Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
7 Hot Cyber Threat Trends to Expect at Black Hat
A sneak peek of some of the main themes at Black Hat USA next month.
Researchers Create New Approach to Detect Brand Impersonation
A team of Microsoft researchers developed and trained a Siamese Neural Network to detect brand impersonation attacks.
New Framework Aims to Describe & Address Complex Social Engineering Attacks
As attackers use more synthetic media in social engineering campaigns, a new framework is built to describe threats and provide countermeasures.
Microsoft Releases Emergency Patch for 'PrintNightmare' Vuln
It urges organizations to immediately apply security update, citing exploit activity.
Researchers Learn From Nation-State Attackers' OpSec Mistakes
Security researchers discuss how a series of simple and consistent mistakes helped them learn more about ITG18, better known as Charming Kitten.
Microsoft Issues New CVE for 'PrintNightmare' Flaw
Company says remote code execution issue in all Windows versions is different from one in Windows Print Spooler that it had patched last month, though both affect same function.
Attackers Already Unleashing Malware for Apple macOS M1 Chip
Apple security expert Patrick Wardle found that some macOS malware written for the new M1 processor can bypass anti-malware tools.
The Danger of Action Bias: Is It Always Better to Act Quickly?
Experts discuss the meaning of action bias and how it presents a threat to IT security leaders, practitioners, and users.
New DNS Name Server Hijack Attack Exposes Businesses, Government Agencies
Researchers found a "novel" class of DNS vulnerabilities in AWS Route53 and other DNS-as-a-service offerings that leak sensitive information on corporate and government customers, with one simple registration step.
Survey Seeks to Learn How 2020 Changed Security
Respondents to a new Dark Reading/Omdia survey will be entered into a drawing for a Black Hat Black Card.
New Techniques Emerge for Abusing Windows Services to Gain System Control
Organizations should apply principles of least privilege to mitigate threats, security researcher says.
Researchers Explore Active Directory Attack Vectors
Incident responders who investigate attacks targeting Active Directory discuss methods used to gain entry, elevate privileges, and control target systems.
Dark Reading Celebrates 15th Anniversary
Cybersecurity news site begins 16th year with plans to improve site, deliver more content on cyber threats and best practices.
Researchers Connect Complex Specs to Software Vulnerabilities
Following their release of 70 different vulnerabilities in different implementations of TCP/IP stacks over the past year, two companies find a common link.
Do Cyberattacks Affect Stock Prices? It Depends on the Breach
A security researcher explores how data breaches, ransomware attacks, and other types of cybercrime influence stock prices.
10 Free Security Tools at Black Hat Asia 2021
Researchers are set to demonstrate a plethora of tools for conducting pen tests, vulnerability assessments, data forensics, and a wide range of other use cases.
Security Gaps in IoT Access Control Threaten Devices and Users
Researchers spot problems in how IoT vendors delegate device access across multiple clouds and users.
Cartoon Caption Winner: Insider Threat
And the winner of Dark Reading's January cartoon caption contest is ...
DoJ's Microsoft 365 Email Accounts Compromised in SolarWinds Attacks
Three percent of email accounts were breached, the Department of Justice reports.
'Fingerprint-Jacking' Attack Technique Manipulates Android UI
Researchers explore fingerprint-jacking, a user interface-based attack that targets fingerprints scanned into Android apps.
Black Hat Europe: Dark Reading Video News Desk Coverage
Coming to you from virtual backgrounds and beautifully curated bookcases around the world, Dark Reading brings you video interviews with the leading researchers speaking at this week's Black Hat Europe.
Researcher Developed New Kernel-Level Exploits for Old Vulns in Windows
Problem has to do with a print driver component found in all versions of Windows going back to Windows 7, security researcher from Singular Security Lab says at Black Hat Europe 2020.
Security Incidents Are 'Tip of the Iceberg,' Says UK Security Official
Pete Cooper, deputy director of cyber defense for the UK Cabinet Office, emphasized the importance of security fundamentals, collaboration, and diversity in his Black Hat Europe keynote talk.
Researchers Bypass Next-Generation Endpoint Protection
Machine learning-based products can be tricked to classify malware as a legitimate file, new findings show.
Inside North Korea's Rapid Evolution to Cyber Superpower
Researchers examine North Korea's rapid evolution from destructive campaigns to complex and efficient cyber operations.
Do You Know Who's Lurking in Your Cloud Environment?
A security researcher explains the dangers of poor visibility in the cloud and a new strategy to evaluate IAM exposure in Google Cloud Platform.
Alexa, Disarm the Victim's Home Security System
Researchers who last year hacked popular voice assistants with laser pointers take their work to the next level.
Ransomware Grows Easier to Spread, Harder to Block
Researchers illustrate the evolution toward more complete and effective ransomware attacks designed to cripple target organizations.
Evidence-Based Trust Gets Black Hat Europe Spotlight
An FPGA-based system could change the balance of power between hardware attackers and defenders within IT security.
7 Cool Cyberattack and Audit Tools to be Highlighted at Black Hat Europe
Platforms, open source tools, and other toolkits for penetration testers and other security practitioners will be showcased at this week's virtual event.
Android Camera Bug Under the Microscope
Critical Android vulnerability CVE-2019-2234 could enable attackers to take control of a victim's camera and take photos, record videos, and learn location.
Researchers Adapt AI With Aim to Identify Anonymous Authors
At Black Hat Asia, artificial intelligence and cybersecurity researchers use neural networks to attempt to identify authors, but accuracy is still wanting.
Singapore Asks Big Cybersecurity Questions to Improve National Defense
An executive from Singapore's Cyber Security Agency examines the role of security in a nation increasingly dependent on technology.
Black Hat USA 2020 Musings: Weird and Wonderful Virtual Events are Here to Stay
Black Hat USA 2020 was nothing like an in-person event, but it was incredibly useful for all involved, providing even the most grizzled industry veterans with fresh perspectives.
Black Hat USA 2020 Recap: Experts Discuss Election Security Questions, but Offer Few Answers
The U.S. election in November is once again expected to be a target of digital adversaries. Experts at Black Hat USA 2020 highlighted the many election security questions authorities must address.
The Race to Hack a Satellite at DEF CON
Eight teams competed to win cash, bragging rights, and the chance to control a satellite in space.
Boeing's DEF CON Debut a Sign of the Times
In the wake of a stalemate between the airplane manufacturer and a security researcher over vulns found in its 787 aircraft's network, Boeing says it's ready to "embrace" the hacker community.
Black Hat USA 2020 Shines Spotlight on the Mental Challenges of Cybersecurity
Infosec practitioners face a variety of mental struggles in areas such as awareness training, problem solving, or general mental health. Several sessions at Black Hat USA 2020 highlighted these challenges and how to overcome them.
Kr00k, KRACK, and the Seams in Wi-Fi, IoT Encryption
Black Hat talk expands on research that uncovered more weaknesses in Wi-Fi chips allowing for the unauthorized decryption of traffic.
Researchers Trick Facial-Recognition Systems
Goal was to see if computer-generated images that look like one person would get classified as another person.
Is Edtech the Greatest APT?
Educational technology is critical but can come at huge costs to student and teacher privacy and security. Are those costs too high?
Digital Clones Could Cause Problems for Identity Systems
Three fundamental technologies -- chatbots, audio fakes, and deepfake videos -- have improved to the point that creating digital, real-time clones of people is merely a matter of integrating the systems.
Researcher Finds New Office Macro Attacks for MacOS
Building successful macro attacks means getting past several layers of security, but a Black Hat speaker found a way through.
Getting to the Root: How Researchers Identify Zero-Days in the Wild
Google Project Zero researcher Maddie Stone explains the importance of identifying flaws exploited in the wild and techniques used to do it.
Researchers Create New Framework to Evaluate User Security Awareness
Approaches based on questionnaires and self-evaluation are not always a good indicator of how well a user can mitigate social engineering threats.
A Mix of Optimism and Pessimism for Security of the 2020 Election
DHS CISA's Christopher Krebs and Georgetown University's Matt Blaze at Black Hat USA give the lowdown on where things stand and what still needs to happen to protect the integrity of November's election.
Dark Reading Video News Desk Returns to Black Hat
UPDATED: Coming to you prerecorded from in front of carefully arranged bookcases around the world ...!
Where Dark Reading Goes Next
Dark Reading Editor-in-Chief gives a complete rundown of all the Dark Reading projects you might not even know about, his insight into the future of the security industry, and how we plan to cover it.
On 'Invisible Salamanders' and Insecure Messages
Cornell researcher Paul Grubbs discusses how vulnerabilities found in Facebook Messenger encryption could mean trouble for your secure messages.
Exploiting Google Cloud Platform With Ease
Security engineer Dylan Ayrey and Cruise senior infrastructure security engineer Allison Donovan describe fundamental weaknesses in GCP identity management that enable privilege escalation and lateral movement.
|
The State of Cybersecurity Incident ResponseIn this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Tweet This
0 Comments
