Dark Reading

Privilege Elevation Dominates Massive Microsoft Patch Update

Elevation-of-privilege bugs accounted for more than half of the 165 vulnerabilities patched, with two zero-days in that mix.
Dark Reading

War Game Exercise Demonstrates How Social Media Manipulation Works

In a game called "Capture the Narrative," students created bots to sway a fictional election, simulating influence in ...
Dark Reading

EDR-Killer Ecosystem Expansion Requires Stronger BYOVD Defenses

Stopping EDR killers, which employ bring-your-own-vulnerable-driver (BYOVD) attack techniques, is difficult, but not ...
Dark Reading

CSA: CISOs Should Prepare for Post-Mythos Exploit Storm

A Cloud Security Alliance (CSA) paper warns of an "AI vulnerability storm" triggered by the introduction of Anthropic's ...
Dark Reading

Adobe Patches Actively Exploited Zero-Day That Lingered for Months

An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four ...
Dark Reading

Empty Attestations: OT Lacks the Tools for Cryptographic Readiness

OT asset owners are being asked by regulators to attest to their post-quantum cryptographic readiness without the appropriate ...
Dark Reading

APT41 Delivers 'Zero-Detection' Backdoor to Harvest Cloud Credentials

The China-backed threat group is targeting AWS, Google, Azure, and Alibaba cloud environments and using typosquatting to ...
Dark Reading

Why Orgs Need to Test Networks to Withstand DDoS Attacks During Peak Loads

Security teams need to test distributed denial-of-service defenses during periods of high demand, such as tax filing ...
Dark Reading

Beyond the Perimeter: Accelerating Lateral Segmentation Journey for Zero Trust Private Cloud

How lateral segmentation helps contain breaches in private cloud environments and limit attacker movement after the perimeter ...
Dark Reading

Do Ceasefires Slow Cyberattacks? History Suggests Not

The cybersecurity community is waiting to see if Iranian hackers will honor a ceasefire that doesn't actually name or ...
Dark Reading

FINRA Launches Financial Intelligence Fusion Center to Combat Cybersecurity and Fraud Threats

WASHINGTON — FINRA announced today the launch of the Financial Intelligence Fusion Center (FIFC), a secure portal for FINRA ...
Dark Reading

Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands?

Its Mythos Preview model, which can allegedly find and exploit critical zero-days, also comes with certain controls, the ...