Dark Reading
AWS Tokens Lurking in Android, iOS Apps Crack Open Corporate Cloud Data
09/02/2022
Thousands of corporate mobile apps developed by businesses for use by their customers contain hardcoded AWS tokens that can be easily extracted and used to access the full run of corporate data stored in cloud buckets.
The Makings of a Successful Threat-Hunting Program
09/02/2022
Threat hunters can help build defenses as they work with offensive security teams to identify potential threats and build stronger threat barriers.
Ragnar Locker Brags About TAP Air Portugal Breach
09/02/2022
TAP assures its customers that it stopped data theft in a recent cyberattack, but the Ragnar Locker ransomware group says it made off with user info.
Ghost Data Increases Enterprise Business Risk
09/01/2022
IT has to get its hands around cloud data sprawl. Another area of focus should be on ghost data, as it expands the organization's cloud attack surface.
Neopets Hackers Had Network Access for 18 Months
09/01/2022
Neopets has confirmed that its IT systems were compromised from January 2021 through July 2022, exposing 69 million user accounts and source code.
Threat Actor Phishing PyPI Users Identified
09/01/2022
"JuiceLedger" has escalated a campaign to distribute its information stealer by now going after developers who published code on the widely used Python code repository.
Skyrocketing IoT Bug Disclosures Put Pressure on Security Teams
09/01/2022
The expanding Internet of Things ecosystem is seeing a startling rate of vulnerability disclosures, leaving companies with a greater need for visibility into and patching of IoT devices.
New Guidelines Spell Out How to Test IoT Security Products
09/01/2022
The proposed AMTSO guidelines offer a roadmap for comprehensive testing of IoT security products.
Code-Injection Bugs Bite Google, Apache Open Source GitHub Projects
09/01/2022
The insecurities exist in CI/CD pipelines and can be used by attackers to subvert modern development and roll out malicious code at deployment.
Apple Quietly Releases Another Patch for Zero-Day RCE Bug
09/01/2022
Apple continues a staged update process to address a WebKit vulnerability that allows attackers to craft malicious Web content to load malware on affected devices.
(ISC)(2) Launches 'Certified in Cybersecurity' Entry-Level Certification to Address Global Workforce Gap
09/01/2022
After a rigorous pilot program, the association's newest certification is officially operational. More than 1,500 pilot participants who passed the exam are on the path to full certification.
Real-World Cloud Attacks: The True Tasks of Cloud Ransomware Mitigation
09/01/2022
Cloud breaches are inevitable — and so is cloud ransomware. (Second of two parts.)
Closing the Security Gap Opened by the Rise of No-Code Tools
08/31/2022
No-code startups such as Mine PrivacyOps say they offer best of both worlds — quick development and compliance with privacy laws.
Google Fixes 24 Vulnerabilities with New Chrome Update
08/31/2022
But one issue that lets websites overwrite content on a user's system clipboard appears unfixed in the new Version 105 of Chrome.
James Webb Telescope Images Loaded With Malware Are Evading EDR
08/31/2022
New Golang cyberattacks use deep space images and a new obfuscator to target systems — undetected.
The Pros and Cons of Managed Firewalls
08/31/2022
Managed firewalls are increasingly popular. This post examines the strengths and weaknesses of managed firewalls to help your team decide on the right approach.
OpenText Goes All-in on Cybersecurity Size and Scale With Micro Focus Purchase
08/31/2022
OpenText makes a $6 billion bet that bigger is better in security and that cybersecurity platform plays are the future.
(ISC)² Opens Global Enrollment for '1 Million Certified in Cybersecurity' Initiative
08/31/2022
(ISC)² pledges to expand and diversify the cybersecurity workforce by providing free "(ISC)² Certified in Cybersecurity" education and exams to 1 million people worldwide.
TikTok for Android Bug Allows Single-Click Account Hijack
08/31/2022
A security vulnerability (CVE-2022-28799) in one of TikTok for Android's deeplinks could affect billions of users, Microsoft warns.
The Inevitability of Cloud Breaches: Tales of Real-World Cloud Attacks
08/31/2022
While cloud breaches are going to happen, that doesn't mean we can't do anything about them. By better understanding cloud attacks, organizations can better prepare for them. (First of two parts.)
<< Prev 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 Next >>