The Edge
DR Tech
Sections
Close
Back
Sections
Featured Sections
The Edge
Dark Reading Technology
Attacks / Breaches
Cloud
IoT
Physical Security
Perimeter
Analytics
Security Monitoring
Security Monitoring
App Sec
Database Security
Database Security
Risk
Compliance
Compliance
Threat Intelligence
Endpoint
Authentication
Mobile Security
Privacy
Authentication
Mobile Security
Privacy
Vulnerabilities / Threats
Advanced Threats
Insider Threats
Vulnerability Management
Advanced Threats
Insider Threats
Vulnerability Management
Operations
Identity & Access Management
Careers & People
Identity & Access Management
Careers & People
Remote Workforce
Black Hat news
Omdia Research
Security Now
Events
Close
Back
Events
Events
[FREE Virtual Event] The Identity Crisis
Webinars
Black Hat Spring Trainings - June 13-16 - Learn More
Dec 23, 2021
Preventing Attackers from Navigating Your Enterprise Systems
Dec 15, 2021
Resources
Close
Back
Resources
Reports >
Slideshows >
Tech Library >
Webinars >
White Papers >
Subscribe
Login
/
Register
The Edge
DR Tech
Sections
Close
Back
Sections
Featured Sections
The Edge
Dark Reading Technology
Attacks / Breaches
Cloud
IoT
Physical Security
Perimeter
Analytics
Security Monitoring
Security Monitoring
App Sec
Database Security
Database Security
Risk
Compliance
Compliance
Threat Intelligence
Endpoint
Authentication
Mobile Security
Privacy
Authentication
Mobile Security
Privacy
Vulnerabilities / Threats
Advanced Threats
Insider Threats
Vulnerability Management
Advanced Threats
Insider Threats
Vulnerability Management
Operations
Identity & Access Management
Careers & People
Identity & Access Management
Careers & People
Remote Workforce
Black Hat news
Omdia Research
Security Now
Events
Close
Back
Events
Events
[FREE Virtual Event] The Identity Crisis
Webinars
Black Hat Spring Trainings - June 13-16 - Learn More
Dec 23, 2021
Preventing Attackers from Navigating Your Enterprise Systems
Dec 15, 2021
Resources
Close
Back
Resources
Reports >
Slideshows >
Tech Library >
Webinars >
White Papers >
The Edge
DR Tech
Sections
Close
Back
Sections
Featured Sections
The Edge
Dark Reading Technology
Attacks / Breaches
Cloud
IoT
Physical Security
Perimeter
Analytics
Security Monitoring
Security Monitoring
App Sec
Database Security
Database Security
Risk
Compliance
Compliance
Threat Intelligence
Endpoint
Authentication
Mobile Security
Privacy
Authentication
Mobile Security
Privacy
Vulnerabilities / Threats
Advanced Threats
Insider Threats
Vulnerability Management
Advanced Threats
Insider Threats
Vulnerability Management
Operations
Identity & Access Management
Careers & People
Identity & Access Management
Careers & People
Remote Workforce
Black Hat news
Omdia Research
Security Now
Events
Close
Back
Events
Events
[FREE Virtual Event] The Identity Crisis
Webinars
Black Hat Spring Trainings - June 13-16 - Learn More
Dec 23, 2021
Preventing Attackers from Navigating Your Enterprise Systems
Dec 15, 2021
Resources
Close
Back
Resources
Reports >
Slideshows >
Tech Library >
Webinars >
White Papers >
Subscribe
Login
/
Register
SEARCH
A minimum of 3 characters are required to be typed in the search bar in order to perform a search.
Announcements
Report
Black Hat USA 2022 Attendee Report | Supply Chain & Cloud Security Risks Are Top of Mind | <READ IT NOW>
Event
Malicious Bots: What Enterprises Need to Know | August 30 Webinar | <REGISTER NOW>
Event
How Supply Chain Attacks Work – And What You Can Do to Stop Them | August 17 Webinar | <REGISTER NOW>
Previous
Next
Vulnerability Management
Breaking news, news analysis, and expert commentary on cybersecurity threat intelligence, including tools & technologies.
Which Security Bugs Will Be Exploited? Researchers Create an ML Model to Find Out
How critical is that vulnerability? University researchers are improving predictions of which software flaws will end up with an exploit, a boon for prioritizing patches and estimating risk.
August 18, 2022
How critical is that vulnerability? University researchers are improving predictions of which software flaws will end up with an exploit, a boon for prioritizing patches and estimating risk.
by Robert Lemos, Contributing Writer, Dark Reading
August 18, 2022
5 min read
Article
Google Chrome Zero-Day Found Exploited in the Wild
The high-severity security vulnerability (CVE-2022-2856) is due to improper user-input validation.
August 17, 2022
The high-severity security vulnerability (CVE-2022-2856) is due to improper user-input validation.
by Dark Reading Staff, Dark Reading
August 17, 2022
2 min read
Article
Windows Vulnerability Could Crack DC Server Credentials Open
The security flaw tracked as CVE-2022-30216 could allow attackers to perform server spoofing or trigger authentication coercion on the victim.
August 16, 2022
The security flaw tracked as CVE-2022-30216 could allow attackers to perform server spoofing or trigger authentication coercion on the victim.
by Nathan Eddy, Contributing Writer, Dark Reading
August 16, 2022
5 min read
Article
Patch Madness: Vendor Bug Advisories Are Broken, So Broken
Dustin Childs and Brian Gorenc of ZDI take the opportunity at Black Hat USA to break down the many vulnerability disclosure issues making patch prioritization a nightmare scenario for many orgs.
August 12, 2022
Dustin Childs and Brian Gorenc of ZDI take the opportunity at Black Hat USA to break down the many vulnerability disclosure issues making patch prioritization a nightmare scenario for many orgs.
by Tara Seals, Managing Editor, News, Dark Reading
August 12, 2022
8 min read
Article
Software Supply Chain Chalks Up a Security Win With New Crypto Effort
GitHub, the owner of the Node Package Manager (npm), proposes cryptographically linking source code and JavaScript packages in an effort to shore up supply chain security.
August 12, 2022
GitHub, the owner of the Node Package Manager (npm), proposes cryptographically linking source code and JavaScript packages in an effort to shore up supply chain security.
by Robert Lemos, Contributing Writer, Dark Reading
August 12, 2022
4 min read
Article
Microsoft: We Don't Want to Zero-Day Our Customers
The head of Microsoft's Security Response Center defends keeping its initial vulnerability disclosures sparse — it is, she says, to protect customers.
August 11, 2022
The head of Microsoft's Security Response Center defends keeping its initial vulnerability disclosures sparse — it is, she says, to protect customers.
by Jai Vijayan, Contributing Writer, Dark Reading
August 11, 2022
4 min read
Article
Supply Chain Security Startup Phylum Wins the First Black Hat Innovation Spotlight
Up-and-coming companies shoot their shot in a new feature introduced at the 25th annual cybersecurity conference.
August 11, 2022
Up-and-coming companies shoot their shot in a new feature introduced at the 25th annual cybersecurity conference.
by Karen Spiegelman, Features Editor
August 11, 2022
4 min read
Article
Microsoft Patches Zero-Day Actively Exploited in the Wild
The computing giant issued a massive Patch Tuesday update, including a pair of remote execution flaws in the Microsoft Support Diagnostic Tool (MSDT) after attackers used one of the vulnerabilities in a zero-day exploit.
August 09, 2022
The computing giant issued a massive Patch Tuesday update, including a pair of remote execution flaws in the Microsoft Support Diagnostic Tool (MSDT) after attackers used one of the vulnerabilities in a zero-day exploit.
by Robert Lemos, Contributing Writer, Dark Reading
August 09, 2022
4 min read
Article
Researchers Debut Fresh RCE Vector for Common Google API Tool
The finding exposes the danger of older, unpatched bugs, which plague at least 4.5 million devices.
August 09, 2022
The finding exposes the danger of older, unpatched bugs, which plague at least 4.5 million devices.
by Nathan Eddy, Contributing Writer, Dark Reading
August 09, 2022
6 min read
Article
Pipeline Operators Are Headed in the Right Direction, With or Without TSA's Updated Security Directives
A worsening threat landscape, increased digitization, and the long-term positive effects of modern security strategies are pushing critical infrastructure operators to do better.
August 08, 2022
A worsening threat landscape, increased digitization, and the long-term positive effects of modern security strategies are pushing critical infrastructure operators to do better.
by Duncan Greatwood, CEO of Xage
August 08, 2022
5 min read
Article
A Digital Home Has Many Open Doors
Development of digital gateways to protect the places where we live, work, and converse need to be secure and many doors need to offer restricted access.
August 05, 2022
Development of digital gateways to protect the places where we live, work, and converse need to be secure and many doors need to offer restricted access.
by Scott Cadzow, Chair, ETSI Encrypted Traffic Integration ISG
August 05, 2022
5 min read
Article
Time to Patch VMware Products Against a Critical New Vulnerability
A dangerous VMware authentication-bypass bug could give threat actors administrative access over virtual machines.
August 04, 2022
A dangerous VMware authentication-bypass bug could give threat actors administrative access over virtual machines.
by Dark Reading Staff, Dark Reading
August 04, 2022
1 min read
Article
Bug in Kaspersky VPN Client Allows Privilege Escalation
The CVE-2022-27535 local privilege-escalation security vulnerability in the security software threatens remote and work-from-home users.
August 04, 2022
The CVE-2022-27535 local privilege-escalation security vulnerability in the security software threatens remote and work-from-home users.
by Tara Seals, Managing Editor, News, Dark Reading
August 04, 2022
3 min read
Article
Critical RCE Bug in DrayTek Routers Opens SMBs to Zero-Click Attacks
SMBs should patch CVE-2022-32548 now to avoid a host of horrors, including complete network compromise, ransomware, state-sponsored attacks, and more.
August 03, 2022
SMBs should patch CVE-2022-32548 now to avoid a host of horrors, including complete network compromise, ransomware, state-sponsored attacks, and more.
by Tara Seals, Managing Editor, News, Dark Reading
August 03, 2022
6 min read
Article
5 Steps to Becoming Secure by Design in the Face of Evolving Cyber Threats
From adopting zero-trust security models to dynamic environments to operating under an "assumed breach" mentality, here are ways IT departments can reduce vulnerabilities as they move deliberately to become more secure.
August 02, 2022
From adopting zero-trust security models to dynamic environments to operating under an "assumed breach" mentality, here are ways IT departments can reduce vulnerabilities as they move deliberately to become more secure.
by Sudhakar Ramakrishna, CEO, SolarWinds
August 02, 2022
6 min read
Article