informa
/
Announcements
Report
Black Hat USA 2022 Attendee Report | Supply Chain & Cloud Security Risks Are Top of Mind | <READ IT NOW>
Event
Malicious Bots: What Enterprises Need to Know | August 30 Webinar | <REGISTER NOW>
Event
How Supply Chain Attacks Work – And What You Can Do to Stop Them | August 17 Webinar | <REGISTER NOW>
PreviousNext

Authentication

Breaking news, news analysis, and expert commentary on endpoint security, including tools & technologies.

Genesis IAB Market Brings Polish to the Dark Web
As the market for initial access brokers matures, services like Genesis — which offers elite access to compromised systems and slick, professional services — are raising the bar in the underground economy.
August 05, 2022
As the market for initial access brokers matures, services like Genesis — which offers elite access to compromised systems and slick, professional services — are raising the bar in the underground economy.
by Nathan Eddy, Contributing Writer, Dark Reading
August 05, 2022
4 min read
Article
Fresh RapperBot Malware Variant Brute-Forces Its Way Into SSH Servers
Over the past few weeks, a Mirai variant appears to have made a pivot from infecting new servers to maintaining remote access.
August 05, 2022
Over the past few weeks, a Mirai variant appears to have made a pivot from infecting new servers to maintaining remote access.
by Dark Reading Staff, Dark Reading
August 05, 2022
1 min read
Article
Critical RCE Bug in DrayTek Routers Opens SMBs to Zero-Click Attacks
SMBs should patch CVE-2022-32548 now to avoid a host of horrors, including complete network compromise, ransomware, state-sponsored attacks, and more.
August 03, 2022
SMBs should patch CVE-2022-32548 now to avoid a host of horrors, including complete network compromise, ransomware, state-sponsored attacks, and more.
by Tara Seals, Managing Editor, News, Dark Reading
August 03, 2022
6 min read
Article
American Express, Snapchat Open-Redirect Vulnerabilities Exploited in Phishing Scheme
Phishing operators are taking advantage of security bugs in the Amex and Snapchat websites (the latter is unpatched) to steer victims to phishing pages looking to harvest Google and Microsoft logins.
August 03, 2022
Phishing operators are taking advantage of security bugs in the Amex and Snapchat websites (the latter is unpatched) to steer victims to phishing pages looking to harvest Google and Microsoft logins.
by Nathan Eddy, Contributing Writer, Dark Reading
August 03, 2022
3 min read
Article
Patch Now: Atlassian Confluence Bug Under Active Exploit
Attackers almost immediately leapt on a just-disclosed bug, CVE-2022-26138, affecting Atlassian Confluence, which allows remote, unauthenticated actors unfettered access to Confluence data.
July 28, 2022
Attackers almost immediately leapt on a just-disclosed bug, CVE-2022-26138, affecting Atlassian Confluence, which allows remote, unauthenticated actors unfettered access to Confluence data.
by Tara Seals, Managing Editor, News, Dark Reading
July 28, 2022
2 min read
Article
Critical Filewave MDM Vulnerabilities Allow Attackers Full Mobile Device Control
Two previously unknown critical vulnerabilities within FileWave’s multiplatform MDM system could grant malicious actors access to the platform's most privileged user account.
July 25, 2022
Two previously unknown critical vulnerabilities within FileWave’s multiplatform MDM system could grant malicious actors access to the platform's most privileged user account.
by Nathan Eddy, Contributing Writer, Dark Reading
July 25, 2022
3 min read
Article
Phishing Bonanza: Social-Engineering Savvy Skyrockets as Malicious Actors Cash In
The ever-evolving threat from phishing is growing more sophisticated as attackers design high-pressure situations and leverage ever-more-convincing social engineering tactics to increase their success rates.
July 22, 2022
The ever-evolving threat from phishing is growing more sophisticated as attackers design high-pressure situations and leverage ever-more-convincing social engineering tactics to increase their success rates.
by Nathan Eddy, Contributing Writer, Dark Reading
July 22, 2022
6 min read
Article
Google Becomes First Cloud Operator to Join Healthcare ISAC
Google Cloud pledges experts and other resources to Health Information Sharing and Analysis Center, a community of healthcare infrastructure operators and owners.
July 21, 2022
Google Cloud pledges experts and other resources to Health Information Sharing and Analysis Center, a community of healthcare infrastructure operators and owners.
by Dark Reading Staff, Dark Reading
July 21, 2022
1 min read
Article
Lax Security Fuels Massive 8220 Gang Botnet Army Surge
The threat group 8220 Gang's cryptocurrency miner and botnet reach has exploded to 30,000 global hosts, a notable increase over the past month, researchers say.
July 20, 2022
The threat group 8220 Gang's cryptocurrency miner and botnet reach has exploded to 30,000 global hosts, a notable increase over the past month, researchers say.
by Dark Reading Staff, Dark Reading
July 20, 2022
1 min read
Article
How Confidential Computing Locks Down Data, Regardless of Its State
Whether data's in motion, at rest, or in use, confidential computing makes moving workloads to the public cloud safer, and can enhance data security in other deployments.
July 12, 2022
Whether data's in motion, at rest, or in use, confidential computing makes moving workloads to the public cloud safer, and can enhance data security in other deployments.
by Ijlal Loutfi, Product Manager, Ubuntu Security
July 12, 2022
4 min read
Article
New Phishing Attacks Shame, Scare Victims into Surrendering Twitter, Discord Credentials
Scams pressure victims to "resolve an issue that could impact their status, business."
July 11, 2022
Scams pressure victims to "resolve an issue that could impact their status, business."
by Nathan Eddy, Contributing Writer, Dark Reading
July 11, 2022
6 min read
Article
Identity Access Management Is Set for Exploding Growth, Big Changes — Report
New research says IAM spending will grow on the back of affordable subscription services, spurred by cloud and mobile adoption, IoT, and continued remote working.
July 06, 2022
New research says IAM spending will grow on the back of affordable subscription services, spurred by cloud and mobile adoption, IoT, and continued remote working.
by Ericka Chickowski, Contributing Writer, Dark Reading
July 06, 2022
4 min read
Article
ICYMI: A Microsoft Warning, Follina, Atlassian, and More
Dark Reading's digest of the other don't-miss stories of the week, including YouTube account takeovers and a sad commentary on cyber-pro hopelessness.
July 01, 2022
Dark Reading's digest of the other don't-miss stories of the week, including YouTube account takeovers and a sad commentary on cyber-pro hopelessness.
by Tara Seals, Managing Editor, News, Dark Reading
July 01, 2022
6 min read
Article
DragonForce Malaysia Releases LPE Exploit, Threatens Ransomware
The hacktivist group is ramping up its activities and ready to assault governments and businesses with escalating capabilities.
July 01, 2022
The hacktivist group is ramping up its activities and ready to assault governments and businesses with escalating capabilities.
by Nathan Eddy, Contributing Writer, Dark Reading
July 01, 2022
6 min read
Article
Microsoft Going Big on Identity with the Launch of Entra
With more staff working remotely, identity, authentication, and access (IAA) has never been more important. Microsoft has a new response.
July 01, 2022
With more staff working remotely, identity, authentication, and access (IAA) has never been more important. Microsoft has a new response.
by Don Tait, Senior Analyst, Omdia
July 01, 2022
7 min read
Article