informa
/
Announcements
Event
Building & Maintaining an Effective Remote Access Strategy | August 2 Webinar | <REGISTER NOW>
Event
Building & Maintaining Security at the Network Edge | July 28 Webinar | <REGISTER NOW>
Event
How Ransomware Works - And What You Can Do to Stop It | July 14 Webinar | <REGISTER NOW>
PreviousNext

Vulnerability Management

Breaking news, news analysis, and expert commentary on cybersecurity threat intelligence, including tools & technologies.

Zero-Days Aren't Going Away Anytime Soon & What Leaders Need to Know
There were a record number of zero-day attacks last year, but some basic cyber-hygiene strategies can help keep your organization more safe.
June 30, 2022
There were a record number of zero-day attacks last year, but some basic cyber-hygiene strategies can help keep your organization more safe.
by Dan Schiappa, Chief Product Officer, Arctic Wolf
June 30, 2022
4 min read
Article
New Vulnerability Database Catalogs Cloud Security Issues
Researchers have created a new community website for reporting and tracking security issues in cloud platforms and services — plus fixes for them where available.
June 28, 2022
Researchers have created a new community website for reporting and tracking security issues in cloud platforms and services — plus fixes for them where available.
by Jai Vijayan, Contributing Writer, Dark Reading
June 28, 2022
4 min read
Article
LockBit 3.0 Debuts With Ransomware Bug Bounty Program
LockBit 3.0 promises to 'Make Ransomware Great Again!' with a side of cybercrime crowdsourcing.
June 27, 2022
LockBit 3.0 promises to 'Make Ransomware Great Again!' with a side of cybercrime crowdsourcing.
by Becky Bracken, Editor, Dark Reading
June 27, 2022
2 min read
Article
It's a Race to Secure the Software Supply Chain — Have You Already Stumbled?
If you haven't properly addressed the issue, you're already behind. But even if you've had a false start, it's never too late to get back up.
June 27, 2022
If you haven't properly addressed the issue, you're already behind. But even if you've had a false start, it's never too late to get back up.
by Kayla Underkoffler, Senior Security Technologist, HackerOne
June 27, 2022
5 min read
Article
7 Steps to Stronger SaaS Security
Continuous monitoring is key to keeping up with software-as-a-service changes, but that's not all you'll need to get better visibility into your SaaS security.
June 24, 2022
Continuous monitoring is key to keeping up with software-as-a-service changes, but that's not all you'll need to get better visibility into your SaaS security.
by John Whelan, Senior Director of Product Management, AppOmni
June 24, 2022
4 min read
Article
The Rise, Fall, and Rebirth of the Presumption of Compromise
The concept might make us sharp and realistic, but it's not enough on its own.
June 23, 2022
The concept might make us sharp and realistic, but it's not enough on its own.
by Oleg Brodt, R&D Director of Deutsche Telekom Innovation Labs, Israel, and Chief Innovation Officer for [email protected] University
June 23, 2022
4 min read
Article
Russia's APT28 Launches Nuke-Themed Follina Exploit Campaign
Researchers have spotted the threat group, also known as Fancy Bear and Sofacy, using the Windows MSDT vulnerability to distribute information stealers to users in Ukraine.
June 22, 2022
Researchers have spotted the threat group, also known as Fancy Bear and Sofacy, using the Windows MSDT vulnerability to distribute information stealers to users in Ukraine.
by Jai Vijayan, Contributing Writer, Dark Reading
June 22, 2022
4 min read
Article
56 Vulnerabilities Discovered in OT Products From 10 Different Vendors
Deep-dive study unearthed security flaws that could allow remote code execution, file manipulation, and malicious firmware uploads, among other badness.
June 21, 2022
Deep-dive study unearthed security flaws that could allow remote code execution, file manipulation, and malicious firmware uploads, among other badness.
by Jai Vijayan, Contributing Writer, Dark Reading
June 21, 2022
6 min read
Article
Open Source Software Security Begins to Mature
Only about half of firms have an open source software security policy in place to guide developers in the use of components and frameworks, but those that do exhibit better security.
June 21, 2022
Only about half of firms have an open source software security policy in place to guide developers in the use of components and frameworks, but those that do exhibit better security.
by Robert Lemos, Contributing Writer, Dark Reading
June 21, 2022
5 min read
Article
Atlassian Confluence Server Bug Under Active Attack to Distribute Ransomware
Most of the attacks involve the use of automated exploits, security vendor says.
June 17, 2022
Most of the attacks involve the use of automated exploits, security vendor says.
by Jai Vijayan, Contributing Writer, Dark Reading
June 17, 2022
4 min read
Article
RSAC Startup Competition Focuses on Post-Cloud IT Infrastructure
A secure Web browser takes the top prize, and for the second year in a row malware detection is an afterthought.
June 16, 2022
A secure Web browser takes the top prize, and for the second year in a row malware detection is an afterthought.
by Paul Shomo, Cybersecurity Analyst
June 16, 2022
5 min read
Article
CISOs Gain False Confidence in the Calm After the Storm of the Pandemic
While CISOs may feel more confident in their security posture emerging from the pandemic, new research suggests that doesn't mean organizations are better prepared for large-scale attacks.
June 16, 2022
While CISOs may feel more confident in their security posture emerging from the pandemic, new research suggests that doesn't mean organizations are better prepared for large-scale attacks.
by Lucia Milică, VP, Global Resident CISO, Proofpoint
June 16, 2022
5 min read
Article
How Can Security Partnerships Help to Mitigate the Increasing Cyber Threat?
Martyn Ryder from Morphean explains why forging trusted partnerships is integral to the future of physical security in a world of networks, systems, and the cloud.
June 14, 2022
Martyn Ryder from Morphean explains why forging trusted partnerships is integral to the future of physical security in a world of networks, systems, and the cloud.
by IFSEC Global Staff, Part of the Informa Network
June 14, 2022
5 min read
Article
China-Sponsored Cyberattackers Target Networking Gear to Build Widespread Attack Infrastructure
Compromised routers, VPNs, and NAS devices from Cisco, Citrix, Pulse, Zyxel, and others are all being used as part of an extensive cyber espionage campaign.
June 08, 2022
Compromised routers, VPNs, and NAS devices from Cisco, Citrix, Pulse, Zyxel, and others are all being used as part of an extensive cyber espionage campaign.
by Dark Reading Staff, Dark Reading
June 08, 2022
2 min read
Article
How Do We Secure Our Cities From Attack?
Physical access matters in keeping people and buildings safe. Points to consider when establishing a physical security protocol are ways to lock down an area to keep people safe, approaches to communicate clear safety directions, and access control.
June 08, 2022
Physical access matters in keeping people and buildings safe. Points to consider when establishing a physical security protocol are ways to lock down an area to keep people safe, approaches to communicate clear safety directions, and access control.
by Mark Allen, General Manager, Premises, Identiv
June 08, 2022
5 min read
Article