Novel Exploit Chain Enables Windows UAC Bypass
Adversaries can exploit CVE-2024-6769 to jump from regular to admin access without triggering UAC, but Microsoft says it's not really a vulnerability.
darkreading
Top Allies for Executives & Boards to Leverage During a Cyber Crisis
4 months 4 weeks ago
It is imperative for executives and board members to know who their top allies are, and how to best leverage them to successfully navigate a crisis and minimize the harm caused by a breach.
Chris Crummey
Could Security Misconfigurations Become No. 1 in OWASP Top 10?
4 months 4 weeks ago
As Superman has kryptonite, software has weaknesses — with misconfigurations leading the pack.
Mark Troester
Memory-Safe Code Adoption Has Made Android Safer
5 months ago
The number of memory bugs in Android declined sharply after Google began transitioning to Rust for new features in its mobile OS.
Jai Vijayan, Contributing Writer
Stellar Cyber Secures National 'Don't Click It' Day
5 months ago
Cybersecurity Success Hinges on Full Organizational Support, New CompTIA Report Asserts
5 months ago
OneTrust Automates DORA ICT Risk Management and Compliance
5 months ago
Security Upgrades Available for 3 HPE Aruba Networking Bugs
5 months ago
The vendor says there are no reports of the flaws being exploited in the wild nor any public exploit codes currently available.
Dark Reading Staff
Transport, Logistics Orgs Hit by Stealthy Phishing Gambit
5 months ago
Companies in this industry vertical tend toward large financial transactions with partners, suppliers, and customers.
Nate Nelson, Contributing Writer
Torq Announces $70M Series C Bringing Total 2024 Funding to $112M
5 months ago
5 Cyber Strategies Research Universities Can Adopt to Lead in Global Research
5 months ago
Congress Advances Bill to Add AI to National Vulnerability Database
5 months ago
The AI Incident Reporting and Security Enhancement Act would allow NIST to create a process for reporting and tracking vulnerabilities found in AI systems.
Jennifer Lawinski, Contributing Writer
Public Wi-Fi Compromised in UK Train Stations
5 months ago
British Transport Police and Network Rail are investigating the incident, in which bad actors posted Islamophobic messages on the transport system's network.
Dark Reading Staff
Hurricane Helene Prompts CISA Fraud Warning
5 months ago
Beware that friendly text from the IT department giving you an "update" about restoring your broadband connectivity.
Tara Seals, Managing Editor, News, Dark Reading
Moving DevOps Security Out of 'the Stone Age'
5 months ago
Developers need to do more than scan code and vet software components, and ops should do more than just defend the deployment pipeline.
Robert Lemos, Contributing Writer
Moving DevOps Security Out of the 'Stone Age'
5 months ago
Developers need to do more than scan code and vet software components, and ops should do more than just defend the deployment pipeline.
Robert Lemos, Contributing Writer
Boredom Is the Silent Killer in Your IT Systems
5 months ago
An environment that values creativity, continuous learning, and calculated risk-taking can prevent boredom while building a resilient, adaptable team ready to tackle whatever challenges come their way.
Mackenzie Jackson
GenAI Writes Malicious Code to Spread AsyncRAT
5 months ago
Researchers have uncovered one of the first examples of threat actors using artificial intelligence chatbots for malware creation, in a phishing attack spreading the open source remote access Trojan.
Elizabeth Montalbano, Contributing Writer
'SloppyLemming' APT Abuses Cloudflare Service in Pakistan Attacks
5 months ago
Who needs advanced malware when you can take advantage of a bunch of OSS tools and free cloud services to compromise your target?
Nate Nelson, Contributing Writer
NIST Drops Password Complexity, Mandatory Reset Rules
5 months ago
The latest draft version of NIST's password guidelines simplifies password management best practices and eliminates those that did not promote stronger security.
Edge Editors
Checked
1 hour 38 minutes ago
Public RSS feed
darkreading feed