The discovery adds to the growing list of recent incidents where threat actors have used public code repositories to distribute malware in software supply chain attacks. Read More

A rising tide of threats — from API exploits to deepfakes to extortionary ransomware attacks — is threatening to overwhelm IT security teams. Read More

HYAS Confront provides total visibility into your production environment, giving you insight into potential issues like cyber threats before they become problems. Read More

Q&A with Jonathan Leitschuh, inaugural HUMAN Dan Kaminsky Fellow, in advance of his upcoming Black Hat USA presentation. Read More

A new workout leads to five smart lessons about the importance of converging security and fraud into a unified risk function. Read More

A worsening threat landscape, increased digitization, and the long-term positive effects of modern security strategies are pushing critical infrastructure operators to do better. Read More

What issues are cybersecurity professionals concerned about in 2022? You tell us! Read More

As the market for initial access brokers matures, services like Genesis — which offers elite access to compromised systems and slick, professional services — are raising the bar in the underground economy. Read More

For the right price, threat actors can get just about anything they want to launch a ransomware attack — even without technical skills or any previous experience. Read More

With names, email addresses, and mobile numbers from underground databases, one person in five is at risk of account compromise even with SMS two-factor authentication in place. Read More

Over the past few weeks, a Mirai variant appears to have made a pivot from infecting new servers to maintaining remote access. Read More

This Tech Tip outlines how DevOps teams can address security integration issues in their CI/CD pipelines. Read More

Development of digital gateways to protect the places where we live, work, and converse need to be secure and many doors need to offer restricted access. Read More

Coming soon: Dark Reading News Desk at Black Hat USA 2022 Read More

At Black Hat USA, Igal Gofman plans to address how machine identities in the cloud and the explosion of SaaS apps are creating risks for IAM, amid escalating attention from attackers. Read More

A month after the algorithms were revealed, some companies have already begun incorporating the future standards into their products and services. Read More

A dangerous VMware authentication-bypass bug could give threat actors administrative access over virtual machines. Read More

The CVE-2022-27535 local privilege-escalation security vulnerability in the security software threatens remote and work-from-home users. Read More