New Application Security Toolkit Uncovers Dependency Confusion Attacks
The Dependency Combobulator is an open source Python-based toolkit that helps developers discover malicious software components that may have accidentally…
Firms Will Struggle to Secure Extended Attack Surface in 2022
Companies are relying more heavily on third parties, remote employees, and partners, expanding their attack surface area beyond traditional boundaries.
Why Self-Learning AI Is Changing the Paradigm of ICS Security
By focusing on the organization rather than the threat, AI can identify subtle changes in your digital environment that point…
83% of Critical Infrastructure Organizations Suffered Breaches, 2021 Cybersecurity Research Reveals
Supply chain and third-party risk is a major threat to operational technology.
The State of the CISO
Dark Reading survey shows security officer influence is on the rise.
How InfoSec Should Use the Minimum Viable Secure Product Checklist
Google and Salesforce executives discuss the need for the newly released MVSP, how tech companies came together to work on…
CISA Issues New Directive for Patching Known Exploited Vulnerabilities
The goal is to reduce civilian federal agency exposure to attacks that threat actors are actively using in campaigns, agency…
Infosec and Business Alignment Lowers Breach Cost, Boosts Security
As attacks and security budgets continue to rise, data shows the most secure organizations are the ones that strike a…
Attackers Flaunt Remote Access Credentials, Threaten Supply Chain
Attackers advertise access to computers within shipping and logistics companies as the global supply chain struggles to meet post-COVID demands.
The ‘Groove’ Ransomware Gang Was a Hoax
A number of publications in September warned about the emergence of "Groove," a new ransomware group that called on competing…