The Edge
DR Tech
Sections
Close
Back
Sections
Featured Sections
The Edge
Dark Reading Technology
Attacks / Breaches
Cloud
ICS/OT
Remote Workforce
Perimeter
Analytics
Security Monitoring
Security Monitoring
App Sec
Database Security
Database Security
Risk
Compliance
Compliance
Threat Intelligence
Endpoint
Authentication
Mobile Security
Privacy
Authentication
Mobile Security
Privacy
Vulnerabilities / Threats
Advanced Threats
Insider Threats
Vulnerability Management
Advanced Threats
Insider Threats
Vulnerability Management
Operations
Identity & Access Management
Careers & People
Identity & Access Management
Careers & People
Physical Security
IoT
Black Hat news
Omdia Research
Security Now
Events
Close
Back
Events
Events
Cybersecurity Outlook 2023 - December 13 Event
Black Hat Europe - December 5-8 - Learn More
Webinars
Cloud Security Essentials
Dec 07, 2022
Seeing Your Attack Surface Through the Eyes of an Adversary
Dec 08, 2022
Resources
Close
Back
Resources
Reports >
Slideshows >
Tech Library >
Webinars >
White Papers >
Partner Perspectives: Microsoft
Partner Perspectives: Zscaler
Subscribe
Login
/
Register
The Edge
DR Tech
Sections
Close
Back
Sections
Featured Sections
The Edge
Dark Reading Technology
Attacks / Breaches
Cloud
ICS/OT
Remote Workforce
Perimeter
Analytics
Security Monitoring
Security Monitoring
App Sec
Database Security
Database Security
Risk
Compliance
Compliance
Threat Intelligence
Endpoint
Authentication
Mobile Security
Privacy
Authentication
Mobile Security
Privacy
Vulnerabilities / Threats
Advanced Threats
Insider Threats
Vulnerability Management
Advanced Threats
Insider Threats
Vulnerability Management
Operations
Identity & Access Management
Careers & People
Identity & Access Management
Careers & People
Physical Security
IoT
Black Hat news
Omdia Research
Security Now
Events
Close
Back
Events
Events
Cybersecurity Outlook 2023 - December 13 Event
Black Hat Europe - December 5-8 - Learn More
Webinars
Cloud Security Essentials
Dec 07, 2022
Seeing Your Attack Surface Through the Eyes of an Adversary
Dec 08, 2022
Resources
Close
Back
Resources
Reports >
Slideshows >
Tech Library >
Webinars >
White Papers >
Partner Perspectives: Microsoft
Partner Perspectives: Zscaler
The Edge
DR Tech
Sections
Close
Back
Sections
Featured Sections
The Edge
Dark Reading Technology
Attacks / Breaches
Cloud
ICS/OT
Remote Workforce
Perimeter
Analytics
Security Monitoring
Security Monitoring
App Sec
Database Security
Database Security
Risk
Compliance
Compliance
Threat Intelligence
Endpoint
Authentication
Mobile Security
Privacy
Authentication
Mobile Security
Privacy
Vulnerabilities / Threats
Advanced Threats
Insider Threats
Vulnerability Management
Advanced Threats
Insider Threats
Vulnerability Management
Operations
Identity & Access Management
Careers & People
Identity & Access Management
Careers & People
Physical Security
IoT
Black Hat news
Omdia Research
Security Now
Events
Close
Back
Events
Events
Cybersecurity Outlook 2023 - December 13 Event
Black Hat Europe - December 5-8 - Learn More
Webinars
Cloud Security Essentials
Dec 07, 2022
Seeing Your Attack Surface Through the Eyes of an Adversary
Dec 08, 2022
Resources
Close
Back
Resources
Reports >
Slideshows >
Tech Library >
Webinars >
White Papers >
Partner Perspectives: Microsoft
Partner Perspectives: Zscaler
Subscribe
Login
/
Register
SEARCH
A minimum of 3 characters are required to be typed in the search bar in order to perform a search.
Announcements
Event
Cybersecurity Outlook 2023 - A Dark Reading, Black Hat, Omdia December 13 Virtual Event | <GET YOUR PASS>
Report
Black Hat USA 2022 Attendee Report | Supply Chain & Cloud Security Risks Are Top of Mind | <READ IT NOW>
Previous
Next
Application Security
Breaking news, news analysis, and expert commentary on application security, including tools & technologies.
SiriusXM, MyHyundai Car Apps Showcase Next-Gen Car Hacking
A trio of security bugs allow remote attackers to unlock or start the car, operate climate controls, pop the trunk, and more — all via poorly coded mobile apps.
December 02, 2022
A trio of security bugs allow remote attackers to unlock or start the car, operate climate controls, pop the trunk, and more — all via poorly coded mobile apps.
by Tara Seals, Managing Editor, News, Dark Reading
December 02, 2022
6 MIN READ
Article
Newsroom Sues NSO Group for Pegasus Spyware Compromise
Journalists in El Salvador haul NSO Group to US court for illegal surveillance that ultimately compromised their safety.
December 02, 2022
Journalists in El Salvador haul NSO Group to US court for illegal surveillance that ultimately compromised their safety.
by Dark Reading Staff, Dark Reading
December 02, 2022
1 MIN READ
Article
LastPass Discloses Second Breach in Three Months
The threat actor behind an August intrusion used data from that incident to access customer data stored with a third-party cloud service provider, and affiliate GoTo reports breach of development environment.
December 01, 2022
The threat actor behind an August intrusion used data from that incident to access customer data stored with a third-party cloud service provider, and affiliate GoTo reports breach of development environment.
by Jai Vijayan, Contributing Writer, Dark Reading
December 01, 2022
3 MIN READ
Article
Artifact Poisoning in GitHub Actions Imports Malware via Software Pipelines
A vulnerability discovered in GitHub Actions could allow an attacker to poison a developer's pipeline, highlighting the risk that insecure software pipelines pose.
December 01, 2022
A vulnerability discovered in GitHub Actions could allow an attacker to poison a developer's pipeline, highlighting the risk that insecure software pipelines pose.
by Robert Lemos, Contributing Writer, Dark Reading
December 01, 2022
4 MIN READ
Article
One Year After Log4Shell, Most Firms Are Still Exposed to Attack
Though there have been fewer than expected publicly reported attacks involving the vulnerability, nearly three-quarters of organizations remain exposed to it.
December 01, 2022
Though there have been fewer than expected publicly reported attacks involving the vulnerability, nearly three-quarters of organizations remain exposed to it.
by Jai Vijayan, Contributing Writer, Dark Reading
December 01, 2022
5 MIN READ
Article
CI Fuzz CLI Brings Fuzz Testing to Java Applications
CI Fuzz CLI, the open source fuzzing tool with just three commands, integrates fuzz testing directly into the software development workflow.
December 01, 2022
CI Fuzz CLI, the open source fuzzing tool with just three commands, integrates fuzz testing directly into the software development workflow.
by Dark Reading Staff, Dark Reading
December 01, 2022
2 MIN READ
Article
Nvidia GPU Driver Bugs Threaten Device Takeover & More
If unpatched, a host of GPU Display Driver flaws could expose gamers, graphic designers, and others to code execution, denial of service, data tampering, and more.
November 30, 2022
If unpatched, a host of GPU Display Driver flaws could expose gamers, graphic designers, and others to code execution, denial of service, data tampering, and more.
by Dark Reading Staff, Dark Reading
November 30, 2022
1 MIN READ
Article
Google TAG Warns on Emerging Heliconia Exploit Framework for RCE
The framework has ties back to a Spanish exploit broker called Variston IT, and offers a one-stop shop for compromising Chrome, Defender and Firefox.
November 30, 2022
The framework has ties back to a Spanish exploit broker called Variston IT, and offers a one-stop shop for compromising Chrome, Defender and Firefox.
by Tara Seals, Managing Editor, News, Dark Reading
November 30, 2022
2 MIN READ
Article
New Exploit Broker on the Scene Pays Premium for Signal App Zero-Days
Signal messaging app zero-day vulnerabilities have sparked a $1.5M bidding match, as gray-market exploit brokers flourish in today's geopolitical climate.
November 30, 2022
Signal messaging app zero-day vulnerabilities have sparked a $1.5M bidding match, as gray-market exploit brokers flourish in today's geopolitical climate.
by Ericka Chickowski, Contributing Writer, Dark Reading
November 30, 2022
3 MIN READ
Article
Critical Quarkus Flaw Threatens Cloud Developers With Easy RCE
Red Hat has issued patches for a bug in an open source Java virtual machine software that opens the door to drive-by localhost attacks. Patch now, as it's easy for cyberattackers to exploit.
November 30, 2022
Red Hat has issued patches for a bug in an open source Java virtual machine software that opens the door to drive-by localhost attacks. Patch now, as it's easy for cyberattackers to exploit.
by Elizabeth Montalbano, Contributor, Dark Reading
November 30, 2022
6 MIN READ
Article
The Metaverse Could Become a Top Avenue for Cyberattacks in 2023
Expect to see attackers expand their use of current consumer-targeting tactics while exploring new ways to target Internet users — with implications for businesses.
November 29, 2022
Expect to see attackers expand their use of current consumer-targeting tactics while exploring new ways to target Internet users — with implications for businesses.
by Jai Vijayan, Contributing Writer, Dark Reading
November 29, 2022
4 MIN READ
Article
Killnet Gloats About DDoS Attacks Downing Starlink, White House
Elon Musk-owned Starlink, WhiteHouse.gov, and the Prince of Wales were targeted by Killnet in apparent retaliation for its support of Ukraine.
November 29, 2022
Elon Musk-owned Starlink, WhiteHouse.gov, and the Prince of Wales were targeted by Killnet in apparent retaliation for its support of Ukraine.
by Becky Bracken, Editor, Dark Reading
November 29, 2022
2 MIN READ
Article
$275M Fine for Meta After Facebook Data Scrape
Meta has been found in violation of Europe's GDPR rules requiring the social media giant to protect user data by "design and default."
November 28, 2022
Meta has been found in violation of Europe's GDPR rules requiring the social media giant to protect user data by "design and default."
by Dark Reading Staff, Dark Reading
November 28, 2022
1 MIN READ
Article
Slippery RansomExx Malware Moves to Rust, Evading VirusTotal
A new, harder-to-peg version of the ransomware has been rewritten in the Rust programming language.
November 25, 2022
A new, harder-to-peg version of the ransomware has been rewritten in the Rust programming language.
by Dark Reading Staff, Dark Reading
November 25, 2022
1 MIN READ
Article
For Gaming Companies, Cybersecurity Has Become a Major Value Proposition
New users and monetization methods are increasingly profitable for gaming industry, but many companies find they have to stem growth in cheats, hacks, and other fraud to keep customers loyal.
November 25, 2022
New users and monetization methods are increasingly profitable for gaming industry, but many companies find they have to stem growth in cheats, hacks, and other fraud to keep customers loyal.
by Ericka Chickowski, Contributing Writer, Dark Reading
November 25, 2022
10 MIN READ
Article
