New & Notable
News
VexTrio cybercrime outfit run by legit ad tech firms
New research reveals that a malicious traffic distribution system (TDS) is run not by 'hackers in hoodies,' but by a series of corporations operating in the commercial digital advertising industry.
— Dark ReadingNews
'ReVault' security flaws impact millions of Dell laptops
The now-patched vulnerabilities exist at the firmware level and enable deep persistence on compromised systems.
— Dark ReadingNews
Critical zero-day bugs crack open CyberArk, HashiCorp password vaults
Secrets managers hold all the keys to an enterprise's kingdom. Two popular ones had longstanding, critical, unauthenticated RCE vulnerabilities.
— Dark ReadingNews
U.S. still prioritizing zero-trust migration to limit hacks' damage
The zero-trust initiative, which gained steam during the Biden administration, is still underway.
— Cybersecurity DiveTrending Topics
-
Data Security & Privacy Manage
Prevent and manage cloud shadow AI with policies and tools
Unmanaged cloud-based AI tool use can result in data loss and reputational harm, among other risks. The time to stop and prevent cloud-based shadow AI use is now.
-
Threats & Vulnerabilities News
The latest from Black Hat USA 2025
This is your guide to the breaking news, trending topics and more from Black Hat USA 2025, one of the world's top cybersecurity conferences.
-
IAM Manage
How liveness detection catches deepfakes and spoofing attacks
Biometric liveness detection can stop fake users in their tracks. Learn how the technology works to distinguish real humans from deepfakes and other spoofing attacks.
-
Analytics & Automation Manage
Change is in the wind for SecOps: Are you ready?
Attackers have historically had time on their side, outpacing defenders who have struggled to keep up. Agentic AI appears poised to change the game.
-
Network Security Get Started
An explanation of quantum cryptography
Quantum cryptography uses photons to transmit keys securely through quantum properties, creating an unhackable system that outperforms traditional math-based encryption methods.
-
Operations & Management Manage
AI security: Top experts weigh in on the why and how
AI is everywhere, so security focus on this new technology is essential. In this podcast episode, three top security experts review the risks and discuss ways to mitigate them.
Sponsored Sites
-
Security
One Identity | Integrated Cybersecurity for all Your Identities
Learn how One Identity provides integrated cybersecurity solutions, delivering a truly unified identity platform and streamlining management across on-premises and cloud resources.
-
Security
Transform Your Network Security: Secure, Agile, and Ready for the Future
Experience a revolution in network security with Secure Network Transformation solutions. Learn how TATA Communications’ comprehensive approach ensures unparalleled protection, performance, and flexibility for your network infrastructure.
-
Networking
Verizon Private 5G Edge - Enterprise Intelligence
Verizon is leading the development of secure cloud computing power at the edge of the network. Hosting applications at the network edge helps improve response times and performance – enabling the faster collection, processing and analysis of data for better business outcomes, and true Enterprise Intelligence.
Topics Covered
Application and platform security
Careers and certifications
Cloud security
Compliance
Data security and privacy
Identity and access management
Network security
Risk management
Security analytics and automation
Security operations and management
Threat detection and response
Threats and vulnerabilities
Featured Authors
Find Solutions For Your Project
-
Evaluate
Black Hat 2025: Navigating AI and supply chain security
Experts at the conference will discuss how AI impacts software supply chain security, highlighting challenges and strategies for developers and security teams.
-
Is post-quantum cryptography the next Y2K?
-
Top DevSecOps certifications and trainings for 2025
-
How to perform a cybersecurity risk assessment in 5 steps
-
-
Problem Solve
How to recover from a ransomware attack: A complete guide
With a ransomware recovery plan, organizations can act quickly to prevent data loss without descending into chaos. Learn the crucial steps to incorporate into your plan.
-
How to remove ransomware, step by step
-
How to discover and manage shadow APIs
-
How to calculate cybersecurity ROI for CEOs and boards
-
-
Manage
Prevent and manage cloud shadow AI with policies and tools
Unmanaged cloud-based AI tool use can result in data loss and reputational harm, among other risks. The time to stop and prevent cloud-based shadow AI use is now.
-
AI security: Top experts weigh in on the why and how
-
How liveness detection catches deepfakes and spoofing attacks
-
DLP and DSPM: Navigate policy challenges and quiet alert noise
-
Information Security Basics
-
Get Started
What is integrated risk management (IRM)?
Integrated risk management (IRM) is a set of proactive, businesswide practices that contribute to an organization's security, risk tolerance profile and strategic decisions.
-
Get Started
What is COMSEC (communications security)?
Communications security (COMSEC) is the prevention of unauthorized access to telecommunications traffic or to any written information that is transmitted or transferred.
-
Get Started
What is the Mitre ATT&CK framework?
The Mitre ATT&CK -- pronounced miter attack -- framework is a free, globally accessible knowledge base that describes the latest behaviors and tactics of cyberadversaries to help organizations strengthen their cybersecurity strategies.
Multimedia
-
Get Started
An explanation of quantum cryptography
-
-
Get Started
An explanation of encryption
-
News
View All -
Google Gemini AI bot hijacks smart homes, turns off the lights
Using invisible prompts, the attacks demonstrate a physical risk that could soon become reality as the world increasingly becomes more interconnected with artificial intelligence.
-
VexTrio cybercrime outfit run by legit ad tech firms
New research reveals that a malicious traffic distribution system (TDS) is run not by 'hackers in hoodies,' but by a series of corporations operating in the commercial digital advertising industry.
-
'ReVault' security flaws impact millions of Dell laptops
The now-patched vulnerabilities exist at the firmware level and enable deep persistence on compromised systems.
Search Security Definitions
- What is integrated risk management (IRM)?
- What is COMSEC (communications security)?
- What is the Mitre ATT&CK framework?
- What is a CISO (chief information security officer)?
- What is biometric authentication?
- What is cybersecurity?
- What is cloud infrastructure entitlement management (CIEM)?
- What is a CISO as a service (CISOaaS)?