PyPI Mandates 2FA, Plans Google Titan Key Giveaway
Python's most popular package manager is intent on securing the supply chain by requiring developers to enable two-factor authentication.
One-Third of Users Without Security Awareness Training Click on Phishing URLs
New data from security training provider shows half of untrained users in consulting, energy, and healthcare industries fall for phishing…
‘Luna Moth’ Group Ransoms Data Without the Ransomware
Unsophisticated campaigns use off-the-shelf RATs and other tools to exfiltrate data and demand a ransom to keep it private.
Online Payment Fraud Expected to Cost $343B Over Next 5 Years
Fraudster innovation will continue to drive successful phishing, business email compromise, and socially engineered attacks, researchers say.
DoJ Charges CEO for Dealing $1B in Fake Cisco Gear
Fraudster allegedly passed off refurbished, modified Cisco equipment as new to hospitals, schools, and even the military.
Prevention Takes Priority Over Response
Cybersecurity teams continue to emphasize intrusion prevention over incident response, despite US government action.
Apple Debuts Spyware Protection for State-Sponsored Cyberattacks
Apple's new Lockdown Mode protects devices targeted by sophisticated state-sponsored mercenary spyware attacks.
APT Groups Swarming on VMware Servers with Log4Shell
CISA tells organizations running VMware servers without Log4Shell mitigations to assume compromise.
Without Conti on the Scene, LockBit 2.0 Leads Ransomware Attacks
Analysts say an 18% drop in ransomware attacks seen in May is likely fleeting, as Conti actors regroup.
ShiftLeft: Focus On ‘Attackability’ To Better Prioritize Vulnerabilities
ShiftLeft's Manish Gupta join Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk about looking…