The Edge
DR Tech
Sections
Close
Back
Sections
Featured Sections
The Edge
Dark Reading Technology
Attacks / Breaches
Cloud
IoT
Physical Security
Perimeter
Analytics
Security Monitoring
Security Monitoring
App Sec
Database Security
Database Security
Risk
Compliance
Compliance
Threat Intelligence
Endpoint
Authentication
Mobile Security
Privacy
Authentication
Mobile Security
Privacy
Vulnerabilities / Threats
Advanced Threats
Insider Threats
Vulnerability Management
Advanced Threats
Insider Threats
Vulnerability Management
Operations
Identity & Access Management
Careers & People
Identity & Access Management
Careers & People
Remote Workforce
Black Hat news
Omdia Research
Security Now
Events
Close
Back
Events
Events
Dark Reading Virtual Event - June 23 - Learn More
Black Hat USA - August 6-11 - Learn More
Webinars
Outsourcing Cybersecurity: A Decision Maker's Guide
Jun 29, 2022
Using Threat Modeling to Improve Enterprise Cyber Defenses
Jun 28, 2022
Resources
Close
Back
Resources
Reports >
Slideshows >
Tech Library >
Webinars >
White Papers >
Subscribe
Login
/
Register
The Edge
DR Tech
Sections
Close
Back
Sections
Featured Sections
The Edge
Dark Reading Technology
Attacks / Breaches
Cloud
IoT
Physical Security
Perimeter
Analytics
Security Monitoring
Security Monitoring
App Sec
Database Security
Database Security
Risk
Compliance
Compliance
Threat Intelligence
Endpoint
Authentication
Mobile Security
Privacy
Authentication
Mobile Security
Privacy
Vulnerabilities / Threats
Advanced Threats
Insider Threats
Vulnerability Management
Advanced Threats
Insider Threats
Vulnerability Management
Operations
Identity & Access Management
Careers & People
Identity & Access Management
Careers & People
Remote Workforce
Black Hat news
Omdia Research
Security Now
Events
Close
Back
Events
Events
Dark Reading Virtual Event - June 23 - Learn More
Black Hat USA - August 6-11 - Learn More
Webinars
Outsourcing Cybersecurity: A Decision Maker's Guide
Jun 29, 2022
Using Threat Modeling to Improve Enterprise Cyber Defenses
Jun 28, 2022
Resources
Close
Back
Resources
Reports >
Slideshows >
Tech Library >
Webinars >
White Papers >
The Edge
DR Tech
Sections
Close
Back
Sections
Featured Sections
The Edge
Dark Reading Technology
Attacks / Breaches
Cloud
IoT
Physical Security
Perimeter
Analytics
Security Monitoring
Security Monitoring
App Sec
Database Security
Database Security
Risk
Compliance
Compliance
Threat Intelligence
Endpoint
Authentication
Mobile Security
Privacy
Authentication
Mobile Security
Privacy
Vulnerabilities / Threats
Advanced Threats
Insider Threats
Vulnerability Management
Advanced Threats
Insider Threats
Vulnerability Management
Operations
Identity & Access Management
Careers & People
Identity & Access Management
Careers & People
Remote Workforce
Black Hat news
Omdia Research
Security Now
Events
Close
Back
Events
Events
Dark Reading Virtual Event - June 23 - Learn More
Black Hat USA - August 6-11 - Learn More
Webinars
Outsourcing Cybersecurity: A Decision Maker's Guide
Jun 29, 2022
Using Threat Modeling to Improve Enterprise Cyber Defenses
Jun 28, 2022
Resources
Close
Back
Resources
Reports >
Slideshows >
Tech Library >
Webinars >
White Papers >
Subscribe
Login
/
Register
SEARCH
A minimum of 3 characters are required to be typed in the search bar in order to perform a search.
Announcements
Event
HOW DATA BREACHES HAPPEN & WHAT TO DO WHEN THEY HAPPEN TO YOU | June 23 Virtual Event | <Get Your Pass>
Previous
Next
Application Security
Breaking news, news analysis, and expert commentary on application security, including tools & technologies.
ChromeLoader Malware Hijacks Browsers With ISO Files
The malware’s abuse of PowerShell makes it more dangerous, allowing for more advanced attacks such as ransomware, fileless malware, and malicious code memory injections.
May 27, 2022
The malware’s abuse of PowerShell makes it more dangerous, allowing for more advanced attacks such as ransomware, fileless malware, and malicious code memory injections.
by Nathan Eddy, Contributing Writer, Dark Reading
May 27, 2022
4 min read
Article
Broadcom Snaps Up VMware in $61B Deal
Massive merger will put Broadcom's Symantec and VMware's Carbon Black under one roof.
May 26, 2022
Massive merger will put Broadcom's Symantec and VMware's Carbon Black under one roof.
by Dark Reading Staff, Dark Reading
May 26, 2022
1 min read
Article
Third-Party Scripts on Websites Present a 'Broad & Open' Attack Vector
Nearly half of the world's largest websites use externally generated JavaScript that makes them ripe targets for cyberattackers interested in stealing data, skimming credit cards, and executing other malicious actions.
May 26, 2022
Nearly half of the world's largest websites use externally generated JavaScript that makes them ripe targets for cyberattackers interested in stealing data, skimming credit cards, and executing other malicious actions.
by Jai Vijayan, Contributing Writer, Dark Reading
May 26, 2022
4 min read
Article
Twitter Fined $150M for Security Data Misuse
Twitter is charged with using emails and phone numbers ostensibly collected for account security to sell targeted ads.
May 26, 2022
Twitter is charged with using emails and phone numbers ostensibly collected for account security to sell targeted ads.
by Dark Reading Staff, Dark Reading
May 26, 2022
2 min read
Article
Big Cyber Hits on GM, Chicago Public Schools, & Zola Showcase the Password Problem
Credential-stuffing attacks against online accounts are still popular, and they work thanks to continuing password reuse.
May 26, 2022
Credential-stuffing attacks against online accounts are still popular, and they work thanks to continuing password reuse.
by Tara Seals, Managing Editor, News, Dark Reading
May 26, 2022
6 min read
Article
Quanta Servers Caught With 'Pantsdown' BMC Vulnerability
Researchers discover 3-year-old critical firmware vulnerability, running in popular cloud servers used to power hyperscalers and cloud providers alike.
May 26, 2022
Researchers discover 3-year-old critical firmware vulnerability, running in popular cloud servers used to power hyperscalers and cloud providers alike.
by Ericka Chickowski, Contributing Writer, Dark Reading
May 26, 2022
4 min read
Article
JFrog Launches Project Pyrsia to Help Prevent Software Supply Chain Attacks
Open source software community initiative utilizes blockchain technology.
May 25, 2022
Open source software community initiative utilizes blockchain technology.
May 25, 2022
5 min read
Article
Zero-Click Zoom Bug Allows Code Execution Just by Sending a Message
Google has disclosed a nasty set of six bugs affecting Zoom chat that can be chained together for MitM and RCE attacks, no user interaction required.
May 25, 2022
Google has disclosed a nasty set of six bugs affecting Zoom chat that can be chained together for MitM and RCE attacks, no user interaction required.
by Tara Seals, Managing Editor, News, Dark Reading
May 25, 2022
6 min read
Article
Microsoft Elevation-of-Privilege Vulnerabilities Spiked Again in 2021
But there was a substantial drop in the overall number of critical vulnerabilities that the company disclosed last year, new analysis shows.
May 24, 2022
But there was a substantial drop in the overall number of critical vulnerabilities that the company disclosed last year, new analysis shows.
by Jai Vijayan, Contributing Writer, Dark Reading
May 24, 2022
5 min read
Article
Malicious Python Repository Package Drops Cobalt Strike on Windows, macOS & Linux Systems
The PyPI "pymafka" package is the latest example of growing attacker interest in abusing widely used open source software repositories.
May 23, 2022
The PyPI "pymafka" package is the latest example of growing attacker interest in abusing widely used open source software repositories.
by Jai Vijayan, Contributing Writer, Dark Reading
May 23, 2022
4 min read
Article
Partial Patching Still Provides Strong Protection Against APTs
Organizations that deploy updates only after a vulnerability is disclosed apply far fewer updates and do so at a lower cost than those that stay up to date on all of their software, university researchers say.
May 20, 2022
Organizations that deploy updates only after a vulnerability is disclosed apply far fewer updates and do so at a lower cost than those that stay up to date on all of their software, university researchers say.
by Jai Vijayan, Contributing Writer, Dark Reading
May 20, 2022
4 min read
Article
DoJ Won't Charge 'Good Faith' Security Researchers
Revised policy means security analysts won't be charged under the Computer Fraud and Abuse Act.
May 19, 2022
Revised policy means security analysts won't be charged under the Computer Fraud and Abuse Act.
by Dark Reading Staff, Dark Reading
May 19, 2022
1 min read
Article
Majority of Kubernetes API Servers Exposed to the Public Internet
Shadowserver Foundation researchers find 380,000 open Kubernetes API servers.
May 19, 2022
Shadowserver Foundation researchers find 380,000 open Kubernetes API servers.
by Ericka Chickowski, Contributing Writer, Dark Reading
May 19, 2022
4 min read
Article
6 Scary Tactics Used in Mobile App Attacks
Mobile attacks have been going on for many years, but the threat is rapidly evolving as more sophisticated malware families with novel features enter the scene.
May 19, 2022
Mobile attacks have been going on for many years, but the threat is rapidly evolving as more sophisticated malware families with novel features enter the scene.
by Storm Swendsboe, Director of Intelligence, SafeGuard Cyber
May 19, 2022
5 min read
Article
MITRE Creates Framework for Supply Chain Security
System of Trust includes data-driven metrics for evaluating the integrity of software, services, and suppliers.
May 18, 2022
System of Trust includes data-driven metrics for evaluating the integrity of software, services, and suppliers.
by Kelly Jackson Higgins, Editor-in-Chief, Dark Reading
May 18, 2022
4 min read
Article