknown. |
| A Security Practitioner's Guide to Encrypted DNS |
| Best practices for a shifting visibility landscape. |
| NSA Appoints Rob Joyce as Cyber Director |
| Joyce has long worked in US cybersecurity leadership, most recently serving as the NSA's top representative in the UK. |