Third-Party Cyber-Risk by the Numbers
GoT Guide to Cybersecurity: Preparing for Battle During a Staffing Shortage
8 'SOC-as-a-Service' Offerings
8 Steps to More Effective Small Business Security
Cartoon: The Cyber Mindset
News & Commentary
FBI: $2.7 Billion in Losses to Cyber-Enabled Crimes in 2018
Dark Reading Staff, Quick Hits
Internet Crime Complaint Center (IC3) last year received an average of 900+ reports daily of Internet-enabled theft, fraud, and exploitation.
By Dark Reading Staff , 4/22/2019
Comment0 comments  |  Read  |  Post a Comment
Trojanized TeamViewer Used in Targeted Attacks Against Multiple Embassies
Jai Vijayan, Freelance writerNews
Motive remains unclear though financial theft appears to be one possibility, Check Point Research says.
By Jai Vijayan Freelance writer, 4/22/2019
Comment0 comments  |  Read  |  Post a Comment
WannaCry Hero Hutchins Pleads Guilty to Malware Charges
Kelly Sheridan, Staff Editor, Dark ReadingNews
Marcus Hutchins, the security researcher who helped halt the spread of the WannaCry attack, pleads guilty to two charges related to writing malware.
By Kelly Sheridan Staff Editor, Dark Reading, 4/22/2019
Comment0 comments  |  Read  |  Post a Comment
Who Gets Targeted Most in Cyberattack Campaigns
Dark Reading Staff, Quick Hits
Attackers are changing both their tactics and targets in an attempt to remain criminally successful, Proofpoint's study found.
By Dark Reading Staff , 4/22/2019
Comment0 comments  |  Read  |  Post a Comment
4 Tips to Protect Your Business Against Social Media Mistakes
Guy Bunker, CTO of ClearswiftCommentary
Don't let social media become the go-to platform for cybercriminals looking to steal sensitive corporate information or cause huge reputational damage.
By Guy Bunker CTO of Clearswift, 4/22/2019
Comment0 comments  |  Read  |  Post a Comment
Researchers Find Clues for Dramatically Reducing IDS Traffic Volume
Dark Reading Staff, Quick Hits
Research at military labs and Towson University shows that identifying malicious activity may require much less captured data than has been the case.
By Dark Reading Staff , 4/19/2019
Comment1 Comment  |  Read  |  Post a Comment
Russia Hacked Clinton's Computers Five Hours After Trump's Call
Robert Lemos, Technology Journalist/Data ResearcherNews
Mueller report finds that in July 2016, after then-candidate Donald Trump publicly called for Russia to "find the 30,000 emails," Russian agents targeted Hillary Clinton's personal office with cyberattacks.
By Robert Lemos Technology Journalist/Data Researcher, 4/19/2019
Comment8 comments  |  Read  |  Post a Comment
APT34 Toolset, Victim Data Leaked via Telegram
Dark Reading Staff, Quick Hits
For the last month, an unknown individual or group has been sharing data and hacking tools belonging to Iranian hacker group APT34.
By Dark Reading Staff , 4/19/2019
Comment1 Comment  |  Read  |  Post a Comment
Free Princeton Application Provides IoT Traffic Insight
Dark Reading Staff, Quick Hits
The application developed by a research group allows users to spot possible IoT security problems.
By Dark Reading Staff , 4/19/2019
Comment1 Comment  |  Read  |  Post a Comment
Why We Need a 'Cleaner Internet'
Darren Anstee, Chief Technology Officer at Arbor NetworksCommentary
By blocking threats and attacks nearer to their sources, cybersecurity pros could help turn the connected world into a safer place for all.
By Darren Anstee Chief Technology Officer at Arbor Networks, 4/19/2019
Comment2 comments  |  Read  |  Post a Comment
Third-Party Cyber-Risk by the Numbers
Ericka Chickowski, Contributing Writer, Dark Reading
Recent stats show that the state of third-party cyber risk and vendor risk management remains largely immature at most organizations.
By Ericka Chickowski Contributing Writer, Dark Reading, 4/19/2019
Comment0 comments  |  Read  |  Post a Comment
Cisco Issues 31 Mid-April Security Alerts
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Among them, two are critical and six are of high importance.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/18/2019
Comment0 comments  |  Read  |  Post a Comment
Creator of Hub for Stolen Credit Cards Sentenced to 90 Months
Robert Lemos, Technology Journalist/Data ResearcherNews
Coming eight years after he launched the site, the steep sentence for the cybercriminal operator is based on a tab of $30 million in damages calculated by Mastercard and other credit card companies.
By Robert Lemos , 4/18/2019
Comment0 comments  |  Read  |  Post a Comment
6 Takeaways from Ransomware Attacks in Q1
Jai Vijayan, Freelance writerNews
Customized, targeted ransomware attacks were all the rage.
By Jai Vijayan Freelance writer, 4/18/2019
Comment1 Comment  |  Read  |  Post a Comment
Cloud Security Spend Set to Reach $12.6B by 2023
Kelly Sheridan, Staff Editor, Dark ReadingNews
Growth corresponds with a greater reliance on public cloud services.
By Kelly Sheridan Staff Editor, Dark Reading, 4/18/2019
Comment0 comments  |  Read  |  Post a Comment
The Cybersecurity Automation Paradox
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Recent studies show that before automation can reduce the burden on understaffed cybersecurity teams, they need to bring in enough automation skills to run the tools.
By Ericka Chickowski Contributing Writer, Dark Reading, 4/18/2019
Comment1 Comment  |  Read  |  Post a Comment
How to Raise the Level of AppSec Competency in Your Organization
Sammy Migues, Principal Scientist, SynopsysCommentary
Improving processes won't happen overnight, but it's not complicated either.
By Sammy Migues Principal Scientist, Synopsys, 4/18/2019
Comment0 comments  |  Read  |  Post a Comment
Former Student Admits to USB Killer Attack
Dark Reading Staff, Quick Hits
An Indian national used device to attack computers and peripherals at a New York college.
By Dark Reading Staff , 4/18/2019
Comment1 Comment  |  Read  |  Post a Comment
GoT Guide to Cybersecurity: Preparing for Battle During a Staffing Shortage
Orion Cassetto, Senior Product Maester, ExabeamCommentary
Faced with an overwhelming adversary, Game of Thrones heroes Daenerys Targaryen and Jon Snow have a lot in common with today's beleaguered CISOs.
By Orion Cassetto Senior Product Maester, Exabeam, 4/18/2019
Comment0 comments  |  Read  |  Post a Comment
Facebook Accidentally Imported 1.5M Users' Email Data Sans Consent
Dark Reading Staff, Quick Hits
The social media giant says it did not access the imported data and is notifying affected users.
By Dark Reading Staff , 4/18/2019
Comment2 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Russia Hacked Clinton's Computers Five Hours After Trump's Call
Robert Lemos, Technology Journalist/Data Researcher,  4/19/2019
Tips for the Aftermath of a Cyberattack
Kelly Sheridan, Staff Editor, Dark Reading,  4/17/2019
Why We Need a 'Cleaner Internet'
Darren Anstee, Chief Technology Officer at Arbor Networks,  4/19/2019
Register for Dark Reading Newsletters
Cartoon
White Papers
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-0218
PUBLISHED: 2019-04-22
A vulnerability was discovered wherein a specially crafted URL could enable reflected XSS via JavaScript in the pony mail interface.
CVE-2019-11383
PUBLISHED: 2019-04-22
An issue was discovered in the Medha WiFi FTP Server application 1.8.3 for Android. An attacker can read the username/password of a valid user via /data/data/com.medhaapps.wififtpserver/shared_prefs/com.medhaapps.wififtpserver_preferences.xml
CVE-2019-11459
PUBLISHED: 2019-04-22
The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files.
CVE-2019-11460
PUBLISHED: 2019-04-22
An issue was discovered in GNOME gnome-desktop 3.26, 3.28, and 3.30 prior to 3.30.2.2, and 3.32 prior to 3.32.1.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters into the input buffer of the thumbnailer's control...
CVE-2019-8452
PUBLISHED: 2019-04-22
A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains t...
Flash Poll
Video
Slideshows
Twitter Feed