| LATEST SECURITY NEWS & COMMENTARY | General Electric, DARPA Hack Claims Raise National Security Concerns Weapons systems data, AI research, and other classified information may be up for sale, not to mention access to other government agencies. Former Uber CISO Speaks Out, After 6 Years, on Data Breach, SolarWinds Joe Sullivan, spared prison time, weighs in on the lessons learned from the 2016 Uber breach and the import of the SolarWinds CISO case. Google Patches Another Chrome Zero-Day as Browser Attacks Mount The vulnerability is among a rapidly growing number of zero-day bugs that major browser vendors have reported recently. Scattered Spider Hops Nimbly From Cloud to On-Prem in Complex Attack The actor behind the high-profile MGM incident jumps across segmentations in under an hour, in a ransomware attack spanning Okta, Citrix, Azure, SharePoint, and more. Ex-Cybersecurity Adviser to Bush, Obama Weighs in On Current Admin Melissa Hathaway, a former White House cybersecurity adviser, says Biden is pushing through more regulatory reforms than previous administrations. Patch Now: Attackers Pummel Critical, Easy-to-Exploit OwnCloud Flaw A vulnerability in the file server and collaboration platform earned a 10 in severity on the CVSS, allowing access to admin passwords, mail server credentials, and license keys. CISA to Congress: US Under Threat of Chemical Attacks Dropping the ball on chemical security has precipitated "a national security gap too great to ignore," CISA warns. Rootkit Turns Kubernetes from Orchestration to Subversion Kubernetes compromises have usually led to attackers creating cryptomining containers, but the outcomes could be much worse, say researchers presenting at the Black Hat Europe conference. macOS Malware Mix & Match: North Korean APTs Stir Up Fresh Attacks Lazarus and its cohorts are switching loaders and other code between RustBucket and KandyKorn macOS malware to fool victims and researchers. Name That Toon: Slam Dunk Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. 3 Ways to Stop Unauthorized Code From Running in Your Network As organizations increasingly rely on AI-developed code, they must put guardrails in place to prevent major cybersecurity risks related to malicious code. How the Evolving Role of the CISO Impacts Cybersecurity Startups CISOs and vendors must work together to keep up with emerging threats and find solutions, says a group of CISOs and security entrepreneurs. MORE NEWS / MORE COMMENTARY | |
| EDITORS' CHOICE | Dark Reading Debuts Fresh New Site Design Check out our new look — it's crisp, fast, and more reader-friendly. 10 Holiday Gifts For Stressed-Out Security Pros Office giving-friendly fidgets, stress balls, brain teasers, and more that are perfect to calm the most harried cybersecurity professionals. LATEST FROM DR TECHNOLOGY Rundown of Security News from AWS re:Invent 2023 Amazon Web Services announced enhancements to several of its security tools, including GuardDuty, Inspector, Detective, IAM Access Analyzer, and Secrets Manager, to name a few during its re:Invent event. How a Teenage Saudi Hacker Went From Lockpicking to Ransomware Black Hat speaker and 13-year-old ethical hacker Marco Liberale talks about his interest in cybersecurity, and what opportunities he has in Saudi Arabia. |
|
| | WEBINARS | |
| | WHITE PAPERS | |
| |
|