New & Notable
News
Researchers warn of 'hidden risks' in passwordless account recovery
Passwordless authentication is becoming more common, but account recovery poses increased risks that can lead to account takeovers. It's especially dangerous because even low-skilled attackers can achieve success.
— Dark ReadingNews
The latest from Black Hat USA 2025
This is your guide to the breaking news, trending topics and more from Black Hat USA 2025, one of the world's top cybersecurity conferences.
News
Utilities, factories at risk From encryption holes in industrial protocol
The OPC UA communication protocol is widely used in industrial settings, but despite its complex cryptography, the open source protocol appears to be vulnerable in a number of different ways.
— Dark ReadingNews
REvil actor accuses Russia of planning 2021 Kaseya attack
REvil affiliate Yaroslav Vasinskyi, who was convicted last year for his role in the 2021 Kaseya ransomware supply chain attack, said the Russian government was instrumental to the attack's execution.
— Dark ReadingTrending Topics
-
Data Security & Privacy Manage
Prevent and manage cloud shadow AI with policies and tools
Unmanaged cloud-based AI tool use can result in data loss and reputational harm, among other risks. The time to stop and prevent cloud-based shadow AI use is now.
-
Threats & Vulnerabilities News
The latest from Black Hat USA 2025
This is your guide to the breaking news, trending topics and more from Black Hat USA 2025, one of the world's top cybersecurity conferences.
-
IAM Manage
How liveness detection catches deepfakes and spoofing attacks
Biometric liveness detection can stop fake users in their tracks. Learn how the technology works to distinguish real humans from deepfakes and other spoofing attacks.
-
Analytics & Automation Manage
Change is in the wind for SecOps: Are you ready?
Attackers have historically had time on their side, outpacing defenders who have struggled to keep up. Agentic AI appears poised to change the game.
-
Network Security Get Started
How to use Nmap to scan ports: A complete tutorial
Nmap is a versatile open source security tool that scans ports to identify vulnerabilities, test firewall rules, inventory networks and troubleshoot connectivity issues.
-
Operations & Management Manage
Experts weigh in on securing AI effectively
Using AI comes with security risks. Learn what the top attack vectors and privacy threats are, then discover how to mitigate them through proper strategy, monitoring and more.
Sponsored Sites
-
Security
Transform Your Network Security: Secure, Agile, and Ready for the Future
Experience a revolution in network security with Secure Network Transformation solutions. Learn how TATA Communications’ comprehensive approach ensures unparalleled protection, performance, and flexibility for your network infrastructure.
-
Security
One Identity | Integrated Cybersecurity for all Your Identities
Learn how One Identity provides integrated cybersecurity solutions, delivering a truly unified identity platform and streamlining management across on-premises and cloud resources.
-
IT Workflows
Transform Your Organization With Modern and Resilient IT Services
Learn how ServiceNow’s IT solutions can help your organization seize the upside of operational resilience and raise employee agility.
Topics Covered
Application and platform security
Careers and certifications
Cloud security
Compliance
Data security and privacy
Identity and access management
Network security
Risk management
Security analytics and automation
Security operations and management
Threat detection and response
Threats and vulnerabilities
Featured Authors
Find Solutions For Your Project
-
Evaluate
Black Hat 2025: Navigating AI and supply chain security
Experts at the conference will discuss how AI impacts software supply chain security, highlighting challenges and strategies for developers and security teams.
-
Is post-quantum cryptography the next Y2K?
-
Top DevSecOps certifications and trainings for 2025
-
How to perform a cybersecurity risk assessment in 5 steps
-
-
Problem Solve
How to prevent DoS attacks and what to do if they happen
The worst DoS attacks are like digital tsunamis that put critical business operations at risk. Learn how they work, ways to stop them and how systems can withstand the flood.
-
How to recover from a ransomware attack: A complete guide
-
How to remove ransomware, step by step
-
How to discover and manage shadow APIs
-
-
Manage
Experts weigh in on securing AI effectively
Using AI comes with security risks. Learn what the top attack vectors and privacy threats are, then discover how to mitigate them through proper strategy, monitoring and more.
-
Prevent and manage cloud shadow AI with policies and tools
-
AI security: Top experts weigh in on the why and how
-
How liveness detection catches deepfakes and spoofing attacks
-
Information Security Basics
-
Get Started
What is governance, risk and compliance (GRC)?
Governance, risk and compliance (GRC) refers to an organization's strategy, or framework, for handling the interdependencies of the following three components: corporate governance policies, enterprise risk management programs, and regulatory and ...
-
Get Started
How to use Nmap to scan ports: A complete tutorial
Nmap is a versatile open source security tool that scans ports to identify vulnerabilities, test firewall rules, inventory networks and troubleshoot connectivity issues.
-
Get Started
What is integrated risk management (IRM)?
Integrated risk management (IRM) is a set of proactive, businesswide practices that contribute to an organization's security, risk tolerance profile and strategic decisions.
Multimedia
-
Get Started
An explanation of quantum cryptography
-
-
Get Started
An explanation of encryption
-
News
View All -
Black Hat NOC expands AI implementation across security operations
Corelight's James Pope gives Dark Reading an inside look at this year's Black Hat Network Operations Center, detailing security challenges and rising trends -- many related to increased AI use.
-
Researchers warn of 'hidden risks' in passwordless account recovery
Passwordless authentication is becoming more common, but account recovery poses increased risks that can lead to account takeovers. It's especially dangerous because even low-skilled attackers can achieve success.
-
Utilities, factories at risk From encryption holes in industrial protocol
The OPC UA communication protocol is widely used in industrial settings, but despite its complex cryptography, the open source protocol appears to be vulnerable in a number of different ways.
Search Security Definitions
- What is governance, risk and compliance (GRC)?
- What is integrated risk management (IRM)?
- What is COMSEC (communications security)?
- What is the Mitre ATT&CK framework?
- What is a CISO (chief information security officer)?
- What is biometric authentication?
- What is cloud infrastructure entitlement management (CIEM)?
- What is cybersecurity?