CISO Corner

Why I'm Excited About the Future of Application Security

Oct 21, 2024

CISOs: Throwing Cash at Tools Isn't Helping Detect Breaches

Oct 18, 2024

SOC Teams: Threat Detection Tools Are Stifling Us

Oct 11, 2024

The Invisible Army of Non-Human Identities

Oct 11, 2024
More Articles for CISOs
The Cisco logo
Сloud Security

Cisco Disables DevHub Access After Security Breach

Cisco Disables DevHub Access After Security Breach

The networking company confirms that cyberattackers illegally accessed data belonging to some of its customers.

Oct 21, 2024
|
3 Min Read
A magnifying glass up against the Internet Archive logo on its website
Cyberattacks & Data Breaches
Internet Archive Gets Pummeled in Round 2 Breach
Internet Archive Gets Pummeled in Round 2 Breach

Oct 21, 2024

Skull and cross bones burned into a piece of toast on a plate
Vulnerabilities & Threats
DPRK Uses Microsoft Zero-Day in No-Click Toast Attacks
DPRK Uses Microsoft Zero-Day in No-Click Toast Attacks

Oct 21, 2024

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe
Vulnerabilities & Threats
Black background and white text saying Dark Reading Confidential

PODCAST

Dark Reading Confidential: Pen-Test Arrests, 5 Years Later

Episode 3: On Sept. 11, 2019, two cybersecurity professionals, Gary De Mercurio and Justin Wynn, were arrested in Dallas County, Iowa, and forced to spend the night in jail — just for doing their jobs. Despite the criminal charges against them eventually being dropped, the saga that night five years ago continues to haunt De Mercurio and Wynn personally and professionally. In this episode, the pair and Coalfire CEO Tom McAndrew share how the arrest and fallout has shaped their lives and careers as well as how it has transformed physical penetration tests for the cybersecurity industry as a whole.

Latest News

A digital map of japan
Cyberattacks & Data Breaches
Russia-Linked Hackers Attack Japan's Govt, Ports
Russia-Linked Hackers Attack Japan's Govt, Ports
Oct 22, 2024
|
4 Min Read
byRobert Lemos, Contributing Writer
Closeup of password entered in a field box
Сloud Security
Unmanaged Cloud Credentials Pose Risk to Half of Orgs
Unmanaged Cloud Credentials Pose Risk to Half of Orgs
Oct 21, 2024
|
1 Min Read
byDark Reading Staff
The Cisco logo
Сloud Security
Cisco Disables DevHub Access After Security Breach
Cisco Disables DevHub Access After Security Breach
Oct 21, 2024
|
3 Min Read
byJai Vijayan, Contributing Writer
A magnifying glass up against the Internet Archive logo on its website
Cyberattacks & Data Breaches
Internet Archive Gets Pummeled in Round 2 Breach
Internet Archive Gets Pummeled in Round 2 Breach
Oct 21, 2024
|
2 Min Read
byDark Reading Staff
Woman at desk holding a pen with left hand and right hand above a computer keyboard in front of a screen showing a mail icon and red warning circle
Threat Intelligence
Anti-Bot Services Help Cybercrooks Bypass Google 'Red Page'
Anti-Bot Services Help Cybercrooks Bypass Google 'Red Page'
Oct 21, 2024
|
4 Min Read
byElizabeth Montalbano, Contributing Writer
Skull and cross bones burned into a piece of toast on a plate
Vulnerabilities & Threats
DPRK Uses Microsoft Zero-Day in No-Click Toast Attacks
DPRK Uses Microsoft Zero-Day in No-Click Toast Attacks
Oct 21, 2024
|
3 Min Read
byTara Seals, Managing Editor, News, Dark Reading
A surfer riding a wave
Vulnerabilities & Threats
MacOS Safari 'HM Surf' Exploit Exposes Camera, Mic, Browser Data
MacOS Safari 'HM Surf' Exploit Exposes Camera, Mic, Browser Data
Oct 18, 2024
|
4 Min Read
byNate Nelson, Contributing Writer
Jet fuel fire at an airport firefigher training facility
Cyberattacks & Data Breaches
ESET-Branded Wiper Attack Targets Israel; Firm Denies Compromise
ESET-Branded Wiper Attack Targets Israel; Firm Denies Compromise
Oct 18, 2024
|
2 Min Read
byTara Seals, Managing Editor, News, Dark Reading
CISO working in SOC
Сloud Security
CISOs: Throwing Cash at Tools Isn't Helping Detect Breaches
CISOs: Throwing Cash at Tools Isn't Helping Detect Breaches
Oct 18, 2024
|
2 Min Read
byBecky Bracken, Senior Editor, Dark Reading
Developer coding secure software
Application Security
Vulnerabilities, AI Compete for Software Developers' Attention
Vulnerabilities, AI Compete for Software Developers' Attention
Oct 18, 2024
|
4 Min Read
byRobert Lemos, Contributing Writer
More News

Latest Commentary

Picture of Bradley Schaufenbuel
Bradley Schaufenbuel

Vice President & CISO, Paychex

Application Security
Why I'm Excited About the Future of Application Security
Oct 21, 2024
|
4 Min Read
Picture of Malleswar Reddy Yerabolu
Malleswar Reddy Yerabolu

Senior Security Engineer, North Carolina Department of Health and Human Services

Cyber Risk
Supply Chain Cybersecurity Beyond Traditional Vendor Risk Management
Oct 18, 2024
|
5 Min Read
Picture of Dan McInerney
Dan McInerney

Lead AI Threat Researcher, Protect AI

Vulnerabilities & Threats
4 Ways to Address Zero-Days in AI/ML Security
Oct 17, 2024
|
3 Min Read
Picture of Arlo Gilbert
Arlo Gilbert

Founder & CEO, Osano

Cyber Risk
Is a CPO Still a CPO? The Evolving Role of Privacy Leadership
Oct 17, 2024
|
4 Min Read
Picture of Jeff Shiner
Jeff Shiner

CEO, 1Password

Vulnerabilities & Threats
What Cybersecurity Leaders Can Learn From the Game of Golf
Oct 16, 2024
|
4 Min Read
Picture of Shaked Reiner
Shaked Reiner

Principal Security Researcher, CyberArk Labs

Vulnerabilities & Threats
LLMs Are a New Type of Insider Adversary
Oct 15, 2024
|
5 Min Read
More Commentary

Startup Alley

Read More Startup Launches
PR Logo
Сloud Security
Apono Raises $15.5M Series A Funding for AI-driven, Least Privilege Solution Set
Apono Raises $15.5M Series A Funding for AI-driven, Least Privilege Solution Set

Oct 1, 2024

Icons and fingerprints suggesting various authentication schemes on top of a laptop keyboard.
Identity & Access Management Security
Startup Finds 'Hydden' Identities in IT Environment
Startup Finds 'Hydden' Identities in IT Environment

Sep 17, 2024

A sunset scene with clouds against a blue sky
Сloud Security
Startup Spotlight: RAD Security Brings Behavioral Profiling to Cloud
Startup Spotlight: RAD Security Brings Behavioral Profiling to Cloud

Aug 6, 2024

Cyber Gangs Aren't Afraid of Prosecution

Challenges with cybercrime prosecution are making it easier for attackers to act with impunity. Law enforcement needs to catch up.

Even Orgs With SSO Are Vulnerable to Identity-Based Attacks

Use SSO, don't use SSO. Have MFA, don't have MFA. An analysis of a snapshot of organizations using Push Security's platform finds that 99% of accounts are susceptible to phishing attacks.

CISOs' Privacy Responsibilities Keep Growing

A heated regulatory landscape, uncertainty over AI use, and how it all ties back to cybersecurity means CISOs have to add privacy to their portfolios.

Cybersecurity Features In-Depth: On security strategy, latest trends, and people to know. Brought to you by Mandiant.

Go to The Edge

Security Technology: Featuring news, news analysis, and commentary on the latest technology trends.

Go to DR Technology
Time to Get Strict With DMARC

Adoption of the email authentication and policy specification remains low, and only about a tenth of DMARC-enabled domains enforce policies. Everyone is waiting for major email providers to get strict.

FHE Consortium Pushes for Quantum-Resilient Cryptography Standards

The FHE Technical Consortium for Hardware (FHETCH) brings together developers, hardware manufacturers, and cloud providers to collaborate on technical standards necessary to develop commercial fully homomorphic encryption solutions and lower adoption barriers.

Fighting Crime With Technology: Safety First

By combining human and nonhuman identity management in one solution, Flock Safety is helping law enforcement solve an impressive number of criminal cases every day.

Russia-Linked Hackers Attack Japan's Govt, Ports

Russia-linked hackers have taken aim at Japan, following its ramping up of military exercises with regional allies and the increase of its defense budget.

DPRK Uses Microsoft Zero-Day in No-Click Toast Attacks

The "Code-on-Toast" supply chain cyberattacks by APT37 delivered data-stealing malware to users in South Korea who had enabled Toast pop-up ads.

Hong Kong Crime Ring Swindles Victims Out of $46M

The scammers used real-time deepfakes in online dating video calls to convince the victims of their legitimacy.

Breaking cybersecurity news, news analysis, commentary, and other content from around the world.

Go to DR Global

Press Releases

See all
thumbnail
Cybersecurity Operations
Ex-Oracle, Google Engineers Raise $7m From Accel for Public Launch of Simplismart to Empower AI AdoptionEx-Oracle, Google Engineers Raise $7m From Accel for Public Launch of Simplismart to Empower AI Adoption
Oct 17, 2024
4 Min Read
PR Logo
Cyber Risk
Illinois Joins CoSN's Trusted Learning Environment (TLE) State Partnership Program for Student Data PrivacyIllinois Joins CoSN's Trusted Learning Environment (TLE) State Partnership Program for Student Data Privacy
Oct 17, 2024
4 Min Read
PR Logo
Cyber Risk
Swift to Launch AI-Powered Fraud Defence to Enhance Cross-Border PaymentsSwift to Launch AI-powered Fraud Defence to Enhance Cross-Border Payments
Oct 17, 2024
3 Min Read
PR Logo
Vulnerabilities & Threats
71% of Hackers Believe AI Technologies Increase the Value of Hacking71% of Hackers Believe AI Technologies Increase the Value of Hacking
Oct 16, 2024
5 Min Read