Despite Post-Log4J Security Gains, Developers Can Still Improve
Developers need more software security safeguards earlier in the process, especially as AI becomes more common.
SBOMs Still More Mandate Than Security
A software bills of materials standard gets an update, but the driver is compliance rather than security.
New EarlyRAT malware linked to North Korean Andariel hacking group
Security analysts have discovered a previously undocumented remote access trojan (RAT) named 'EarlyRAT,' used by Andariel, a sub-group of the…
Lazarus Group Striking Vulnerable Windows IIS Web Servers
The infamous North Korean APT group is using Log4Shell, the 3CX supply chain attack, and other known vectors to breach…
Invicti Zooms In On Vulnerabilities That Plague Developers, Security Pros
Invicti's Patrick Vandenberg joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to discuss the latest…
SOSSA and CRA Spell Trouble for Open Source Software
The lack of understanding around open source poses a threat when legislation is considered. Governments can help by offering funding…
Microsoft: Iranian hackers behind retaliatory cyberattacks on US orgs
Microsoft has discovered that an Iranian hacking group known as 'Mint Sandstorm' is conducting cyberattacks on US critical infrastructure in…
15 million public-facing services vulnerable to CISA KEV flaws
Over 15 million publicly facing services are susceptible to at least one of the 896 vulnerabilities listed in CISA's KEV…
10 Vulnerabilities Types to Focus On This Year
A new Tech Insight report examines how the enterprise attack surface is expanding and how organizations must deal with vulnerabilities…
Tackling Software Supply Chain Issues With CNAPP
The cloud-native application protection platform market is expanding as security teams look to protect their applications and the software supply…