darkreading
OPA for Windows Vulnerability Exposes NTLM Hashes
1 month 4 weeks ago
The vulnerability affects all versions prior to v0.68.0 and highlights the risks organizations assume when consuming open source software and code.
Jai Vijayan, Contributing Writer
SoftwareOne Launches Cloud Competency Centre in Malaysia
1 month 4 weeks ago
Retail & Hospitality ISAC Launches Program Aimed at Securing Supply Chains
1 month 4 weeks ago
Breaking Barriers: Making Cybersecurity Accessible for Neurodiverse Professionals
1 month 4 weeks ago
Cybersecurity is not "one size fits all." Employers, recruiters, and managers need to embrace neurodiversity through inclusive hiring practices, tailored training programs, and adaptive management styles.
Joan Goodchild
Most US Political Campaigns Lack DMARC Email Protection
1 month 4 weeks ago
Without DMARC, campaigns remain highly susceptible to phishing, domain spoofing, and impersonation.
Dark Reading Staff
Swarms of Fake WordPress Plug-ins Infect Sites With Infostealers
2 months ago
GoDaddy flagged a ClickFix campaign that infected 6,000 sites in a one-day period, with attackers using stolen admin credentials to distribute malware.
Elizabeth Montalbano, Contributing Writer
Tricky CAPTCHA Caught Dropping Lumma Stealer Malware
2 months ago
The persistent infostealer's latest campaign inserts fake CAPTCHA pages into legitimate applications, fooling users into executing the malicious payload, researchers find.
Becky Bracken, Senior Editor, Dark Reading
What Today's SOC Teams Can Learn From Baseball
2 months ago
There are more similarities between developing a professional athlete and developing a cybersecurity pro than you might expect.
Mike Mitchell
Name That Toon: The Big Jump
2 months ago
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
John Klossner, Cartoonist
Russia-Linked Hackers Attack Japan's Govt, Ports
2 months ago
Russia-linked hackers have taken aim at Japan, following its ramping up of military exercises with regional allies and the increase of its defense budget.
Robert Lemos, Contributing Writer
Unmanaged Cloud Credentials Pose Risk to Half of Orgs
2 months ago
These types of "long-lived" credentials pose a risk for users across all major cloud service providers, and must meet their very timely ends, researchers say.
Dark Reading Staff
Cisco Disables DevHub Access After Security Breach
2 months ago
The networking company confirms that cyberattackers illegally accessed data belonging to some of its customers.
Jai Vijayan, Contributing Writer
Internet Archive Gets Pummeled in Round 2 Breach
2 months ago
This latest breach was through Zendesk, a customer service platform that the organization uses.
Dark Reading Staff
Anti-Bot Services Help Cybercrooks Bypass Google 'Red Page'
2 months ago
The emergence of novel anti-detection kits for sale on the Dark Web limit the effectiveness of a Chrome browser feature that warns users that they have reached a phishing page.
Elizabeth Montalbano, Contributing Writer
Why I'm Excited About the Future of Application Security
2 months ago
The future of application security is no longer about reacting to the inevitable — it's about anticipating and preventing attacks before they can cause damage.
Bradley Schaufenbuel
DPRK Uses Microsoft Zero-Day in No-Click Toast Attacks
2 months ago
The "Code-on-Toast" supply chain cyberattacks by APT37 delivered data-stealing malware to users in South Korea who had enabled Toast pop-up ads.
Tara Seals, Managing Editor, News, Dark Reading
EU Adopts Cyber Resilience Act to Regulate Internet of Things
2 months ago
The European Union adopted a new law setting EU-wide cybersecurity requirements for connected devices to ensure their safety.
Jennifer Lawinski, Contributing Writer
MacOS Safari 'HM Surf' Exploit Exposes Camera, Mic, Browser Data
2 months ago
Microsoft researchers toyed with app permissions to uncover CVE-2024-44133, using it to access sensitive user data. Adware merchants may have as well.
Nate Nelson, Contributing Writer
Time to Get Strict With DMARC
2 months ago
Adoption of the email authentication and policy specification remains low, and only about a tenth of DMARC-enabled domains enforce policies. Everyone is waiting for major email providers to get strict.
Robert Lemos, Contributing Writer
Checked
2 hours 50 minutes ago
Public RSS feed
darkreading feed