New & Notable
News
Researchers warn of 'hidden risks' in passwordless account recovery
Passwordless authentication is becoming more common, but account recovery poses increased risks that can lead to account takeovers. It's especially dangerous because even low-skilled attackers can achieve success.
— Dark ReadingNews
The latest from Black Hat USA 2025
This is your guide to the breaking news, trending topics and more from Black Hat USA 2025, one of the world's top cybersecurity conferences.
News
Utilities, factories at risk From encryption holes in industrial protocol
The OPC UA communication protocol is widely used in industrial settings, but despite its complex cryptography, the open source protocol appears to be vulnerable in a number of different ways.
— Dark ReadingNews
REvil actor accuses Russia of planning 2021 Kaseya attack
REvil affiliate Yaroslav Vasinskyi, who was convicted last year for his role in the 2021 Kaseya ransomware supply chain attack, said the Russian government was instrumental to the attack's execution.
— Dark ReadingTrending Topics
-
Data Security & Privacy Manage
Prevent and manage cloud shadow AI with policies and tools
Unmanaged cloud-based AI tool use can result in data loss and reputational harm, among other risks. The time to stop and prevent cloud-based shadow AI use is now.
-
Threats & Vulnerabilities News
The latest from Black Hat USA 2025
This is your guide to the breaking news, trending topics and more from Black Hat USA 2025, one of the world's top cybersecurity conferences.
-
IAM Manage
How liveness detection catches deepfakes and spoofing attacks
Biometric liveness detection can stop fake users in their tracks. Learn how the technology works to distinguish real humans from deepfakes and other spoofing attacks.
-
Analytics & Automation Manage
Change is in the wind for SecOps: Are you ready?
Attackers have historically had time on their side, outpacing defenders who have struggled to keep up. Agentic AI appears poised to change the game.
-
Network Security Get Started
How to use Nmap to scan ports: A complete tutorial
Nmap is a versatile open source security tool that scans ports to identify vulnerabilities, test firewall rules, inventory networks and troubleshoot connectivity issues.
-
Operations & Management Manage
Experts weigh in on securing AI effectively
Using AI comes with security risks. Learn what the top attack vectors and privacy threats are, then discover how to mitigate them through proper strategy, monitoring and more.
Sponsored Sites
-
Security
One Identity | Integrated Cybersecurity for all Your Identities
Learn how One Identity provides integrated cybersecurity solutions, delivering a truly unified identity platform and streamlining management across on-premises and cloud resources.
-
Security
Transform Your Network Security: Secure, Agile, and Ready for the Future
Experience a revolution in network security with Secure Network Transformation solutions. Learn how TATA Communications’ comprehensive approach ensures unparalleled protection, performance, and flexibility for your network infrastructure.
-
Artificial Intelligence
Intel & Red Hat: Leading the way in Enterprise AI
Combining Intel’s silicon experience with Red Hat’s software innovation to enable AI-driven hybrid multi-cloud solutions.
Topics Covered
Application and platform security
Careers and certifications
Cloud security
Compliance
Data security and privacy
Identity and access management
Network security
Risk management
Security analytics and automation
Security operations and management
Threat detection and response
Threats and vulnerabilities
Featured Authors
Find Solutions For Your Project
-
Evaluate
Black Hat 2025: Navigating AI and supply chain security
Experts at the conference will discuss how AI impacts software supply chain security, highlighting challenges and strategies for developers and security teams.
-
Is post-quantum cryptography the next Y2K?
-
Top DevSecOps certifications and trainings for 2025
-
How to perform a cybersecurity risk assessment in 5 steps
-
-
Problem Solve
How to prevent DoS attacks and what to do if they happen
The worst DoS attacks are like digital tsunamis that put critical business operations at risk. Learn how they work, ways to stop them and how systems can withstand the flood.
-
How to recover from a ransomware attack: A complete guide
-
How to remove ransomware, step by step
-
How to discover and manage shadow APIs
-
-
Manage
Experts weigh in on securing AI effectively
Using AI comes with security risks. Learn what the top attack vectors and privacy threats are, then discover how to mitigate them through proper strategy, monitoring and more.
-
Prevent and manage cloud shadow AI with policies and tools
-
AI security: Top experts weigh in on the why and how
-
How liveness detection catches deepfakes and spoofing attacks
-
Information Security Basics
-
Get Started
How to use Nmap to scan ports: A complete tutorial
Nmap is a versatile open source security tool that scans ports to identify vulnerabilities, test firewall rules, inventory networks and troubleshoot connectivity issues.
-
Get Started
What is integrated risk management (IRM)?
Integrated risk management (IRM) is a set of proactive, businesswide practices that contribute to an organization's security, risk tolerance profile and strategic decisions.
-
Get Started
What is COMSEC (communications security)?
Communications security (COMSEC) is the prevention of unauthorized access to telecommunications traffic or to any written information that is transmitted or transferred.
Multimedia
-
Get Started
An explanation of quantum cryptography
-
-
Get Started
An explanation of encryption
-
News
View All -
Utilities, factories at risk From encryption holes in industrial protocol
The OPC UA communication protocol is widely used in industrial settings, but despite its complex cryptography, the open source protocol appears to be vulnerable in a number of different ways.
-
REvil actor accuses Russia of planning 2021 Kaseya attack
REvil affiliate Yaroslav Vasinskyi, who was convicted last year for his role in the 2021 Kaseya ransomware supply chain attack, said the Russian government was instrumental to the attack's execution.
-
Research shows AI agents are highly vulnerable to hijacking attacks
Experts from Zenity Labs demonstrated how attackers could exploit widely deployed AI technologies for data theft and manipulation.
Search Security Definitions
- What is integrated risk management (IRM)?
- What is COMSEC (communications security)?
- What is the Mitre ATT&CK framework?
- What is a CISO (chief information security officer)?
- What is biometric authentication?
- What is cloud infrastructure entitlement management (CIEM)?
- What is cybersecurity?
- What is a CISO as a service (CISOaaS)?