darkreading
WiCyS and ISC2 Launch Fall Camp for Cybersecurity Certification
1 year ago
Solar Power Installations Worldwide Open to Cloud API Bugs
1 year ago
The weaknesses gave attackers an avenue to take over millions of photovoltaic devices connected to Solarman and Deye's cloud-hosted management systems.
Jai Vijayan, Contributing Writer
Anthropic: Expanding Our Model Safety Bug Bounty Program
1 year ago
HPE Aruba Networking Strengthens Cyber Defenses With AI-Powered Network Detection and Response
1 year ago
Entro Extends Non-Human Identity Security Platform
1 year ago
Progress Announces Conclusion of SEC Investigation into MOVEit
1 year ago
Media & Victims Find Common Ground Against Hackers
1 year ago
In a panel at Black Hat 2024, journalists and investigators explain their differing goals when a victim organization is breached.
Kristina Beek, Associate Editor, Dark Reading
Rubrik Partners With Mandiant for Cyber Resilience and Accelerated Incident Response Recovery
1 year ago
Tackling Vulnerabilities & Errors Head-on for Proactive Security
1 year ago
As attack surfaces increase, partner networks widen, and security teams remain stretched, vulnerabilities and errors continue to be a daunting challenge.
Rodman Ramezanian
Dark Reading News Desk Live From Black Hat USA 2024
1 year ago
The Dark Reading team spent two days on the Dark Reading News Desk interviewing the world's top cybersecurity experts.
Dark Reading Staff
Memory Safety Is Key to Preventing Hardware Hacks
1 year ago
Spectre and Meltdown exposed just how easy a target computer memory was for attackers. Several efforts are underway to protect memory.
Agam Shah, Contributing Writer
CrowdStrike's Legal Pressures Mount, Could Blaze Path to Liability
1 year ago
Following the July 19 outages caused by a bad update, the cybersecurity firm faces shareholder lawsuits and pressure to pay damages for at least one major customer, Delta Airlines. Will software liability follow?
Robert Lemos, Contributing Writer
How to Weaponize Microsoft Copilot for Cyberattackers
1 year ago
At Black Hat USA, security researcher Michael Bargury released a "LOLCopilot" ethical hacking module to demonstrate how attackers can exploit Microsoft Copilot — and offered advice for defensive tooling.
Jeffrey Schwartz, Contributing Writer
Microsoft on CISOs: Thriving Community Means Stronger Security
1 year ago
Microsoft execs detailed the company's reaction to the CrowdStrike incident and emphasized the value of a collective identity.
Kristina Beek, Associate Editor, Dark Reading
'0.0.0.0 Day' Flaw Puts Chrome, Firefox, Mozilla Browsers at RCE Risk
1 year ago
Attackers can use a seemingly innocuous IP address to exploit localhost APIs to conduct a range of malicious activity, including unauthorized access to user data and the delivery of malware.
Elizabeth Montalbano, Contributing Writer
Building an Effective Strategy to Manage AI Risks
1 year ago
As AI technologies continue to advance at a rapid pace, privacy, security and governance teams can't expect to achieve strong AI governance while working in isolation.
Sanket Kavishwar, Kenneth Moras
SaaS Apps Present an Abbreviated Kill Chain for Attackers
1 year ago
Black Hat presentation reveals adversaries don't need to complete all seven stages of a traditional kill chain to achieve their objectives.
Jai Vijayan, Contributing Writer
Critical AWS Vulnerabilities Allow S3 Attack Bonanza
1 year ago
Researchers at Aqua Security discovered the "Shadow Resource" attack vector and the "Bucket Monopoly" problem, where threat actors can guess the name of S3 buckets based on their public account IDs.
Jeffrey Schwartz, Contributing Writer
Hazy Issue in Entra ID Allows Privileged Users to Become Global Admins
1 year ago
Invisible authentication mechanisms in Microsoft allow any attacker to escalate from privileged to super-duper privileged in cloud environments, paving the way for complete takeover.
Nate Nelson, Contributing Writer
Checked
10 hours 34 minutes ago
Public RSS feed
darkreading feed