The Edge
DR Tech
Sections
Close
Back
Sections
Featured Sections
The Edge
Dark Reading Technology
Attacks / Breaches
Cloud
IoT
Physical Security
Perimeter
Analytics
Security Monitoring
Security Monitoring
App Sec
Database Security
Database Security
Risk
Compliance
Compliance
Threat Intelligence
Endpoint
Authentication
Mobile Security
Privacy
Authentication
Mobile Security
Privacy
Vulnerabilities / Threats
Advanced Threats
Insider Threats
Vulnerability Management
Advanced Threats
Insider Threats
Vulnerability Management
Operations
Identity & Access Management
Careers & People
Identity & Access Management
Careers & People
Remote Workforce
Black Hat news
Omdia Research
Security Now
Events
Close
Back
Events
Events
Black Hat Europe - December 5-8 - Learn More
Black Hat Middle East & Africa - November 15-17 - Learn More
Webinars
From Reactive to Proactive, Changing the Culture on API Security
Aug 24, 2022
Using Identity & Access Management to Improve Cyber Defense
Sep 13, 2022
Resources
Close
Back
Resources
Reports >
Slideshows >
Tech Library >
Webinars >
White Papers >
Subscribe
Login
/
Register
The Edge
DR Tech
Sections
Close
Back
Sections
Featured Sections
The Edge
Dark Reading Technology
Attacks / Breaches
Cloud
IoT
Physical Security
Perimeter
Analytics
Security Monitoring
Security Monitoring
App Sec
Database Security
Database Security
Risk
Compliance
Compliance
Threat Intelligence
Endpoint
Authentication
Mobile Security
Privacy
Authentication
Mobile Security
Privacy
Vulnerabilities / Threats
Advanced Threats
Insider Threats
Vulnerability Management
Advanced Threats
Insider Threats
Vulnerability Management
Operations
Identity & Access Management
Careers & People
Identity & Access Management
Careers & People
Remote Workforce
Black Hat news
Omdia Research
Security Now
Events
Close
Back
Events
Events
Black Hat Europe - December 5-8 - Learn More
Black Hat Middle East & Africa - November 15-17 - Learn More
Webinars
From Reactive to Proactive, Changing the Culture on API Security
Aug 24, 2022
Using Identity & Access Management to Improve Cyber Defense
Sep 13, 2022
Resources
Close
Back
Resources
Reports >
Slideshows >
Tech Library >
Webinars >
White Papers >
The Edge
DR Tech
Sections
Close
Back
Sections
Featured Sections
The Edge
Dark Reading Technology
Attacks / Breaches
Cloud
IoT
Physical Security
Perimeter
Analytics
Security Monitoring
Security Monitoring
App Sec
Database Security
Database Security
Risk
Compliance
Compliance
Threat Intelligence
Endpoint
Authentication
Mobile Security
Privacy
Authentication
Mobile Security
Privacy
Vulnerabilities / Threats
Advanced Threats
Insider Threats
Vulnerability Management
Advanced Threats
Insider Threats
Vulnerability Management
Operations
Identity & Access Management
Careers & People
Identity & Access Management
Careers & People
Remote Workforce
Black Hat news
Omdia Research
Security Now
Events
Close
Back
Events
Events
Black Hat Europe - December 5-8 - Learn More
Black Hat Middle East & Africa - November 15-17 - Learn More
Webinars
From Reactive to Proactive, Changing the Culture on API Security
Aug 24, 2022
Using Identity & Access Management to Improve Cyber Defense
Sep 13, 2022
Resources
Close
Back
Resources
Reports >
Slideshows >
Tech Library >
Webinars >
White Papers >
Subscribe
Login
/
Register
SEARCH
A minimum of 3 characters are required to be typed in the search bar in order to perform a search.
Announcements
Report
Black Hat USA 2022 Attendee Report | Supply Chain & Cloud Security Risks Are Top of Mind | <READ IT NOW>
Event
Malicious Bots: What Enterprises Need to Know | August 30 Webinar | <REGISTER NOW>
Event
How Supply Chain Attacks Work – And What You Can Do to Stop Them | August 17 Webinar | <REGISTER NOW>
Previous
Next
Operations
Breaking news, news analysis, and expert commentary on cybersecurity operations, and the tools & technologies for security teams.
Krebs: Taiwan, Geopolitical Headwinds Loom Large
During a keynote at Black Hat 2022, former CISA director Chris Krebs outlined the biggest risk areas for the public and private sectors for the next few years.
August 11, 2022
During a keynote at Black Hat 2022, former CISA director Chris Krebs outlined the biggest risk areas for the public and private sectors for the next few years.
by Tara Seals, Managing Editor, News, Dark Reading
August 11, 2022
8 min read
Article
Supply-Chain Security Startup Phylum Wins the First Black Hat Innovation Spotlight
Up-and-coming companies shoot their shot in a new feature introduced at the 25th annual cybersecurity conference.
August 11, 2022
Up-and-coming companies shoot their shot in a new feature introduced at the 25th annual cybersecurity conference.
by Karen Spiegelman, Features Editor
August 11, 2022
4 min read
Article
Cyber-Insurance Fail: Most Businesses Lack Ransomware Coverage
Even among businesses with cyber insurance, they lack coverage for basic costs of many cyberattacks, according to a BlackBerry survey.
August 11, 2022
Even among businesses with cyber insurance, they lack coverage for basic costs of many cyberattacks, according to a BlackBerry survey.
by Nathan Eddy, Contributing Writer, Dark Reading
August 11, 2022
4 min read
Article
New Cross-Industry Group Launches Open Cybersecurity Framework
18 companies led by Amazon and Splunk announced the OCSF framework, to provide a standard way for sharing threat detection telemetry among different monitoring tools and applications.
August 11, 2022
18 companies led by Amazon and Splunk announced the OCSF framework, to provide a standard way for sharing threat detection telemetry among different monitoring tools and applications.
by Jeffrey Schwartz, Contributing Writer
August 11, 2022
5 min read
Article
Many ZTNA, MFA Tools Offer Little Protection Against Cookie Session Hijacking Attacks
Many of the technologies and services that organizations are using to isolate Internet traffic from the internal network lack session validation mechanisms, security startup says.
August 10, 2022
Many of the technologies and services that organizations are using to isolate Internet traffic from the internal network lack session validation mechanisms, security startup says.
by Jai Vijayan, Contributing Writer, Dark Reading
August 10, 2022
4 min read
Article
Software Development Pipelines Offer Cybercriminals 'Free-Range' Access to Cloud, On-Prem
A Q&A with NCC Group's Viktor Gazdag ahead of a Black Hat USA session on CI/CD pipeline risks reveals a scary, and expanding, campaign vector for software supply chain attacks and RCE.
August 09, 2022
A Q&A with NCC Group's Viktor Gazdag ahead of a Black Hat USA session on CI/CD pipeline risks reveals a scary, and expanding, campaign vector for software supply chain attacks and RCE.
by Tara Seals, Managing Editor, News, Dark Reading
August 09, 2022
8 min read
Article
Researchers Debut Fresh RCE Vector for Common Google API Tool
The finding exposes the danger of older, unpatched bugs, which plague at least 4.5 million devices.
August 09, 2022
The finding exposes the danger of older, unpatched bugs, which plague at least 4.5 million devices.
by Nathan Eddy, Contributing Writer, Dark Reading
August 09, 2022
6 min read
Article
Abusing Kerberos for Local Privilege Escalation
Upcoming Black Hat USA presentation will examine the implications of Kerberos weaknesses for security on the local machine.
August 09, 2022
Upcoming Black Hat USA presentation will examine the implications of Kerberos weaknesses for security on the local machine.
by Ericka Chickowski, Contributing Writer, Dark Reading
August 09, 2022
3 min read
Article
HYAS Infosec Announces General Availability of Cybersecurity Solution for Production Environments
HYAS Confront provides total visibility into your production environment, giving you insight into potential issues like cyber threats before they become problems.
August 08, 2022
HYAS Confront provides total visibility into your production environment, giving you insight into potential issues like cyber threats before they become problems.
August 08, 2022
4 min read
Article
Genesis IAB Market Brings Polish to the Dark Web
As the market for initial access brokers matures, services like Genesis — which offers elite access to compromised systems and slick, professional services — are raising the bar in the underground economy.
August 05, 2022
As the market for initial access brokers matures, services like Genesis — which offers elite access to compromised systems and slick, professional services — are raising the bar in the underground economy.
by Nathan Eddy, Contributing Writer, Dark Reading
August 05, 2022
4 min read
Article
Stolen Data Gives Attackers Advantage Against Text-Based 2FA
With names, email addresses, and mobile numbers from underground databases, one person in five is at risk of account compromise even with SMS two-factor authentication in place.
August 05, 2022
With names, email addresses, and mobile numbers from underground databases, one person in five is at risk of account compromise even with SMS two-factor authentication in place.
by Robert Lemos, Contributing Writer, Dark Reading
August 05, 2022
4 min read
Article
Cyberattackers Increasingly Target Cloud IAM as a Weak Link
At Black Hat USA, Igal Gofman plans to address how machine identities in the cloud and the explosion of SaaS apps are creating risks for IAM, amid escalating attention from attackers.
August 04, 2022
At Black Hat USA, Igal Gofman plans to address how machine identities in the cloud and the explosion of SaaS apps are creating risks for IAM, amid escalating attention from attackers.
by Tara Seals, Managing Editor, News, Dark Reading
August 04, 2022
4 min read
Article
How IT Teams Can Use 'Harm Reduction' for Better Cybersecurity Outcomes
Copado's Kyle Tobener will discuss a three-pronged plan at Black Hat USA for addressing human weaknesses in cybersecurity with this medical concept — from phishing to shadow IT.
August 03, 2022
Copado's Kyle Tobener will discuss a three-pronged plan at Black Hat USA for addressing human weaknesses in cybersecurity with this medical concept — from phishing to shadow IT.
by Tara Seals, Managing Editor, News, Dark Reading
August 03, 2022
6 min read
Article
Critical RCE Bug in DrayTek Routers Opens SMBs to Zero-Click Attacks
SMBs should patch CVE-2022-32548 now to avoid a host of horrors, including complete network compromise, ransomware, state-sponsored attacks, and more.
August 03, 2022
SMBs should patch CVE-2022-32548 now to avoid a host of horrors, including complete network compromise, ransomware, state-sponsored attacks, and more.
by Tara Seals, Managing Editor, News, Dark Reading
August 03, 2022
6 min read
Article
Cyberattackers Drain Nearly $6M From Solana Crypto Wallets
So far, the ongoing attack has impacted nearly 8,000 Solana hot wallets.
August 03, 2022
So far, the ongoing attack has impacted nearly 8,000 Solana hot wallets.
by Dark Reading Staff, Dark Reading
August 03, 2022
1 min read
Article