Editor's Pick

Using John The Ripper for Password Cracking

During your work in CTFs and information security, you may come across hashed passwords and encrypted zip files. Often you get people asking how to “Decrypt hashes” or “Break zip file encryption” but that’s not possible. Hashes are one way, you ...

Latest news

How to Measure Patching and Remediation Performance

Tracking metrics like MTTR, MTTD, MTTP, and MTTC can demonstrate the effectiveness of your patch management process and your value to the business.

Dark Reading | 17 minutes ago
Russian Hacktivism Takes a Toll on Organizations in Ukraine, EU, US

Russian hacktivist attacks are mostly for show, but sometimes they cause serious damage and are poised to begin getting worse.

Dark Reading | 15 hours ago
Attacks on Maximum Severity WS_FTP Bug Have Been Limited — So Far

While CVE-2023-40044 is critical, threat watchers hope it won't be another MOVEit for customers of Progress Software's file transfer technology.

Dark Reading | 16 hours ago
USPS Anchors Snowballing Smishing Campaigns

Researchers found 164 domains connected to a single threat actor located in Tehran.

Dark Reading | 17 hours ago
Name That Edge Toon: Office Artifacts

Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.

Dark Reading | 21 hours ago
Fast-Growing Dropbox Campaign Steals Microsoft SharePoint Credentials

Thousands of messages are being sent weekly in a campaign that uses links hosted on legitimate websites to evade natural language processing and...

Dark Reading | 21 hours ago
Ransomware Crisis, Recession Fears Leave CISOs in Tough Spot

Combining robust decryption and orchestration of encrypted traffic with threat prevention is crucial to staying ahead of attackers.

Dark Reading | a day ago
Nexusflow Slots AI Into SOC Automation

The startup claims its private AI software is working on making decisions based on generalizing from examples.

Dark Reading | a day ago
In Search of Rust Developers, Companies Turn to In-House Training

Google, Fortanix, and other firms have aimed to train a cadre of Rust developers, betting that the additional cost will be offset by security savings.

Dark Reading | a day ago
North Korea Poses as Meta to Deploy Complex Backdoor at Aerospace Org

The Lazarus Group's "LightlessCan" malware executes multiple native Windows commands within the RAT itself, making detection significantly harder,...

Dark Reading | a day ago
KillNet Claims DDoS Attack Against Royal Family Website

The royal takedown was a brief but effective PR stunt for Russia's most notorious hacktivist group.

Dark Reading | a day ago
FBI: Crippling 'Dual Ransomware Attacks' on the Rise

Once they compromise an victim with an initial ransomware attack, threat actors are ready to deploy a secondary attack with a different strain,...

Dark Reading | a day ago
Norway Urges Europe-Wide Ban on Meta's Targeted Ad Data Collection

Norway wants to permanently ban the owner of Facebook and Instagram from collecting sensitive user data across Europe, saying its current policies...

Dark Reading | a day ago
Addressing AI and Security Challenges With Red Teams: A Google Perspective

Red Teams can help organizations better understand vulnerabilities and secure critical AI deployments.

Dark Reading | a day ago
Iran-Linked APT34 Spy Campaign Targets Saudis

The Menorah malware can upload and download files, as well as execute shell commands.

Dark Reading | a day ago
Which DFIR Challenges Does the Middle East Face?

Demand for digital forensics and incident response (DFIR) surges in the Middle East, a new IDC report finds. Is automation the answer?

Dark Reading | a day ago
Don’t Let Zombie Zoom Links Drag You Down

Many organizations — including quite a few Fortune 500 firms — have exposed web links that allow anyone to initiate a Zoom video conference mee...

Krebs on Security | a day ago
Making Sense of Today's Payment Cybersecurity Landscape

PCI DSS v4.0 is the future of the payment card industry's information security standard, but businesses must continue to look beyond this guidance...

Dark Reading | 2 days ago
The Silent Threat of APIs: What the New Data Reveals About Unknown Risk

The rapid growth of APIs creates a widening attack surface and increasing unknown cybersecurity risks.

Dark Reading | 2 days ago
A Closer Look at the Snatch Data Ransom Group

Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the...

Krebs on Security | 3 days ago
Securing AI: What You Should Know

Securing AI within your organization starts with understanding how AI differs from traditional business tools. Google's Secure AI Framework...

Dark Reading | 4 days ago

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss