The Edge
DR Tech
Sections
Close
Back
Sections
Featured Sections
The Edge
Dark Reading Technology
Attacks / Breaches
Cloud
ICS/OT
Remote Workforce
Perimeter
Analytics
Security Monitoring
Security Monitoring
App Sec
Database Security
Database Security
Risk
Compliance
Compliance
Threat Intelligence
Endpoint
Authentication
Mobile Security
Privacy
Authentication
Mobile Security
Privacy
Vulnerabilities / Threats
Advanced Threats
Insider Threats
Vulnerability Management
Advanced Threats
Insider Threats
Vulnerability Management
Operations
Identity & Access Management
Careers & People
Identity & Access Management
Careers & People
Physical Security
IoT
Black Hat news
Omdia Research
Security Now
Events
Close
Back
Events
Events
Emerging Cybersecurity Technologies - A Dark Reading Mar 23 Event
Black Hat USA - August 5-10 - Learn More
Webinars
A Roadmap to Zero Trust: Steps for Meaningful Progress Amongst the Hype
Feb 01, 2023
Every DDoS Resilience and Response Playbook Should Include These Things
Feb 02, 2023
Resources
Close
Back
Resources
Reports >
Slideshows >
Tech Library >
Webinars >
White Papers >
Partner Perspectives: Microsoft
Partner Perspectives: Zscaler
Newsletter
The Edge
DR Tech
Sections
Close
Back
Sections
Featured Sections
The Edge
Dark Reading Technology
Attacks / Breaches
Cloud
ICS/OT
Remote Workforce
Perimeter
Analytics
Security Monitoring
Security Monitoring
App Sec
Database Security
Database Security
Risk
Compliance
Compliance
Threat Intelligence
Endpoint
Authentication
Mobile Security
Privacy
Authentication
Mobile Security
Privacy
Vulnerabilities / Threats
Advanced Threats
Insider Threats
Vulnerability Management
Advanced Threats
Insider Threats
Vulnerability Management
Operations
Identity & Access Management
Careers & People
Identity & Access Management
Careers & People
Physical Security
IoT
Black Hat news
Omdia Research
Security Now
Events
Close
Back
Events
Events
Emerging Cybersecurity Technologies - A Dark Reading Mar 23 Event
Black Hat USA - August 5-10 - Learn More
Webinars
A Roadmap to Zero Trust: Steps for Meaningful Progress Amongst the Hype
Feb 01, 2023
Every DDoS Resilience and Response Playbook Should Include These Things
Feb 02, 2023
Resources
Close
Back
Resources
Reports >
Slideshows >
Tech Library >
Webinars >
White Papers >
Partner Perspectives: Microsoft
Partner Perspectives: Zscaler
The Edge
DR Tech
Sections
Close
Back
Sections
Featured Sections
The Edge
Dark Reading Technology
Attacks / Breaches
Cloud
ICS/OT
Remote Workforce
Perimeter
Analytics
Security Monitoring
Security Monitoring
App Sec
Database Security
Database Security
Risk
Compliance
Compliance
Threat Intelligence
Endpoint
Authentication
Mobile Security
Privacy
Authentication
Mobile Security
Privacy
Vulnerabilities / Threats
Advanced Threats
Insider Threats
Vulnerability Management
Advanced Threats
Insider Threats
Vulnerability Management
Operations
Identity & Access Management
Careers & People
Identity & Access Management
Careers & People
Physical Security
IoT
Black Hat news
Omdia Research
Security Now
Events
Close
Back
Events
Events
Emerging Cybersecurity Technologies - A Dark Reading Mar 23 Event
Black Hat USA - August 5-10 - Learn More
Webinars
A Roadmap to Zero Trust: Steps for Meaningful Progress Amongst the Hype
Feb 01, 2023
Every DDoS Resilience and Response Playbook Should Include These Things
Feb 02, 2023
Resources
Close
Back
Resources
Reports >
Slideshows >
Tech Library >
Webinars >
White Papers >
Partner Perspectives: Microsoft
Partner Perspectives: Zscaler
Newsletter
SEARCH
A minimum of 3 characters are required to be typed in the search bar in order to perform a search.
Announcements
Event
Emerging Cybersecurity Technologies: What You Need to Know - A Dark Reading March 23 Virtual Event | <GET YOUR PASS>
Report
Black Hat USA 2022 Attendee Report | Supply Chain & Cloud Security Risks Are Top of Mind | <READ IT NOW>
Previous
Next
Database Security
Breaking news, news analysis, and expert commentary on application security, including tools & technologies.
Zacks Investment Research Hack Exposes Data for 820K Customers
Zacks Elite sign-ups for the period 1999–2005 were accessed, including name, address, email address, phone number, and the password associated with Zacks.com.
January 25, 2023
Zacks Elite sign-ups for the period 1999–2005 were accessed, including name, address, email address, phone number, and the password associated with Zacks.com.
by Dark Reading Staff, Dark Reading
January 25, 2023
1 MIN READ
Article
Vulnerable Historian Servers Imperil OT Networks
These specialized database servers, which collect and archive information on device operation, often connect IT and OT networks.
January 18, 2023
These specialized database servers, which collect and archive information on device operation, often connect IT and OT networks.
by Robert Lemos, Contributing Writer, Dark Reading
January 18, 2023
4 MIN READ
Article
Quantum Decryption Breakthrough? Not So Fast
A paper by two dozen Chinese researchers maintains that near-future quantum computers could crack RSA-2048 encryption, but experts call the claims misleading.
January 10, 2023
A paper by two dozen Chinese researchers maintains that near-future quantum computers could crack RSA-2048 encryption, but experts call the claims misleading.
by Robert Lemos, Contributing Writer, Dark Reading
January 10, 2023
4 MIN READ
Article
Five Guys Data Breach Puts HR Data Under a Heat Lamp
Job applicants could face a raft of follow-on attacks after cyber intruders accessed their data in an opportunistic attack.
January 04, 2023
Job applicants could face a raft of follow-on attacks after cyber intruders accessed their data in an opportunistic attack.
by Tara Seals, Managing Editor, News, Dark Reading
January 04, 2023
6 MIN READ
Article
Popular WAFs Subverted by JSON Bypass
Web application firewalls from AWS, Cloudflare, F5, Imperva, and Palo Alto Networks are vulnerable to a database attack using the popular JavaScript Object Notation (JSON) format.
December 12, 2022
Web application firewalls from AWS, Cloudflare, F5, Imperva, and Palo Alto Networks are vulnerable to a database attack using the popular JavaScript Object Notation (JSON) format.
by Robert Lemos, Contributing Writer, Dark Reading
December 12, 2022
3 MIN READ
Article
Zero-Trust Initiatives Stall, as Cyberattack Costs Rocket to $1M per Incident
Researchers find current data protections strategies are failing to get the job done, and IT leaders are concerned, while a lack of qualified IT security talent hampers cyber-defense initiatives.
November 17, 2022
Researchers find current data protections strategies are failing to get the job done, and IT leaders are concerned, while a lack of qualified IT security talent hampers cyber-defense initiatives.
by Nathan Eddy, Contributing Writer, Dark Reading
November 17, 2022
6 MIN READ
Article
Thousands of Amazon RDS Snapshots Are Leaking Corporate PII
A service that allows organizations to back up data in the cloud can accidentally leak sensitive data to the public Internet, paving the way for abuse by threat actors.
November 16, 2022
A service that allows organizations to back up data in the cloud can accidentally leak sensitive data to the public Internet, paving the way for abuse by threat actors.
by Elizabeth Montalbano, Contributor, Dark Reading
November 16, 2022
5 MIN READ
Article
Nasty SQL Injection Bug in Zendesk Endangers Sensitive Customer Data
The API-related vulnerabilities put conversations, email addresses, tickets, and more in danger of exposure via the Zendesk Explore reporting service.
November 15, 2022
The API-related vulnerabilities put conversations, email addresses, tickets, and more in danger of exposure via the Zendesk Explore reporting service.
by Elizabeth Montalbano, Contributor, Dark Reading
November 15, 2022
5 MIN READ
Article
Amazon, Microsoft Cloud Leaks Highlight Lingering Misconfiguration Issues
Cloud storage databases, often deployed as "rogue servers" without the blessing of the IT department, continue to put companies and their sensitive data at risk.
November 10, 2022
Cloud storage databases, often deployed as "rogue servers" without the blessing of the IT department, continue to put companies and their sensitive data at risk.
by Robert Lemos, Contributing Writer, Dark Reading
November 10, 2022
4 MIN READ
Article
FTC Gives Chegg an 'F' for Careless Cybersecurity Impacting 40M Students
Ed-tech company Chegg is ordered by FTC to secure its systems after repeated breaches that exposed tens of millions of users' personal data.
November 01, 2022
Ed-tech company Chegg is ordered by FTC to secure its systems after repeated breaches that exposed tens of millions of users' personal data.
by Dark Reading Staff, Dark Reading
November 01, 2022
1 MIN READ
Article
Hacker Pwns Uber Via Compromised VPN Account
A teen hacker reportedly social-engineered an Uber employee to hand over an MFA code to unlock the corporate VPN, before burrowing deep into Uber's cloud and code repositories.
September 16, 2022
A teen hacker reportedly social-engineered an Uber employee to hand over an MFA code to unlock the corporate VPN, before burrowing deep into Uber's cloud and code repositories.
by Tara Seals, Managing Editor, News, Dark Reading
September 16, 2022
4 MIN READ
Article
Meta to Appeal $400M GDPR Fine for Mishandling Teen Data in Instagram
Instagram and Facebook parent company Meta was slapped with the fine for exposing the personal data of minors.
September 08, 2022
Instagram and Facebook parent company Meta was slapped with the fine for exposing the personal data of minors.
by Dark Reading Staff, Dark Reading
September 08, 2022
1 MIN READ
Article
AWS Tokens Lurking in Android, iOS Apps Crack Open Corporate Cloud Data
Thousands of corporate mobile apps developed by businesses for use by their customers contain hardcoded AWS tokens that can be easily extracted and used to access the full run of corporate data stored in cloud buckets.
September 02, 2022
Thousands of corporate mobile apps developed by businesses for use by their customers contain hardcoded AWS tokens that can be easily extracted and used to access the full run of corporate data stored in cloud buckets.
by Tara Seals, Managing Editor, News, Dark Reading
September 02, 2022
4 MIN READ
Article
'No-Party' Data Architectures Promise More Control, Better Security
Consumers gain control of their data while companies build better relationships with their customers — but third-party ad-tech firms will likely continue to stand in the way.
August 26, 2022
Consumers gain control of their data while companies build better relationships with their customers — but third-party ad-tech firms will likely continue to stand in the way.
by Robert Lemos, Contributing Writer, Dark Reading
August 26, 2022
6 MIN READ
Article
VMware LPE Bug Allows Cyberattackers to Feast on Virtual Machine Data
An insider threat or remote attacker with initial access could exploit CVE-2022-31676 to steal sensitive data and scoop up user credentials for follow-on attacks.
August 24, 2022
An insider threat or remote attacker with initial access could exploit CVE-2022-31676 to steal sensitive data and scoop up user credentials for follow-on attacks.
by Tara Seals, Managing Editor, News, Dark Reading
August 24, 2022
2 MIN READ
Article