Real-World Threats That Trump Spectre & Meltdown
8 Tips for Monitoring Cloud Security
7 Privacy Mistakes That Keep Security Pros on Their Toes
6 Serverless and Containerization Trends CISOs Should Track
6 Ways to Beat Back BEC Attacks
News & Commentary
RF Hacking Research Exposes Danger to Construction Sites
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Trend Micro team unearthed 17 vulnerabilities among seven vendors' remote controller devices.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 1/23/2019
Comment0 comments  |  Read  |  Post a Comment
DHS Issues Emergency Directive on DNS Security
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
All government domain owners are instructed to take immediate steps to strengthen the security of their DNS servers following a successful hacking campaign.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 1/23/2019
Comment0 comments  |  Read  |  Post a Comment
'Anatova' Emerges as Potentially Major New Ransomware Threat
Jai Vijayan, Freelance writerNews
Modular design, ability to infect network shares make the malware dangerous, McAfee says.
By Jai Vijayan Freelance writer, 1/23/2019
Comment0 comments  |  Read  |  Post a Comment
Aging PCs Running Out-of-Date Software Bring Security Worries
Dark Reading Staff, Quick Hits
Age is an issue with application languages and frameworks, too.
By Dark Reading Staff , 1/23/2019
Comment0 comments  |  Read  |  Post a Comment
The Evolution of SIEM
Chetan Mundhada, Vice President of Sales at NETMONASTERYCommentary
Expectations for these security information and event management systems have grown over the years, in ways that just aren't realistic.
By Chetan Mundhada Vice President of Sales at NETMONASTERY, 1/23/2019
Comment0 comments  |  Read  |  Post a Comment
Google Creates Online Phishing Quiz
Dark Reading Staff, Quick Hits
Google Alphabet incubator Jigsaw says knowing how to spot a phish plus two-factor authentication are the best defenses against falling for a phishing email.
By Dark Reading Staff , 1/23/2019
Comment1 Comment  |  Read  |  Post a Comment
Cybercriminals Home in on Ultra-High Net Worth Individuals
Steve Zurier, Freelance WriterNews
Research shows that better corporate security has resulted in some hackers shifting their sights to the estates and businesses of wealthy families.
By Steve Zurier Freelance Writer, 1/23/2019
Comment0 comments  |  Read  |  Post a Comment
Think Twice Before Paying a Ransom
Jadee Hanson, CISO and VP of Information Systems at Code42Commentary
Why stockpiling cryptocurrency or paying cybercriminals is not the best response.
By Jadee Hanson CISO and VP of Information Systems at Code42, 1/23/2019
Comment0 comments  |  Read  |  Post a Comment
Enterprise Malware Detections Up 79% as Attackers Refocus
Kelly Sheridan, Staff Editor, Dark ReadingNews
A new report on the state of malware shows a spike in B2B malware, with former banking Trojans Emotet and TrickBot topping the list.
By Kelly Sheridan Staff Editor, Dark Reading, 1/23/2019
Comment0 comments  |  Read  |  Post a Comment
Stealthy New DDoS Attacks Target Internet Service Providers
Jai Vijayan, Freelance writerNews
Adversaries took advantage of the large attack surface of large communications networks to spread small volumes of junk traffic across hundreds of IP prefixes in Q3 2018, Nexusguard says.
By Jai Vijayan Freelance writer, 1/22/2019
Comment0 comments  |  Read  |  Post a Comment
Hack of Plug-in Website Ruffles WordPress Community
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
An intruder thought to be a former employee used a backdoor into the WPML website to skim email addresses and send a mass email blast.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 1/22/2019
Comment0 comments  |  Read  |  Post a Comment
Security Talent Continues to Fetch Top Dollar on IT Job Market
Dark Reading Staff, Quick Hits
IT and cybersecurity positions continue to rank near the top of the salary ranges paid to IT professionals, according to a new survey.
By Dark Reading Staff , 1/22/2019
Comment1 Comment  |  Read  |  Post a Comment
The Fact and Fiction of Homomorphic Encryption
Ameesh Divatia, Co-Founder & CEO of BaffleCommentary
The approach's promise continues to entice cryptographers and academics. But don't expect it to help in the real world anytime soon.
By Ameesh Divatia Co-Founder & CEO of Baffle, 1/22/2019
Comment0 comments  |  Read  |  Post a Comment
Real-World Threats That Trump Spectre & Meltdown
Curtis Franklin Jr., Senior Editor at Dark Reading
New side-channel attacks are getting lots of attention, but other more serious threats should top your list of threats.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 1/22/2019
Comment0 comments  |  Read  |  Post a Comment
How Cybercriminals Clean Their Dirty Money
 Alexon Bell, Global Head of AML & Compliance, QuantexaCommentary
By using a combination of new cryptocurrencies and peer-to-peer marketplaces, cybercriminals are laundering up to an estimated $200 billion in ill-gotten gains a year. And that's just the beginning.
By Alexon Bell Global Head of AML & Compliance, Quantexa, 1/22/2019
Comment5 comments  |  Read  |  Post a Comment
Google Hit With $57 Million GDPR Fine in France
Dark Reading Staff, Quick Hits
The fine represents the first major penalty for a US technology company under the new European regulations.
By Dark Reading Staff , 1/21/2019
Comment0 comments  |  Read  |  Post a Comment
Shadow IT, IaaS & the Security Imperative
Sanjay Kalra, Co-Founder & Chief Strategy Officer at LaceworkCommentary
Organizations must strengthen their security posture in cloud environments. That means considering five critical elements about their infrastructure, especially when it operates as an IaaS.
By Sanjay Kalra Co-Founder & Chief Strategy Officer at Lacework, 1/21/2019
Comment1 Comment  |  Read  |  Post a Comment
2018's Most Common Vulnerabilities Include Issues New and Old
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
The most common vulnerabilities seen last year run the gamut from cross-site scripting to issues with CMS platforms.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 1/18/2019
Comment0 comments  |  Read  |  Post a Comment
VC Investments in Cybersecurity Hit Record Highs in 2018
Jai Vijayan, Freelance writerNews
But rate of funding appears unsustainable, according to Strategic Cyber Ventures.
By Jai Vijayan Freelance writer, 1/18/2019
Comment0 comments  |  Read  |  Post a Comment
GDPR Suit Filed Against Amazon, Apple
Dark Reading Staff, Quick Hits
An Austrian non-profit, led by privacy activist and attorney Max Schrems, has filed suit against 8 tech giants for non-compliance with the EU General Data Protection Regulation.
By Dark Reading Staff , 1/18/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
How Cybercriminals Clean Their Dirty Money
Alexon Bell, Global Head of AML & Compliance, Quantexa,  1/22/2019
Facebook Shuts Hundreds of Russia-Linked Pages, Accounts for Disinformation
Sara Peters, Senior Editor at Dark Reading,  1/17/2019
Register for Dark Reading Newsletters
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "He's not that smart. He's running iOS 11 on a 5c."
White Papers
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-20742
PUBLISHED: 2019-01-24
An issue was discovered in UC Berkeley RISE Opaque before 2018-12-01. There is no boundary check on ocall_malloc. The return value could be a pointer to enclave memory. It could cause an arbitrary enclave memory write.
CVE-2019-6486
PUBLISHED: 2019-01-24
Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service (CPU consumption) or possibly conduct ECDH private key recovery attacks.
CVE-2018-17693
PUBLISHED: 2019-01-24
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the con...
CVE-2018-17694
PUBLISHED: 2019-01-24
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the han...
CVE-2018-17695
PUBLISHED: 2019-01-24
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the han...
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Flash Poll
Video
Slideshows
Twitter Feed