Dark Reading

Transforming SQL Queries Bypasses WAF Security

05/12/2022
A team of university researchers finds a machine learning-based approach to generating HTTP requests that slip past Web application firewalls.

Black Hat Asia: Firmware Supply Chain Woes Plague Device Security

05/12/2022
The supply chain for firmware development is vast, convoluted, and growing out of control: patching security vulnerabilities can take up to two years. For cybercriminals, it's a veritable playground.

3 Predictors of Cybersecurity Startup Success

05/12/2022
Before investing, venture capitalists should consider a trio of business characteristics that seem to correlate with commercial success, based on meetings with over 2,000 cybersecurity startups.

Egnyte Enhances Program for Managed Service Providers

05/12/2022
Enhancements to the program include unique packages, faster response time for invoicing, and dedicated training for new solutions.

StackHawk Raises $20.7 Million in Series B Funding for Developer-First Application and API Security Testing

05/12/2022
Round co-led by Sapphire Ventures and Costanoa Ventures to accelerate product leadership and market growth.

Cloud Firm Appian Awarded $2B in Trade Secret Cyber-Theft Lawsuit

05/12/2022
Cloud competitor found liable for breaking into Appian back-end systems to steal company secrets.

Needs Improvement: Scoring Biden's Cyber Executive Order

05/12/2022
One year after it was issued, has President Biden's Cyber Executive Order had an impact?

How Can Your Business Defend Itself Against Fraud-as-a-Service?

05/12/2022
By understanding how FaaS works and following best practices to prevent it, your business can protect its customers, revenue, and brand reputation.

Known macOS Vulnerabilities Led Researcher to Root Out New Flaws

05/12/2022
Researcher shares how he unearthed newer bugs in Apple's operating system by closer scrutiny of previous research, including vulnerabilities that came out of the Pwn2Own competition.

5 Years That Altered the Ransomware Landscape

05/12/2022
WannaCry continues to be a reminder of the challenges that organizations face dealing with the ransomware threat.

Nokia Opens Cybersecurity Testing Lab

05/12/2022
The end-to-end cybersecurity 5G testing lab will help identify and prevent cyberattacks on 5G networks.

Google Will Use Mobile Devices to Thwart Phishing Attacks

05/12/2022
In an effort to combat phishing, Google will allow Android phones and iPhones to be used as security keys.

On the Air With Dark Reading News Desk at Black Hat Asia 2022

05/12/2022
This year's Black Hat Asia is hybrid, with some sessions broadcast on the virtual platform and others live on stage in Singapore. News Desk is available on-demand with prerecorded interviews.

PlainID Debuts Authorization-as-a-Service Platform

05/11/2022
Platform powered by policy-based access control (PBAC).

Threat Actors Are Stealing Data Now to Decrypt When Quantum Computing Comes

05/11/2022
The technique, called store-now, decrypt later (SNDL), means organizations need to prepare now for post-quantum cryptography.

Ready, IAM, Fire: How Weak IAM Makes You a Target

05/11/2022
Proper identity and access management configuration serves as an effective starting point for organizations looking to secure their cloud infrastructure.

Microsoft Simplifies Security Patching Process for Exchange Server

05/11/2022
Delivering hotfixes and system updates separately will allow manual patching without requiring elevated permissions, Microsoft said.

Orca Security Unveils Context-Aware Shift Left Security to Identify and Prevent Cloud Application Security Issues Earlie

05/11/2022
Enterprises can now ship more secure code to production by unifying security across software development, DevOps, and security teams.