informa
/

Vulnerabilities/Threats

HTTP/2 Implementation Errors Exposing Websites to Serious Risks
Organizations that don't implement end-to-end HTTP/2 are vulnerable to attacks that redirect users to malicious sites an...
August 06, 2021
Organizations that don't implement end-to-end HTTP/2 are vulnerable to attacks that redirect users to malicious sites an...
by Jai Vijayan, Contributing Writer
August 06, 2021
4 min read
Article
CISA Launches JCDC, the Joint Cyber Defense Collaborative
"We can't do this alone," the new CISA director told attendees in a keynote at Black Hat USA today.
August 05, 2021
"We can't do this alone," the new CISA director told attendees in a keynote at Black Hat USA today.
by Kelly Jackson Higgins, Executive Editor
August 05, 2021
5 min read
Article
Incident Responders Explore Microsoft 365 Attacks in the Wild
Mandiant experts discuss the novel techniques used to evade detection, automate data theft, and achieve persistent acces...
August 05, 2021
Mandiant experts discuss the novel techniques used to evade detection, automate data theft, and achieve persistent acces...
by Kelly Sheridan, Senior Editor
August 05, 2021
5 min read
Article
Prophet Spider Exploits WebLogic CVEs to Enable Ransomware Attacks
The group target unpatched Oracle WebLogic servers to gain access that they later hand off to third parties who deploy r...
August 05, 2021
The group target unpatched Oracle WebLogic servers to gain access that they later hand off to third parties who deploy r...
by Dark Reading Staff, Dark Reading
August 05, 2021
2 min read
Article
Top 5 Techniques Attackers Use to Bypass MFA
Like other protective measures, multifactor authentication isn't failsafe or foolproof.
August 05, 2021
Like other protective measures, multifactor authentication isn't failsafe or foolproof.
by Hitesh Sheth, CEO, Vectra
August 05, 2021
4 min read
Article
VC Firm Advanced Technology Ventures Hit with Ransomware
The venture capital firm believes the attack affected personal data belonging to individual investors in ATV funds.
August 05, 2021
The venture capital firm believes the attack affected personal data belonging to individual investors in ATV funds.
by Dark Reading Staff, Dark Reading
August 05, 2021
2 min read
Article
Researchers Find Significant Vulnerabilities in macOS Privacy Protections
Attacks require executing code on a system but foil Apple's approach to protecting private data and systems files.
August 05, 2021
Attacks require executing code on a system but foil Apple's approach to protecting private data and systems files.
by Robert Lemos, Contributing Writer
August 05, 2021
4 min read
Article
4 Common Challenges of 'Shift Left' Security
Involving security in the earliest stages of software development helps prevent defects, but it's not without problems.
August 05, 2021
Involving security in the earliest stages of software development helps prevent defects, but it's not without problems.
by Tzury Bar Yochay, Co-founder and CTO of Reblaze and co-creator of Curiefense
August 05, 2021
3 min read
Article
Why Supply Chain Attacks Are Destined to Escalate
In his keynote address at Black Hat USA on Wednesday, Matt Tait, chief operating officer at Corellium, called for softwa...
August 05, 2021
In his keynote address at Black Hat USA on Wednesday, Matt Tait, chief operating officer at Corellium, called for softwa...
by Kelly Jackson Higgins, Executive Editor
August 05, 2021
4 min read
Article
Organizations Still Struggle to Hire & Retain Infosec Employees: Report
Security leaders are challenged to fill application security and cloud computing jobs in particular, survey data shows.
August 04, 2021
Security leaders are challenged to fill application security and cloud computing jobs in particular, survey data shows.
by Joan Goodchild, Senior Editor
August 04, 2021
3 min read
Article
NSA & CISA Publish Kubernetes Security Guidance
Kubernetes is frequently targeted for data theft, computational power theft, or denial of service, the agencies say in a...
August 04, 2021
Kubernetes is frequently targeted for data theft, computational power theft, or denial of service, the agencies say in a...
by Dark Reading Staff, Dark Reading
August 04, 2021
2 min read
Article
REvil Most Popular Ransomware Variant in 2021 (So Far)
An increase in global cyberattacks was driven by Web shell activity, targeted ransomware and extortion operations, and s...
August 04, 2021
An increase in global cyberattacks was driven by Web shell activity, targeted ransomware and extortion operations, and s...
by Dark Reading Staff, Dark Reading
August 04, 2021
2 min read
Article
Think Having Avoided Kaseya Means You're Safe? Guess Again
The lesson: Don't assume that everything coming from an apparently benign source is safe.
August 04, 2021
The lesson: Don't assume that everything coming from an apparently benign source is safe.
by Alan Brill, Senior Managing Director, Cyber Risk Practice, Kroll
August 04, 2021
5 min read
Article
5 Key Lessons From ICS Attacks Through the Ages
Industrial control systems attacks are happening with more frequency, but they are hardly new.
August 04, 2021
Industrial control systems attacks are happening with more frequency, but they are hardly new.
by Corey Nachreiner, Chief Security Officer, WatchGuard Technologies
August 04, 2021
5 min read
Article
Dark Reading Virtual News Desk Returns to Black Hat
Coming to you prerecorded from home offices around the world!
August 04, 2021
Coming to you prerecorded from home offices around the world!
by Dark Reading Staff, Dark Reading
August 04, 2021
9 min read
Article