Chinese hackers backdoor chat app with new Linux, macOS malware
Versions of a cross-platform instant messenger application focused on the Chinese market known as 'MiMi' have been trojanized to deliver…
Sounding the Alarm on Emergency Alert System Flaws
The Department of Homeland Security (DHS) is urging states and localities to beef up security around proprietary devices that connect…
After Colonial Pipeline, Critical Infrastructure Operators Remain Blind to Cyber-Risks
In her keynote address at Black Hat USA 2022, Kim Zetter gives a scathing rebuke of Colonial Pipeline for not…
Zimbra auth bypass bug exploited to breach over 1,000 servers
An authentication bypass Zimbra security vulnerability is being exploited to compromise Zimbra Collaboration Suite (ZCS) email servers worldwide. [...]
NFTS Are Cool but Dangerous
By Guy Rosefelt, CPO, Sangfor Technologies NFTs have become very popular with collectors and are more ubiquitous every […] The…
New HTTP Request Smuggling Attacks Target Web Browsers
Threat actors can abuse weaknesses in HTTP request handling to launch damaging browser-based attacks on website users, researcher says.
Multiple Vulnerabilities Discovered in Device42 Asset Management Appliance
Four serious security issues on the popular appliance could be exploited by hackers with any level of access within the…
Rethinking Software in the Organizational Hierarchy
Least privilege is a good defense normally applied only to users. What if we limited apps' access to other apps…
Azure PostgreSQL User Databases Were Exposed Due to Critical Vulnerabilities
By Randy Reiter CEO of Don’t Be Breached April, 2022 Microsoft reported that vulnerabilities in its Azure Database […] The…
Dark Reading News Desk: Live at Black Hat USA 2022
TODAY at 10 PT: Dark Reading News Desk returns to Black Hat USA 2022