darkreading
Proactive Vulnerability Management for Engineering Success
5 months 1 week ago
By integrating security into CI/CD, applying automated policies, and supporting developers with the right processes and tools, infosec teams can increase efficiency and build secure software.
Remi Yazigi
DeepSeek Jailbreak Reveals Its Entire System Prompt
5 months 1 week ago
Now we know exactly how DeepSeek was designed to work, and we may even have a clue toward its highly publicized scandal with OpenAI.
Nate Nelson, Contributing Writer
Black Hat USA 2024 Highlights
5 months 1 week ago
Check out all the highlights from Black Hat USA 2024 at the Mandalay Bay in Las Vegas. #cybersecurity #infosec #blackhat
Black Hat USA 2024 Highlights
5 months 1 week ago
Check out all the highlights from Black Hat USA 2024 at the Mandalay Bay in Las Vegas. #cybersecurity #infosec #blackhat
Community Health Center Data Breach Affects 1M Patients
5 months 1 week ago
The CHC remains operational, but a host of personal data is now in the hands of a "skilled cybercriminal," it said.
Kristina Beek, Associate Editor, Dark Reading
DoJ Shutters Cybercrime Forums Behind Attacks on 17M Americans
5 months 1 week ago
The "Cracked" and "Nulled" Dark Web sites are now offline, along with the Pakistani "Saim Raza" network of underground forums (aka HeartSender).
Tara Seals, Managing Editor, News, Dark Reading
State Data Privacy Regulators Are Coming. What Story Will You Tell Them?
5 months 1 week ago
Regulators are ready to enforce new state data privacy laws. Here's how experts say organizations can stay compliant and avoid penalties.
Becky Bracken, Senior Editor, Dark Reading
Tenable to Acquire Vulcan Cyber to Boost Exposure Management Focus
5 months 1 week ago
The deal, expected to close this quarter, will give Tenable One Exposure Management much-needed integration with over 100 third-party security tools and platforms.
Jeffrey Schwartz
Code-Scanning Tool's License at Heart of Security Breakup
5 months 1 week ago
Nine application security toolmakers band together to fork the popular Semgrep code-scanning project, touching off a controversy over access to features and fairness.
Robert Lemos, Contributing Writer
Can AI & the Cyber Trust Mark Rebuild Endpoint Confidence?
5 months 1 week ago
The Cyber Trust Mark has the potential to change how we define and measure security at the endpoint level. But potential isn't enough.
Chris "CT" Thomas
Healthcare Sector Charts 2 More Ransomware Attacks
5 months 1 week ago
No ransomware groups have yet to claim responsibility for either attack, and both institutions have yet to reveal what may have been stolen.
Kristina Beek, Associate Editor, Dark Reading
New Jailbreaks Allow Users to Manipulate GitHub Copilot
5 months 1 week ago
Whether by intercepting its traffic or just giving it a little nudge, GitHub's AI assistant can be made to do malicious things it isn't supposed to.
Nate Nelson, Contributing Writer
Automated Pen Testing Is Improving — Slowly
5 months 1 week ago
The rate of evolution has been glacial, but tools now understand cloud environments and can target Web applications.
Alex Haynes
Exposure Management Provider CYE Acquires Solvo
5 months 1 week ago
The addition of Solvo CSPM to CYE Hyver aims to address the need for multicloud vulnerability monitoring and risk assessment.
Jeffrey Schwartz
Fake Videos of Former First Lady Scam Namibians
5 months 1 week ago
Amateurish financial scams are common across Africa, and Namibia's influential former first lady, Monica Geingos, has emerged as a particularly effective host body for these messages.
Nate Nelson, Contributing Writer
PrintNightmare Aftermath: Windows Print Spooler Is Better. What's Next?
5 months 1 week ago
While Microsoft has boosted the security of Windows Print Spooler in the three years since the disclosure of the PrintNightmare vulnerability, the service remains a spooky threat that organizations cannot afford to ignore.
Jai Vijayan, Contributing Writer
Researchers Uncover Lazarus Group Admin Layer for C2 Servers
5 months 1 week ago
The threat actor is using a sophisticated network of VPNs and proxies to centrally manage command-and-control servers from Pyongyang.
Jai Vijayan, Contributing Writer
Unpatched Zyxel CPE Zero-Day Pummeled by Cyberattackers
5 months 1 week ago
VulnCheck initially disclosed the critical command-injection vulnerability (CVE-2024-40891) six months ago, but Zyxel has yet to mention its existence or offer users a patch to mitigate threats.
Kristina Beek, Associate Editor, Dark Reading
Mirai Variant 'Aquabot' Exploits Mitel Device Flaws
5 months 1 week ago
Yet another spinoff of the infamous DDoS botnet is exploiting a known vulnerability in active attacks, while its threat actors are promoting it on Telegram for other attackers to use as well, in a DDoS-as-a-service model.
Elizabeth Montalbano, Contributing Writer
Checked
4 hours 44 minutes ago
Public RSS feed
darkreading feed