Dark Reading

Decentralized finance lost $1.8 billion to cyberattacks last year — and 80% of those events were the result of vulnerable code, analysts say.

As states address privacy with ad-hoc laws, corporate compliance teams try to balance yet another set of similar but diverging requirements.

Company to debut its AD capabilities at the 2022 RSA Conference.

New analysis reveals basic regulatory password requirements fall far short of providing protection from compromise.

New features include context-aware, zero-trust data protection on local peripherals and devices.

New funding led by global cyber investor Paladin Capital Group, alongside existing investors Columbia Capital and Skylab Capital.

Million-dollar crypto heists are becoming more common as the currency starts to go mainstream; prevention and enforcement haven't kept pace.

An analysis from Google TAG shows that Android zero-day exploits were packaged and sold for state-backed surveillance.

NIST may be on the brink of revealing which post-quantum computing encryption algorithms it is endorsing, solidifying commercial developments like QuProtect.

The PyPI "pymafka" package is the latest example of growing attacker interest in abusing widely used open source software repositories.

Analysts have seen a massive spike in malicious activity by the XorDdos Trojan in the last six months, against Linux cloud and IoT infrastructures .

A culture of trust, combined with tools designed around employee experience, can work in tandem to help organizations become more resilient and secure.

Next I.T. is the sixth and largest acquisition to date for Valeo Networks.

IronKey Vault Privacy 80 External SSD safeguards against brute-force attacks and BadUSB with digitally-signed firmware.

What subsequent protections do you have in place when your first line of defense goes down?

In a new phishing tactic, faux chatbots establish a conversation with victims to guide them to malicious links, researchers say.

Organizations that deploy updates only after a vulnerability is disclosed apply far fewer updates and do so at a lower cost than those that stay up to date on all of their software, university researchers say.

New versions of QKD use separate wavelengths on the same fiber, improving cost and efficiency, but distance is still a challenge.

Two of Microsoft's Patch Tuesday updates need a do-over after causing certificate-based authentication errors.

To succeed against dynamic cybercriminals, organizations must go multiple steps further and build a learning system that evolves over time to keep up with attacker tactics.