CISO Corner

How Should CISOs Navigate the SEC Cybersecurity and Disclosure Rules?

Sep 27, 2024

Top Allies for Executives & Boards to Leverage During a Cyber Crisis

Sep 27, 2024

CrowdStrike Offers Mea Culpa to House Committee

Sep 25, 2024

Concerns Over Supply Chain Attacks on US Seaports Grow

Sep 19, 2024
More Articles for CISOs
Kia vehicles at dealership
Endpoint Security

Millions of Kia Vehicles Open to Remote Hacks via License Plate

Millions of Kia Vehicles Open to Remote Hacks via License Plate

The vulnerability is the latest discovered in connected vehicles in recent years, and it points out the cyber dangers lurking in automotive APIs.

Sep 27, 2024
|
4 Min Read
"ADMIN" written on a keyboard button
Vulnerabilities & Threats
Novel Exploit Chain Enables Windows UAC Bypass
Novel Exploit Chain Enables Windows UAC Bypass

Sep 27, 2024

Screen covered with multi-colored postits, each one with a password written on it.
Identity & Access Management Security
NIST Drops Password Complexity, Mandatory Reset Rules
NIST Drops Password Complexity, Mandatory Reset Rules

Sep 25, 2024

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe
Vulnerabilities & Threats
Black background and white text saying Dark Reading Confidential

PODCAST

Dark Reading Confidential: Pen-Test Arrests, 5 Years Later

Episode 3: On Sept. 11, 2019, two cybersecurity professionals, Gary De Mercurio and Justin Wynn, were arrested in Dallas County, Iowa, and forced to spend the night in jail — just for doing their jobs. Despite the criminal charges against them eventually being dropped, the saga that night five years ago continues to haunt De Mercurio and Wynn personally and professionally. In this episode, the pair and Coalfire CEO Tom McAndrew share how the arrest and fallout has shaped their lives and careers as well as how it has transformed physical penetration tests for the cybersecurity industry as a whole.

Latest News

Kia vehicles at dealership
Endpoint Security
Millions of Kia Vehicles Open to Remote Hacks via License Plate
Millions of Kia Vehicles Open to Remote Hacks via License Plate
Sep 27, 2024
|
4 Min Read
byJai Vijayan, Contributing Writer
"ADMIN" written on a keyboard button
Vulnerabilities & Threats
Novel Exploit Chain Enables Windows UAC Bypass
Novel Exploit Chain Enables Windows UAC Bypass
Sep 27, 2024
|
5 Min Read
byNate Nelson, Contributing Writer
Google Android figure standing on laptop keyboard with code onscreen
Application Security
Memory-Safe Code Adoption Has Made Android Safer
Memory-Safe Code Adoption Has Made Android Safer
Sep 26, 2024
|
3 Min Read
byJai Vijayan, Contributing Writer
Aruba/HPE logo on the side of a building
Vulnerabilities & Threats
Security Upgrades Available for 3 HPE Aruba Networking Bugs
Security Upgrades Available for 3 HPE Aruba Networking Bugs
Sep 26, 2024
|
1 Min Read
byDark Reading Staff
A van with boxes flowing out of the back
Threat Intelligence
Transport, Logistics Orgs Hit by Stealthy Phishing Gambit
Transport, Logistics Orgs Hit by Stealthy Phishing Gambit
Sep 26, 2024
|
3 Min Read
byNate Nelson, Contributing Writer
Concept illustration of AI, with a microchip with "AI" written on it and code snippets fading out
Application Security
Congress Advances Bill to Add AI to National Vulnerability Database
Congress Advances Bill to Add AI to NVD
Sep 26, 2024
|
2 Min Read
byJennifer Lawinski, Contributing Writer
Busy rail station concourse in London
Cyberattacks & Data Breaches
Public Wi-Fi Compromised in UK Train Stations
Public Wi-Fi Compromised in UK Train Stations
Sep 26, 2024
|
1 Min Read
byDark Reading Staff
Hurricane wind and rain pummeling palm trees on coast
Cyber Risk
Hurricane Helene Prompts CISA Fraud Warning
Hurricane Helene Prompts CISA Fraud Warning
Sep 26, 2024
|
1 Min Read
byTara Seals, Managing Editor, News, Dark Reading
The letters "AI" in 3D rising from a black square on top of an internal computer component lit up in various colors
Cyber Risk
GenAI Writes Malicious Code to Spread AsyncRAT
GenAI Writes Malicious Code to Spread AsyncRAT
Sep 26, 2024
|
4 Min Read
byElizabeth Montalbano, Contributing Writer
A lemming jumping in snow
Сloud Security
'SloppyLemming' APT Abuses Cloudflare Service in Pakistan Attacks
'SloppyLemming' APT Abuses Cloudflare Service in Pakistan Attacks
Sep 26, 2024
|
3 Min Read
byNate Nelson, Contributing Writer
More News

Latest Commentary

Picture of Chris Crummey
Chris Crummey

Director, Executive & Board Cyber Services, Sygnia

Cyberattacks & Data Breaches
Top Allies for Executives & Boards to Leverage During a Cyber Crisis
Sep 27, 2024
|
5 Min Read
Picture of Mark Troester
Mark Troester

Vice President of Strategy, Progress

Vulnerabilities & Threats
Could Security Misconfigurations Become No. 1 in OWASP Top 10?
Sep 27, 2024
|
4 Min Read
Picture of Mackenzie Jackson
Mackenzie Jackson

Security Researcher & Advocate, Aikido

Vulnerabilities & Threats
Boredom Is the Silent Killer in Your IT Systems
Sep 26, 2024
|
5 Min Read
Picture of Stephanie Schneider
Stephanie Schneider

Cyber Threat Intelligence Analyst, LastPass

Vulnerabilities & Threats
How Russia, China & Iran Are Targeting US Elections
Sep 25, 2024
|
4 Min Read
Picture of Haiman Wong
Haiman Wong

Fellow, Cybersecurity & Emerging Threats, R Street Institute

Cybersecurity Operations
US May Be Losing the Race for Global AI Leadership
Sep 25, 2024
|
3 Min Read
Picture of Dave Gerry
Dave Gerry

CEO, Bugcrowd

Cyber Risk
Managing Cyber-Risk Is No Different Than Managing Any Business Risk
Sep 24, 2024
|
5 Min Read
More Commentary

Startup Alley

Read More Startup Launches
Icons and fingerprints suggesting various authentication schemes on top of a laptop keyboard.
Identity & Access Management Security
Startup Finds 'Hydden' Identities in IT Environment
Startup Finds 'Hydden' Identities in IT Environment

Sep 17, 2024

A sunset scene with clouds against a blue sky
Сloud Security
Startup Spotlight: RAD Security Brings Behavioral Profiling to Cloud
Startup Spotlight: RAD Security Brings Behavioral Profiling to Cloud

Aug 6, 2024

Hands on a laptop dealing with multiple applications and AI
Data Privacy
Startup Spotlight: Knostic Tackles AI's Oversharing Problem
Startup Spotlight: Knostic Tackles AI's Oversharing Problem

Aug 5, 2024

How Should CISOs Navigate the SEC Cybersecurity and Disclosure Rules?

Companies that commit to risk management have a strong cybersecurity foundation that makes it easier to comply with the SEC's rules. Here is what you need to know about 8K and 10K filings.

Congress Advances Bill to Add AI to National Vulnerability Database

The AI Incident Reporting and Security Enhancement Act would allow NIST to create a process for reporting and tracking vulnerabilities found in AI systems.

NIST Drops Password Complexity, Mandatory Reset Rules

The latest draft version of NIST's password guidelines simplifies password management best practices and eliminates those that did not promote stronger security.

Cybersecurity Features In-Depth: On security strategy, latest trends, and people to know. Brought to you by Mandiant.

Go to The Edge

Security Technology: Featuring news, news analysis, and commentary on the latest technology trends.

Go to DR Technology
Moving DevOps Security Out of the 'Stone Age'

Developers need to do more than scan code and vet software components, and ops should do more than just defend the deployment pipeline.

Keep Tier-One Applications Out of Virtual Environments

Crafty bad actors can infect all of an organization's virtual machines at once, rendering tier-one applications useless.

Security Concerns Plague Emerging Chip Architecture

The RISC-V chip architecture is gaining popularity worldwide, but the fact that it is easy to modify the processor design means it is also easy to introduce hard-to-patch vulnerabilities.

'SloppyLemming' APT Abuses Cloudflare Service in Pakistan Attacks

Who needs advanced malware when you can take advantage of a bunch of OSS tools and free cloud services to compromise your target?

Meet UNC1860: Iran's Low-Key Access Broker for State Hackers

The group has used more than 30 custom tools to target high-value government and telecommunications organizations on behalf of Iranian intelligence services, researchers say.

China's 'Earth Baxia' Spies Exploit Geoserver to Target APAC Orgs

The APT group uses spear-phishing and a vulnerability in a geospatial data-sharing server to compromise organizations in Taiwan, Japan, the Philippines, and South Korea.

Breaking cybersecurity news, news analysis, commentary, and other content from around the world.

Go to DR Global

Press Releases

See all
PR Logo
Cybersecurity Operations
Stellar Cyber Secures National 'Don't Click It' DayStellar Cyber Secures National 'Don't Click It' Day
Sep 26, 2024
4 Min Read
PR Logo
Cyber Risk
Cybersecurity Success Hinges on Full Organizational Support, New CompTIA Report AssertsCybersecurity Success Hinges on Full Organizational Support, New CompTIA Report Asserts
Sep 26, 2024
3 Min Read
PR Logo
Cyber Risk
OneTrust Automates DORA ICT Risk Management and ComplianceOneTrust Automates DORA ICT Risk Management and Compliance
Sep 26, 2024
3 Min Read
PR Logo
Cybersecurity Operations
Torq Announces $70M Series C Bringing Total 2024 Funding to $112MTorq Announces $70M Series C Bringing Total 2024 Funding to $112M
Sep 26, 2024
4 Min Read