August 7, 2024 at 06:43AM The Dark Reading team presents live coverage of Black Hat USA 2024 from Mandalay Bay on Aug. 7-8. The event features top cybersecurity experts discussing AI, national cybersecurity strategies, upcoming trends, and more. Join the live stream or watch on YouTube for insights from industry leaders and in-depth coverage of … Read more
August 1, 2024 at 06:05PM Japanese researchers will demonstrate at Black Hat USA how attackers can insert malicious commands into the machine code of software interpreters, like VBScript and Python, to execute malicious code undetected. By exploiting the lack of bytecode scanning in security software, attackers can hide their activity, posing a significant supply chain … Read more
July 29, 2024 at 10:06AM Black Hat USA 2024 offers valuable insights for cybersecurity professionals. Despite the AI trend, vulnerability remediation remains a key focus. Sessions cover Amazon Web Services vulnerabilities, Microsoft’s use of large language models, CI/CD runner security risks, Google Cloud Platform vulnerabilities, and more. Emphasizes the need for proactive security culture and … Read more
July 26, 2024 at 06:27AM Email security providers are expanding their offerings to include human risk management tools for data loss prevention (DLP). Mimecast acquired Code42, their second human risk management acquisition this year. Competitors like Proofpoint, Sophos, and ESET are also making similar moves. Mimecast’s CEO highlighted plans to integrate Code42’s capabilities and maintain … Read more
July 18, 2024 at 02:23PM Three novel attack techniques chaining vulnerabilities found in email-hosting platforms allow spoofing of emails from over 20 million trusted organization domains. Researchers at PayPal discovered flaws that bypass SPF, DKIM, and DMARC protocols, affecting large email service providers. They plan to disclose these vulnerabilities in an upcoming conference. The attacks … Read more
June 27, 2024 at 01:20PM At Black Hat USA 2024, Jason Healey will present “Is Defense Winning?” examining the perpetual struggle between cybersecurity defenders and attackers. He emphasizes the need for measurable indicators to gauge defensive progress, suggesting changes akin to climate change metrics. He advocates leveraging systemic changes and existing reports to establish defensibility … Read more