Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Careers and People
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
Black Hat Asia
May 10-13, 2022
Hybrid/Marina Bay Sands, Singapore
Black Hat USA
August 6-11, 2022
Las Vegas, NV, USA
Black Hat Europe
December 5-8, 2022
London
Event Updates
Level Up Your Kubernetes Security Skills at Black Hat USA
Black Hat Staff,
Gain access to a broad spectrum of in-depth cybersecurity Briefings and Trainings.
By Black Hat Staff , 7/16/2020
Comment0 comments  |  Read  |  Post a Comment
Stay on the Cutting Edge of Mobile Security
Black Hat Staff,
Here are some of the mobile-focused Briefings, Trainings, and Arsenal tools that will be explored at Black Hat USA.
By Black Hat Staff , 7/15/2020
Comment0 comments  |  Read  |  Post a Comment
Get Cutting-Edge Healthcare Cybersecurity Insights at Black Hat USA
Black Hat Staff,
Bad actors are on the lookout for ways to attack healthcare organizations, so it's important for cybersecurity pros to stay informed about the latest trends and threats in the industry.
By Black Hat Staff , 7/14/2020
Comment0 comments  |  Read  |  Post a Comment
More Event Updates
News & Commentary
US National Cyber Director: Toward a New Cybersecurity Social Contract
Becky Bracken, Editor, News
In a Black Hat Asia keynote Fireside Chat, US National Cyber Director Chris Inglis outlined his vision of an effective cybersecurity public-private partnership strategy.
By Becky Bracken, Editor , 5/16/2022
Comment0 comments  |  Read  |  Post a Comment
CISO Shares Top Strategies to Communicate Security's Value to the Biz
Tara Seals, Managing Editor, News, News
In a keynote address at Black Hat Asia in Singapore this week, CISO and former NASA security engineer George Do discussed his go-to model for measuring security effectiveness – and getting others in the organization to listen.
By Tara Seals, Managing Editor, News , 5/13/2022
Comment0 comments  |  Read  |  Post a Comment
Black Hat Asia: Democracy's Survival Depends on Taming Technology
Becky Bracken, Editor, Dark Reading , News
The conference opens with stark outlook on the future of global democracy -- currently squeezed between Silicon Valley and China.
By Becky Bracken, Editor, Dark Reading , 5/13/2022
Comment0 comments  |  Read  |  Post a Comment
Transforming SQL Queries Bypasses WAF Security
Robert Lemos, Contributing WriterNews
A team of university researchers finds a machine learning-based approach to generating HTTP requests that slip past Web application firewalls.
By Robert Lemos Contributing Writer, 5/12/2022
Comment0 comments  |  Read  |  Post a Comment
Known macOS Vulnerabilities Led Researcher to Root Out New Flaws
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Researcher shares how he unearthed newer bugs in Apple's operating system by closer scrutiny of previous research, including vulnerabilities that came out of the Pwn2Own competition.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/12/2022
Comment0 comments  |  Read  |  Post a Comment
1,000+ Attacks in 2 Years: How the SideWinder APT Sheds Its Skin
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Researcher to reveal fresh details at Black Hat Asia on a tenacious cyber-espionage group attacking specific military, law enforcement, aviation, and other entities in Central and South Asia.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/5/2022
Comment0 comments  |  Read  |  Post a Comment
How to Negotiate With Ransomware Attackers
Kelly Sheridan, Staff Editor, Dark ReadingNews
Security researchers investigate the ransom negotiation process to create strategies businesses can use if they face an attack.
By Kelly Sheridan Staff Editor, Dark Reading, 11/15/2021
Comment0 comments  |  Read  |  Post a Comment
Cloud Attack Analysis Unearths Lessons for Security Pros
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers detail their investigation of a cryptomining campaign stealing AWS credentials and how attackers have evolved their techniques.
By Kelly Sheridan Staff Editor, Dark Reading, 11/11/2021
Comment0 comments  |  Read  |  Post a Comment
What Happens If Time Gets Hacked
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Renowned hardware security expert raises alarm on the risk and dangers of cyberattackers targeting the current time-synchronization infrastructure.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 11/11/2021
Comment0 comments  |  Read  |  Post a Comment
Hacker-for-Hire Group Spied on More Than 3,500 Targets in 18 Months
Jai Vijayan, Contributing WriterNews
Russian-speaking "Void Balaur" group's victims include politicians, dissidents, human rights activists, doctors, and journalists, security vendor discloses at Black Hat Europe 2021.
By Jai Vijayan Contributing Writer, 11/10/2021
Comment0 comments  |  Read  |  Post a Comment
ChaosDB: Researchers Share Technical Details of Azure Flaw
Kelly Sheridan, Staff Editor, Dark ReadingNews
Wiz researchers who discovered a severe flaw in the Azure Cosmos DB database discussed the full extent of the vulnerability at Black Hat Europe.
By Kelly Sheridan Staff Editor, Dark Reading, 11/10/2021
Comment0 comments  |  Read  |  Post a Comment
Securing the Public: Who Should Take Charge?
Kelly Sheridan, Staff Editor, Dark ReadingNews
International policy expert Marietke Schaake explores the intricacies of protecting the public as governments depend on private companies to build and secure digital infrastructure.
By Kelly Sheridan Staff Editor, Dark Reading, 11/10/2021
Comment0 comments  |  Read  |  Post a Comment
Dark Reading Video News Desk Comes to Black Hat Europe
Dark Reading Staff, News
While attendees join Black Hat Europe 2021 virtually and live in London, we bring you prerecorded interviews from remote offices around the world.
By Dark Reading Staff , 11/10/2021
Comment0 comments  |  Read  |  Post a Comment
Researcher Details Vulnerabilities Found in AWS API Gateway
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
AWS fixed the security flaws that left the API service at risk of so-called HTTP header-smuggling attacks, says the researcher who discovered them.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 11/10/2021
Comment0 comments  |  Read  |  Post a Comment
Free Tool Scans Web Servers for Vulnerability to HTTP Header-Smuggling Attacks
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
A researcher will release an open source tool at Black Hat Europe next week that roots out server weaknesses to a sneaky type of attack.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 11/1/2021
Comment0 comments  |  Read  |  Post a Comment
APTs, Teleworking, and Advanced VPN Exploits: The Perfect Storm
Kelly Sheridan, Staff Editor, Dark ReadingNews
A Mandiant researcher shares the details of an investigation into the misuse of Pulse Secure VPN devices by suspected state-sponsored threat actors.
By Kelly Sheridan Staff Editor, Dark Reading, 10/29/2021
Comment0 comments  |  Read  |  Post a Comment
Read Between the Lines: Finding Flaws in EPUB Reading Systems
Kelly Sheridan, Staff Editor, Dark ReadingNews
Security researchers who analyzed 97 free EPUB reading applications found half are not compliant with security recommendations.
By Kelly Sheridan Staff Editor, Dark Reading, 10/27/2021
Comment0 comments  |  Read  |  Post a Comment
Who's In Your Wallet? Exploring Mobile Wallet Security
Kelly Sheridan, Staff Editor, Dark ReadingNews
Security flaws in contactless payments for transportation systems could lead to fraud for stolen devices, researchers find.
By Kelly Sheridan Staff Editor, Dark Reading, 10/25/2021
Comment0 comments  |  Read  |  Post a Comment
Applying Behavioral Psychology to Strengthen Your Incident Response Team
Kelly Sheridan, Staff Editor, Dark ReadingNews
A deep-dive study on the inner workings of incident response teams leads to a framework to apply behavioral psychology principles to CSIRTs.
By Kelly Sheridan Staff Editor, Dark Reading, 10/11/2021
Comment0 comments  |  Read  |  Post a Comment
FragAttacks Foil 2 Decades of Wireless Security
Robert Lemos, Contributing WriterNews
Wireless security protocols have improved, but product vendors continue to make implementation errors that allow a variety of attacks.
By Robert Lemos Contributing Writer, 8/6/2021
Comment0 comments  |  Read  |  Post a Comment
More Stories
Twitter Feed
Current Conversations
More Conversations
Products & Releases
Federal, State, Local, and Private-Sector Partners Conduct Nationwide Exercise to Test Election Day Plans
ZeroFOX Expands AI Capabilities to Detect Deepfakes
Censys To Unveil Attack Surface Visibility Platform at Black Hat
Digital Guardian Releases Free Forensic Tool
The Infosec Industry Comes Together to Recognize Innovators and Leaders at the First-Ever Cybersecurity Women of the Year Awards
ZeroFOX to Spotlight Social Risk Management at Black Hat 2014
Black Hat Releases Official Schedule
Black Hat: Chief Engineer of NASA's Jet Propulsion Laboratory To Keynote Day Two Of Black Hat USA 2013
More Products & Releases
Black Hat
Black Hat is the most technical and relevant global information security event series in the world. For more than 20 years, Black Hat has provided attendees with the very latest in information security research, development, and trends. These high-profile global Briefings and Trainings are driven by the needs of the security community, striving to bring together the best minds in the industry. Black Hat inspires professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors.
www.blackhat.com
White Papers
Video
Register for Dark Reading Newsletters
Current Issue
Incorporating a Prevention Mindset into Threat Detection and Response
Threat detection and response systems, by definition, are reactive because they have to wait for damage to be done before finding the attack. With a prevention-mindset, security teams can proactively anticipate the attacker's next move, rather than reacting to specific threats or trying to detect the latest techniques in real-time. The report covers areas enterprises should focus on: What positive response looks like. Improving security hygiene. Combining preventive actions with red team efforts.
Cartoon