Announcements

Implementing and Using XDR to Improve Enterprise Cybersecurity | May 25 Webinar | <REGISTER NOW>

Building and Maintaining an Effective IoT Cybersecurity Strategy | May 17 Webinar | <REGISTER NOW>

HOW DATA BREACHES HAPPEN & WHAT TO DO WHEN THEY HAPPEN TO YOU | June 23 Virtual Event | <Get Your Pass>

Vulnerabilities/Threats

Breaking news, news analysis, and expert commentary on cybersecurity threat intelligence, including tools & technologies.

iPhones Open to Attack Even When Off, Researchers Say

Wireless chips that run when the iPhone iOS is shut down can be exploited.

Wireless chips that run when the iPhone iOS is shut down can be exploited.

by Dark Reading Staff, Dark Reading

Open Source Security Gets $150M Boost From Industry Heavy Hitters

Maintainers of open source software (OSS) will gain additional security tools for their own projects, while the developers who use OSS — and about 97% of software does — will gain more data on security.

Maintainers of open source software (OSS) will gain additional security tools for their own projects, while the developers who use OSS — and about 97% of software does — will gain more data on security.

by Robert Lemos, Contributing Writer

NSA Cyber Chief Vows 'No Backdoors' in Quantum Encryption Standards

New quantum encryption standards will stand up to spy-snooping, NSA cybersecurity director said.

New quantum encryption standards will stand up to spy-snooping, NSA cybersecurity director said.

by Dark Reading Staff, Dark Reading

Name That Toon: Knives Out

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

by John Klossner, Cartoonist

Critical Zyxel Firewall Bug Under Active Attack After PoC Exploit Debut

Just one day after disclosure, cyberattackers are actively going after the command-injection/code-execution vulnerability in Zyxel's gear.

Just one day after disclosure, cyberattackers are actively going after the command-injection/code-execution vulnerability in Zyxel's gear.

by Tara Seals, Managing Editor, News

US Cyber Director: Forging a Cybersecurity Social Contract Is Not Optional

In a Black Hat Asia keynote fireside chat, US national cyber director Chris Inglis outlined his vision of an effective cybersecurity public-private partnership strategy.

In a Black Hat Asia keynote fireside chat, US national cyber director Chris Inglis outlined his vision of an effective cybersecurity public-private partnership strategy.

by Becky Bracken, Editor, Dark Reading

How to Turn a Coke Can Into an Eavesdropping Device

Cyber-researchers are testing the bounds of optical attacks with a technique that allows attackers to recover voice audio from meetings if there are shiny, lightweight objects nearby.

Cyber-researchers are testing the bounds of optical attacks with a technique that allows attackers to recover voice audio from meetings if there are shiny, lightweight objects nearby.

by Robert Lemos, Contributing Writer

Black Hat Asia: Democracy's Survival Depends on Taming Technology

The conference opens with stark outlook on the future of global democracy — currently squeezed between Silicon Valley and China.

The conference opens with stark outlook on the future of global democracy — currently squeezed between Silicon Valley and China.

by Becky Bracken, Editor, Dark Reading

Linux, OpenSSF Champion Plan to Improve Open Source Security

The White House and tech industry pledge $150 million over two years to boost open source resiliency and supply chain security.

The White House and tech industry pledge $150 million over two years to boost open source resiliency and supply chain security.

by Dark Reading Staff, Dark Reading

Log4Shell Exploit Threatens Enterprise Data Lakes, AI Poisoning

A brand-new attack vector lays open enterprise data lakes, threatening grave consequences for AI use cases like telesurgery or autonomous cars.

A brand-new attack vector lays open enterprise data lakes, threatening grave consequences for AI use cases like telesurgery or autonomous cars.

by Tara Seals, Managing Editor, News

Data Transformation: 3 Sessions to Attend at RSA 2022

Three RSA 2022 sessions take deep dives into the security considerations around data cloud transformation.

Three RSA 2022 sessions take deep dives into the security considerations around data cloud transformation.

by Liat Hayun, Co-Founder and CEO, Eureka Security

Black Hat Asia: Firmware Supply Chain Woes Plague Device Security

The supply chain for firmware development is vast, convoluted, and growing out of control: patching security vulnerabilities can take up to two years. For cybercriminals, it's a veritable playground.

The supply chain for firmware development is vast, convoluted, and growing out of control: patching security vulnerabilities can take up to two years. For cybercriminals, it's a veritable playground.

by Tara Seals, Managing Editor, News

Cloud Firm Appian Awarded $2B in Trade Secret Cyber-Theft Lawsuit

Cloud competitor found liable for breaking into Appian back-end systems to steal company secrets.

Cloud competitor found liable for breaking into Appian back-end systems to steal company secrets.

by Dark Reading Staff, Dark Reading

Needs Improvement: Scoring Biden's Cyber Executive Order

One year after it was issued, has President Biden's Cyber Executive Order had an impact?

One year after it was issued, has President Biden's Cyber Executive Order had an impact?

by Ali N. Khan, Solution Demand Manager, ReversingLabs

How Can Your Business Defend Itself Against Fraud-as-a-Service?

By understanding how FaaS works and following best practices to prevent it, your business can protect its customers, revenue, and brand reputation.

By understanding how FaaS works and following best practices to prevent it, your business can protect its customers, revenue, and brand reputation.

by Bruno Farinelli, Fraud Analytics Manager, ClearSale