The Edge
DR Tech
Sections
Close
Back
Sections
Featured Sections
The Edge
Dark Reading Technology
Attacks / Breaches
Cloud
IoT
Physical Security
Perimeter
Analytics
Security Monitoring
Security Monitoring
App Sec
Database Security
Database Security
Risk
Compliance
Compliance
Threat Intelligence
Endpoint
Authentication
Mobile Security
Privacy
Authentication
Mobile Security
Privacy
Vulnerabilities / Threats
Advanced Threats
Insider Threats
Vulnerability Management
Advanced Threats
Insider Threats
Vulnerability Management
Operations
Identity & Access Management
Careers & People
Identity & Access Management
Careers & People
Remote Workforce
Black Hat news
Omdia Research
Security Now
Events
Close
Back
Events
Events
Understanding Cyber Attackers - A Dark Reading Nov 17 Event
Black Hat Europe - December 5-8 - Learn More
Webinars
Using Zero Trust to Protect Remote and Home Workers
Oct 06, 2022
Strategies for DDoS Resilience and Response
Oct 18, 2022
Resources
Close
Back
Resources
Reports >
Slideshows >
Tech Library >
Webinars >
White Papers >
Partner Perspectives: Microsoft >
Subscribe
Login
/
Register
The Edge
DR Tech
Sections
Close
Back
Sections
Featured Sections
The Edge
Dark Reading Technology
Attacks / Breaches
Cloud
IoT
Physical Security
Perimeter
Analytics
Security Monitoring
Security Monitoring
App Sec
Database Security
Database Security
Risk
Compliance
Compliance
Threat Intelligence
Endpoint
Authentication
Mobile Security
Privacy
Authentication
Mobile Security
Privacy
Vulnerabilities / Threats
Advanced Threats
Insider Threats
Vulnerability Management
Advanced Threats
Insider Threats
Vulnerability Management
Operations
Identity & Access Management
Careers & People
Identity & Access Management
Careers & People
Remote Workforce
Black Hat news
Omdia Research
Security Now
Events
Close
Back
Events
Events
Understanding Cyber Attackers - A Dark Reading Nov 17 Event
Black Hat Europe - December 5-8 - Learn More
Webinars
Using Zero Trust to Protect Remote and Home Workers
Oct 06, 2022
Strategies for DDoS Resilience and Response
Oct 18, 2022
Resources
Close
Back
Resources
Reports >
Slideshows >
Tech Library >
Webinars >
White Papers >
Partner Perspectives: Microsoft >
The Edge
DR Tech
Sections
Close
Back
Sections
Featured Sections
The Edge
Dark Reading Technology
Attacks / Breaches
Cloud
IoT
Physical Security
Perimeter
Analytics
Security Monitoring
Security Monitoring
App Sec
Database Security
Database Security
Risk
Compliance
Compliance
Threat Intelligence
Endpoint
Authentication
Mobile Security
Privacy
Authentication
Mobile Security
Privacy
Vulnerabilities / Threats
Advanced Threats
Insider Threats
Vulnerability Management
Advanced Threats
Insider Threats
Vulnerability Management
Operations
Identity & Access Management
Careers & People
Identity & Access Management
Careers & People
Remote Workforce
Black Hat news
Omdia Research
Security Now
Events
Close
Back
Events
Events
Understanding Cyber Attackers - A Dark Reading Nov 17 Event
Black Hat Europe - December 5-8 - Learn More
Webinars
Using Zero Trust to Protect Remote and Home Workers
Oct 06, 2022
Strategies for DDoS Resilience and Response
Oct 18, 2022
Resources
Close
Back
Resources
Reports >
Slideshows >
Tech Library >
Webinars >
White Papers >
Partner Perspectives: Microsoft >
Subscribe
Login
/
Register
SEARCH
A minimum of 3 characters are required to be typed in the search bar in order to perform a search.
Announcements
Event
Using Zero Trust to Protect Remote and Home Workers | Oct 6 Webinar | <REGISTER NOW>
Event
Managing Security In a Hybrid Cloud Environment | Sept 27 Webinar | <REGISTER NOW>
Event
Understanding Cyber Attackers - A Dark Reading November 17 Virtual Event | <GET YOUR PASS>
Report
Black Hat USA 2022 Attendee Report | Supply Chain & Cloud Security Risks Are Top of Mind | <READ IT NOW>
Previous
Next
Application Security
Breaking news, news analysis, and expert commentary on application security, including tools & technologies.
Google Quashes 5 High-Severity Bugs With Chrome 106 Update
External researchers contributed 16 of the 20 security updates included in the new Chrome 106 Stable Channel rollout, including five high-severity bugs.
September 28, 2022
External researchers contributed 16 of the 20 security updates included in the new Chrome 106 Stable Channel rollout, including five high-severity bugs.
by Dark Reading Staff, Dark Reading
September 28, 2022
1 MIN READ
Article
Fast Company CMS Hack Raises Security Questions
The company's website remains offline after hackers used its compromised CMS to send out racist messages.
September 28, 2022
The company's website remains offline after hackers used its compromised CMS to send out racist messages.
by Tara Seals, Managing Editor, News, Dark Reading
September 28, 2022
2 MIN READ
Article
Google Cloud DORA: Securing the Supply Chain Begins With Culture
The team's annual survey finds that the right development culture is better than technical measures when it comes to shoring up software supply chain security practices. An additional benefit: Less burnout.
September 28, 2022
The team's annual survey finds that the right development culture is better than technical measures when it comes to shoring up software supply chain security practices. An additional benefit: Less burnout.
by Robert Lemos, Contributing Writer, Dark Reading
September 28, 2022
3 MIN READ
Article
Phishing Attacks Crushed Records Last Quarter, Driven by Mobile
Shocking phishing numbers (more than 1 million in a single quarter) are being driven by vishing, smishing, and other lures that target mobile devices.
September 28, 2022
Shocking phishing numbers (more than 1 million in a single quarter) are being driven by vishing, smishing, and other lures that target mobile devices.
by Dark Reading Staff, Dark Reading
September 28, 2022
1 MIN READ
Article
Lazarus Lures Aspiring Crypto Pros With Fake Exchange Job Postings
Previously observed using fake Coinbase jobs, the North Korea-sponsored APT has expanded into using Crypo.com gigs as cover to distribute malware.
September 27, 2022
Previously observed using fake Coinbase jobs, the North Korea-sponsored APT has expanded into using Crypo.com gigs as cover to distribute malware.
by Becky Bracken, Editor, Dark Reading
September 27, 2022
1 MIN READ
Article
FBI Helping Australian Authorities Investigate Massive Optus Data Breach: Reports
Initial reports suggest a basic security error allowed the attacker to access the company's live customer database via an unauthenticated API.
September 27, 2022
Initial reports suggest a basic security error allowed the attacker to access the company's live customer database via an unauthenticated API.
by Jai Vijayan, Contributing Writer, Dark Reading
September 27, 2022
5 MIN READ
Article
Microsoft Rolls Out Passwordless Sign-on for Azure Virtual Desktop
Azure says cloud-native single sign-on with a passwordless option is most-requested new AVD feature in the product's history.
September 27, 2022
Azure says cloud-native single sign-on with a passwordless option is most-requested new AVD feature in the product's history.
by Dark Reading Staff, Dark Reading
September 27, 2022
1 MIN READ
Article
Despite Recession Jitters, M&A Dominates a Robust Cybersecurity Market
Funding has been somewhat lower than last year, but investment remains healthy, analysts say, amid thirst for cloud security in particular.
September 26, 2022
Funding has been somewhat lower than last year, but investment remains healthy, analysts say, amid thirst for cloud security in particular.
by Jai Vijayan, Contributing Writer, Dark Reading
September 26, 2022
5 MIN READ
Article
App Developers Increasingly Targeted via Slack, DevOps Tools
Slack, Docker, Kubernetes, and other applications that allow developers to collaborate have become the latest vector for software supply chain attacks.
September 23, 2022
Slack, Docker, Kubernetes, and other applications that allow developers to collaborate have become the latest vector for software supply chain attacks.
by Robert Lemos, Contributing Writer, Dark Reading
September 23, 2022
5 MIN READ
Article
Malicious Apps With Millions of Downloads Found in Apple App Store, Google Play
The ongoing ad fraud campaign can be traced back to 2019, but recently expanded into the iOS ecosystem, researchers say.
September 23, 2022
The ongoing ad fraud campaign can be traced back to 2019, but recently expanded into the iOS ecosystem, researchers say.
by Becky Bracken, Editor, Dark Reading
September 23, 2022
2 MIN READ
Article
CISA: Zoho ManageEngine RCE Bug Is Under Active Exploit
The bug allows unauthenticated code execution on the company's firewall products, and CISA says it poses "significant risk" to federal government.
September 23, 2022
The bug allows unauthenticated code execution on the company's firewall products, and CISA says it poses "significant risk" to federal government.
by Dark Reading Staff, Dark Reading
September 23, 2022
1 MIN READ
Article
Cyberattackers Compromise Microsoft Exchange Servers via Malicious OAuth Apps
Cybercriminals took control of enterprise Exchange Servers to spread large amounts of spam aimed at signing people up for bogus subscriptions.
September 23, 2022
Cybercriminals took control of enterprise Exchange Servers to spread large amounts of spam aimed at signing people up for bogus subscriptions.
by Nathan Eddy, Contributing Writer, Dark Reading
September 23, 2022
2 MIN READ
Article
CircleCI, GitHub Users Targeted in Phishing Campaign
Emails purporting to be an update to terms of service for GitHub and CircleCI instead attempt to harvest user credentials.
September 22, 2022
Emails purporting to be an update to terms of service for GitHub and CircleCI instead attempt to harvest user credentials.
by Dark Reading Staff, Dark Reading
September 22, 2022
1 MIN READ
Article
Malicious npm Package Poses as Tailwind Tool
Branded as a components library for two popular open source resources, Material Tailwind instead loads a Windows .exe that can run PowerShell scripts.
September 22, 2022
Branded as a components library for two popular open source resources, Material Tailwind instead loads a Windows .exe that can run PowerShell scripts.
by Elizabeth Montalbano, Contributor, Dark Reading
September 22, 2022
5 MIN READ
Article
StackHawk Launches Deeper API Security Test Coverage to Improve the Security of APIs
Expansion of test coverage includes custom scan discovery, custom test scripts and custom test data for REST APIs, enabling developers to leave no paths untouched.
September 22, 2022
Expansion of test coverage includes custom scan discovery, custom test scripts and custom test data for REST APIs, enabling developers to leave no paths untouched.
September 22, 2022
3 MIN READ
Article
