Dark Reading

Deepfence ThreatMapper 1.4 Unveils Open Source Threat Graph to Visualize Cloud-Native Threat Landscape

08/10/2022
New release also includes enterprise-grade cloud security posture management (CSPM) and YARA-based malware scanning capabilities.

Zero Trust & XDR: The New Architecture of Defense

08/10/2022
Zero trust and XDR are complementary and both are necessary in today's modern IT environment. In this article, we discuss the intersection of zero trust and XDR.

Compliance Certifications: Worth the Effort?

08/10/2022
Because demonstrating compliance with industry regulations can be cumbersome and expensive, it's important to ensure they're also absolutely essential.

Flow Security Launches Next-Gen Data Security Platform Following $10 Million Seed Round

08/10/2022
First-of-its-kind solution discovers and protects both data at rest and in motion.

Looking Back at 25 Years of Black Hat

08/10/2022
The Black Hat USA conference's silver jubilee is an opportunity to remember its defining moments, the impact it has made on the security community, and its legacy.

Software Development Pipelines Offer Cybercriminals 'Free-Range' Access to Cloud, On-Prem

08/09/2022
A Q&A with NCC Group's Viktor Gazdag ahead of a Black Hat USA session on CI/CD pipeline risks reveals a scary, and expanding, campaign vector for software supply chain attacks and RCE.

Microsoft Patches Zero-Day Actively Exploited in the Wild

08/09/2022
The computing giant issued a massive Patch Tuesday update, including a pair of remote execution flaws in the Microsoft Support Diagnostic Tool (MSDT) after attackers used one of the vulnerabilities in a zero-day exploit.

Halo Security Emerges From Stealth With Full Attack Surface Management Platform

08/09/2022
The latest startup to enter the space also has a free scanning service to audit the contents of any website.

Cybrary Unveils Next-Generation Interactive, Hands-On Training Experience to Upskill Cybersecurity Professionals

08/09/2022
New SOC Analyst Assessment delivers threat-informed training in a live lab environment to help cybersecurity professionals defend their organizations against the latest adversarial tactics and techniques.

Researchers Debut Fresh RCE Vector for Common Google API Tool

08/09/2022
The finding exposes the danger of older, unpatched bugs, which plague at least 4.5 million devices.

Abusing Kerberos for Local Privilege Escalation

08/09/2022
Upcoming Black Hat USA presentation will examine the implications of Kerberos weaknesses for security on the local machine.

Domino's Takes a Methodical Approach to IoT

08/09/2022
The success of Domino's Flex IoT project can be attributed in large part to the security best practices it followed.

Russia-Ukraine Conflict Holds Cyberwar Lessons

08/09/2022
Initial attacks used damaging wiper malware and targeted infrastructure, but the most enduring impacts will likely be from disinformation, researchers say. At Black Hat USA, SentinelOne's Juan Andres Guerrero-Saade and Tom Hegel will discuss.

US Oil and Gas Sector at Risk of a Cyberbreach, According to BreachBits Study

08/09/2022
Study offers a cyber "state of the industry" analysis from a hacker's perspective to help companies anticipate attacks.

Netscout Arbor Insight Leverages Patented ASI Technology to Enhance Security and Operational Awareness for Network Opera

08/09/2022
Extends all aspects of the Arbor Sightline solution with unique, real-time multidimensional DDoS and traffic analytics capabilities.

Don't Take the Cyber Safety Review Board's Log4j Report at Face Value

08/09/2022
Given the lack of reporting requirements, the findings are more like assumptions. Here's what organizations can do to minimize exposure.

Human Threat Hunters Are Essential to Thwarting Zero-Day Attacks

08/09/2022
Machine-learning algorithms alone may miss signs of a successful attack on your organization.

10 Malicious Code Packages Slither into PyPI Registry

08/08/2022
The discovery adds to the growing list of recent incidents where threat actors have used public code repositories to distribute malware in software supply chain attacks.

Deepfakes Grow in Sophistication, Cyberattacks Rise Following Ukraine War

08/08/2022
A rising tide of threats — from API exploits to deepfakes to extortionary ransomware attacks — is threatening to overwhelm IT security teams.

HYAS Infosec Announces General Availability of Cybersecurity Solution for Production Environments

08/08/2022
HYAS Confront provides total visibility into your production environment, giving you insight into potential issues like cyber threats before they become problems.