The Edge
DR Tech
Sections
Close
Back
Sections
Featured Sections
The Edge
Dark Reading Technology
Attacks / Breaches
Cloud
ICS/OT
Remote Workforce
Perimeter
Analytics
Security Monitoring
Security Monitoring
App Sec
Database Security
Database Security
Risk
Compliance
Compliance
Threat Intelligence
Endpoint
Authentication
Mobile Security
Privacy
Authentication
Mobile Security
Privacy
Vulnerabilities / Threats
Advanced Threats
Insider Threats
Vulnerability Management
Advanced Threats
Insider Threats
Vulnerability Management
Operations
Identity & Access Management
Careers & People
Identity & Access Management
Careers & People
Physical Security
IoT
Black Hat news
Omdia Research
Security Now
Events
Close
Back
Events
Events
Cybersecurity Outlook 2023 - December 13 Event
Black Hat Europe - December 5-8 - Learn More
Webinars
Cloud Security Essentials
Dec 07, 2022
Seeing Your Attack Surface Through the Eyes of an Adversary
Dec 08, 2022
Resources
Close
Back
Resources
Reports >
Slideshows >
Tech Library >
Webinars >
White Papers >
Partner Perspectives: Microsoft
Partner Perspectives: Zscaler
Subscribe
Login
/
Register
The Edge
DR Tech
Sections
Close
Back
Sections
Featured Sections
The Edge
Dark Reading Technology
Attacks / Breaches
Cloud
ICS/OT
Remote Workforce
Perimeter
Analytics
Security Monitoring
Security Monitoring
App Sec
Database Security
Database Security
Risk
Compliance
Compliance
Threat Intelligence
Endpoint
Authentication
Mobile Security
Privacy
Authentication
Mobile Security
Privacy
Vulnerabilities / Threats
Advanced Threats
Insider Threats
Vulnerability Management
Advanced Threats
Insider Threats
Vulnerability Management
Operations
Identity & Access Management
Careers & People
Identity & Access Management
Careers & People
Physical Security
IoT
Black Hat news
Omdia Research
Security Now
Events
Close
Back
Events
Events
Cybersecurity Outlook 2023 - December 13 Event
Black Hat Europe - December 5-8 - Learn More
Webinars
Cloud Security Essentials
Dec 07, 2022
Seeing Your Attack Surface Through the Eyes of an Adversary
Dec 08, 2022
Resources
Close
Back
Resources
Reports >
Slideshows >
Tech Library >
Webinars >
White Papers >
Partner Perspectives: Microsoft
Partner Perspectives: Zscaler
The Edge
DR Tech
Sections
Close
Back
Sections
Featured Sections
The Edge
Dark Reading Technology
Attacks / Breaches
Cloud
ICS/OT
Remote Workforce
Perimeter
Analytics
Security Monitoring
Security Monitoring
App Sec
Database Security
Database Security
Risk
Compliance
Compliance
Threat Intelligence
Endpoint
Authentication
Mobile Security
Privacy
Authentication
Mobile Security
Privacy
Vulnerabilities / Threats
Advanced Threats
Insider Threats
Vulnerability Management
Advanced Threats
Insider Threats
Vulnerability Management
Operations
Identity & Access Management
Careers & People
Identity & Access Management
Careers & People
Physical Security
IoT
Black Hat news
Omdia Research
Security Now
Events
Close
Back
Events
Events
Cybersecurity Outlook 2023 - December 13 Event
Black Hat Europe - December 5-8 - Learn More
Webinars
Cloud Security Essentials
Dec 07, 2022
Seeing Your Attack Surface Through the Eyes of an Adversary
Dec 08, 2022
Resources
Close
Back
Resources
Reports >
Slideshows >
Tech Library >
Webinars >
White Papers >
Partner Perspectives: Microsoft
Partner Perspectives: Zscaler
Subscribe
Login
/
Register
SEARCH
A minimum of 3 characters are required to be typed in the search bar in order to perform a search.
Announcements
Event
Cybersecurity Outlook 2023 - A Dark Reading, Black Hat, Omdia December 13 Virtual Event | <GET YOUR PASS>
Report
Black Hat USA 2022 Attendee Report | Supply Chain & Cloud Security Risks Are Top of Mind | <READ IT NOW>
Previous
Next
Vulnerabilities/Threats
Breaking news, news analysis, and expert commentary on cybersecurity threat intelligence, including tools & technologies.
SiriusXM, MyHyundai Car Apps Showcase Next-Gen Car Hacking
A trio of security bugs allow remote attackers to unlock or start the car, operate climate controls, pop the trunk, and more — all via poorly coded mobile apps.
December 02, 2022
A trio of security bugs allow remote attackers to unlock or start the car, operate climate controls, pop the trunk, and more — all via poorly coded mobile apps.
by Tara Seals, Managing Editor, News, Dark Reading
December 02, 2022
6 MIN READ
Article
Where Advanced Cyberttackers Are Heading Next: Disruptive Hits, New Tech
Following a year of increasingly disruptive attacks, advanced persistent threat groups will likely only become emboldened in 2023, security experts say.
December 02, 2022
Following a year of increasingly disruptive attacks, advanced persistent threat groups will likely only become emboldened in 2023, security experts say.
by Robert Lemos, Contributing Writer, Dark Reading
December 02, 2022
6 MIN READ
Article
Artifact Poisoning in GitHub Actions Imports Malware via Software Pipelines
A vulnerability discovered in GitHub Actions could allow an attacker to poison a developer's pipeline, highlighting the risk that insecure software pipelines pose.
December 01, 2022
A vulnerability discovered in GitHub Actions could allow an attacker to poison a developer's pipeline, highlighting the risk that insecure software pipelines pose.
by Robert Lemos, Contributing Writer, Dark Reading
December 01, 2022
4 MIN READ
Article
One Year After Log4Shell, Most Firms Are Still Exposed to Attack
Though there have been fewer than expected publicly reported attacks involving the vulnerability, nearly three-quarters of organizations remain exposed to it.
December 01, 2022
Though there have been fewer than expected publicly reported attacks involving the vulnerability, nearly three-quarters of organizations remain exposed to it.
by Jai Vijayan, Contributing Writer, Dark Reading
December 01, 2022
5 MIN READ
Article
IBM Cloud Supply Chain Vulnerability Showcases New Threat Class
The Hell's Keychain attack vector highlights common cloud misconfigurations and secrets exposure that can pose grave risk to enterprise customers.
December 01, 2022
The Hell's Keychain attack vector highlights common cloud misconfigurations and secrets exposure that can pose grave risk to enterprise customers.
by Elizabeth Montalbano, Contributor, Dark Reading
December 01, 2022
4 MIN READ
Article
Data Security Concerns Are Driving Changes in US Consumer Behavior and Demands
As consumers catch on to the dangers, protection could become a major topic for legislative bodies.
December 01, 2022
As consumers catch on to the dangers, protection could become a major topic for legislative bodies.
by Todd Moore, Vice President, Encryption Products, Thales
December 01, 2022
4 MIN READ
Article
Phylum Expands Its Software Supply Chain Security Capabilities, Introduces Automated Vulnerability Reachability
Know what you need to fix today and what you don’t.
December 01, 2022
Know what you need to fix today and what you don’t.
December 01, 2022
3 MIN READ
Article
Nvidia GPU Driver Bugs Threaten Device Takeover & More
If unpatched, a host of GPU Display Driver flaws could expose gamers, graphic designers, and others to code execution, denial of service, data tampering, and more.
November 30, 2022
If unpatched, a host of GPU Display Driver flaws could expose gamers, graphic designers, and others to code execution, denial of service, data tampering, and more.
by Dark Reading Staff, Dark Reading
November 30, 2022
1 MIN READ
Article
Google TAG Warns on Emerging Heliconia Exploit Framework for RCE
The framework has ties back to a Spanish exploit broker called Variston IT, and offers a one-stop shop for compromising Chrome, Defender and Firefox.
November 30, 2022
The framework has ties back to a Spanish exploit broker called Variston IT, and offers a one-stop shop for compromising Chrome, Defender and Firefox.
by Tara Seals, Managing Editor, News, Dark Reading
November 30, 2022
2 MIN READ
Article
How Banks Can Upgrade Security Without Affecting Client Service
New protective measures work behind the scenes, with little impact on the customer experience.
November 30, 2022
New protective measures work behind the scenes, with little impact on the customer experience.
by Chris Mastrangelo, Chief Compliance Officer, Grasshopper Bank
November 30, 2022
4 MIN READ
Article
New Exploit Broker on the Scene Pays Premium for Signal App Zero-Days
Signal messaging app zero-day vulnerabilities have sparked a $1.5M bidding match, as gray-market exploit brokers flourish in today's geopolitical climate.
November 30, 2022
Signal messaging app zero-day vulnerabilities have sparked a $1.5M bidding match, as gray-market exploit brokers flourish in today's geopolitical climate.
by Ericka Chickowski, Contributing Writer, Dark Reading
November 30, 2022
3 MIN READ
Article
The Evolution of Business Email Compromise
The simplicity and profitability of these attacks continue to appeal to threat actors a decade later.
November 30, 2022
The simplicity and profitability of these attacks continue to appeal to threat actors a decade later.
by Ryan Otteson, Researcher, Secureworks Counter Threat Unit (CTU)
November 30, 2022
4 MIN READ
Article
Critical Quarkus Flaw Threatens Cloud Developers With Easy RCE
Red Hat has issued patches for a bug in an open source Java virtual machine software that opens the door to drive-by localhost attacks. Patch now, as it's easy for cyberattackers to exploit.
November 30, 2022
Red Hat has issued patches for a bug in an open source Java virtual machine software that opens the door to drive-by localhost attacks. Patch now, as it's easy for cyberattackers to exploit.
by Elizabeth Montalbano, Contributor, Dark Reading
November 30, 2022
6 MIN READ
Article
Cyberattackers Selling Access to Networks Compromised via Recent Fortinet Flaw
The vulnerability, disclosed In October, gives an unauthenticated attacker a way to take control of an affected product.
November 29, 2022
The vulnerability, disclosed In October, gives an unauthenticated attacker a way to take control of an affected product.
by Jai Vijayan, Contributing Writer, Dark Reading
November 29, 2022
3 MIN READ
Article
The Metaverse Could Become a Top Avenue for Cyberattacks in 2023
Expect to see attackers expand their use of current consumer-targeting tactics while exploring new ways to target Internet users — with implications for businesses.
November 29, 2022
Expect to see attackers expand their use of current consumer-targeting tactics while exploring new ways to target Internet users — with implications for businesses.
by Jai Vijayan, Contributing Writer, Dark Reading
November 29, 2022
4 MIN READ
Article
