7 Ways to Get the Most from Your IDS/IPS
Third-Party Cyber-Risk by the Numbers
GoT Guide to Cybersecurity: Preparing for Battle During a Staffing Shortage
8 'SOC-as-a-Service' Offerings
8 Steps to More Effective Small Business Security
News & Commentary
Two Charged with Economic Espionage, GE Trade Secret Theft
Dark Reading Staff, Quick Hits
A US national and Chinese national have been charged with conspiring to steal General Electric's trade secrets surrounding turbine technologies.
By Dark Reading Staff , 4/24/2019
Comment0 comments  |  Read  |  Post a Comment
Attackers Aren't Invincible & We Must Use That to Our Advantage
Roselle Safran & Utpal Desai, President of Rosint Labs/Director of Product Management of BitdefenderCommentary
The bad guys only seem infallible. Use their weaknesses to beat them.
By Roselle Safran & Utpal Desai President of Rosint Labs/Director of Product Management of Bitdefender, 4/24/2019
Comment0 comments  |  Read  |  Post a Comment
New Twist in the Stuxnet Story
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
What a newly discovered missing link to Stuxnet and the now-revived Flame cyber espionage malware add to the narrative of the epic cyber-physical attack.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 4/23/2019
Comment0 comments  |  Read  |  Post a Comment
Google File Cabinet Plays Host to Malware Payloads
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers detect a new drive-by download attack in which Google Sites' file cabinet template is a delivery vehicle for malware.
By Kelly Sheridan Staff Editor, Dark Reading, 4/23/2019
Comment0 comments  |  Read  |  Post a Comment
Demonstration Showcase Brings DevOps to Interop19
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Attendees will learn how orchestration and automation can be a part of network operations and security, even at smaller companies.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/23/2019
Comment0 comments  |  Read  |  Post a Comment
Microsoft Windows, Antivirus Software at Odds After Latest Update
Robert Lemos, Technology Journalist/Data ResearcherNews
This month's Windows update has caused incompatibilities with software from at least five antivirus companies, resulting in slow boot times and frozen systems.
By Robert Lemos Technology Journalist/Data Researcher, 4/23/2019
Comment0 comments  |  Read  |  Post a Comment
City of Stuart Still Recovering from Ryuk Ransomware Attack
Dark Reading Staff, Quick Hits
Officials are investigating an April 13 ransomware attack that targeted Stuart's city servers and forced it offline.
By Dark Reading Staff , 4/23/2019
Comment1 Comment  |  Read  |  Post a Comment
App Exposes Wi-Fi Credentials for Thousands of Private Networks
Dark Reading Staff, Quick Hits
A database used by WiFi Finder was left open and unprotected on the Internet.
By Dark Reading Staff , 4/23/2019
Comment1 Comment  |  Read  |  Post a Comment
Exploits for Adobe Vulnerabilities Spiked in 2018
Jai Vijayan, Freelance writerNews
With Flash Player on way out, attackers are renewing their focus on Acrobat Reader, RiskSense found.
By Jai Vijayan Freelance writer, 4/23/2019
Comment0 comments  |  Read  |  Post a Comment
When Every Attack Is a Zero Day
Saumitra Das, CTO and Co-Founder of Blue HexagonCommentary
Stopping malware the first time is an ideal that has remained tantalizingly out of reach. But automation, artificial intelligence, and deep learning are poised to change that.
By Saumitra Das CTO and Co-Founder of Blue Hexagon, 4/23/2019
Comment0 comments  |  Read  |  Post a Comment
Will the US Adopt a National Privacy Law?
Seth P.  Berman, Partner, NutterCommentary
Probably not before the 2020 election. But keep an eye on this Congress as legislators debate how to define personal data and what limits to place on how companies use it.
By Seth P. Berman Partner, Nutter, 4/23/2019
Comment0 comments  |  Read  |  Post a Comment
7 Ways to Get the Most from Your IDS/IPS
Curtis Franklin Jr., Senior Editor at Dark Reading
Intrusion detection and prevention is at the foundation of successful security in-depth. Securing the perimeter requires a solid understanding of these two critical components.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/23/2019
Comment0 comments  |  Read  |  Post a Comment
1 in 4 Workers Are Aware Of Security Guidelines but Ignore Them
Steve Zurier, Freelance WriterNews
Even more are knowingly connecting to unsecure networks and sharing confidential information through collaboration platforms, according to Symphony Communication Services.
By Steve Zurier Freelance Writer, 4/23/2019
Comment1 Comment  |  Read  |  Post a Comment
FBI: $2.7 Billion in Losses to Cyber-Enabled Crimes in 2018
Dark Reading Staff, Quick Hits
Internet Crime Complaint Center (IC3) last year received an average of 900+ reports daily of Internet-enabled theft, fraud, and exploitation.
By Dark Reading Staff , 4/22/2019
Comment1 Comment  |  Read  |  Post a Comment
Trojanized TeamViewer Used in Targeted Attacks Against Multiple Embassies
Jai Vijayan, Freelance writerNews
Motive remains unclear though financial theft appears to be one possibility, Check Point Research says.
By Jai Vijayan Freelance writer, 4/22/2019
Comment0 comments  |  Read  |  Post a Comment
WannaCry Hero Hutchins Pleads Guilty to Malware Charges
Kelly Sheridan, Staff Editor, Dark ReadingNews
Marcus Hutchins, the security researcher who helped halt the spread of the WannaCry attack, pleads guilty to two charges related to writing malware.
By Kelly Sheridan Staff Editor, Dark Reading, 4/22/2019
Comment0 comments  |  Read  |  Post a Comment
Who Gets Targeted Most in Cyberattack Campaigns
Dark Reading Staff, Quick Hits
Attackers are changing both their tactics and targets in an attempt to remain criminally successful, Proofpoint's study found.
By Dark Reading Staff , 4/22/2019
Comment0 comments  |  Read  |  Post a Comment
4 Tips to Protect Your Business Against Social Media Mistakes
Guy Bunker, CTO of ClearswiftCommentary
Don't let social media become the go-to platform for cybercriminals looking to steal sensitive corporate information or cause huge reputational damage.
By Guy Bunker CTO of Clearswift, 4/22/2019
Comment1 Comment  |  Read  |  Post a Comment
Researchers Find Clues for Dramatically Reducing IDS Traffic Volume
Dark Reading Staff, Quick Hits
Research at military labs and Towson University shows that identifying malicious activity may require much less captured data than has been the case.
By Dark Reading Staff , 4/19/2019
Comment1 Comment  |  Read  |  Post a Comment
Russia Hacked Clinton's Computers Five Hours After Trump's Call
Robert Lemos, Technology Journalist/Data ResearcherNews
Mueller report finds that in July 2016, after then-candidate Donald Trump publicly called for Russia to "find the 30,000 emails," Russian agents targeted Hillary Clinton's personal office with cyberattacks.
By Robert Lemos Technology Journalist/Data Researcher, 4/19/2019
Comment15 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Russia Hacked Clinton's Computers Five Hours After Trump's Call
Robert Lemos, Technology Journalist/Data Researcher,  4/19/2019
Tips for the Aftermath of a Cyberattack
Kelly Sheridan, Staff Editor, Dark Reading,  4/17/2019
Why We Need a 'Cleaner Internet'
Darren Anstee, Chief Technology Officer at Arbor Networks,  4/19/2019
Register for Dark Reading Newsletters
Cartoon
White Papers
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-7213
PUBLISHED: 2019-04-24
SmarterTools SmarterMail 16.x before build 6985 allows directory traversal. An authenticated user could delete arbitrary files or could create files in new folders in arbitrary locations on the mail server. This could lead to command execution on the server for instance by putting files inside the w...
CVE-2019-7214
PUBLISHED: 2019-04-24
SmarterTools SmarterMail 16.x before build 6985 allows deserialization of untrusted data. An unauthenticated attacker could run commands on the server when port 17001 was remotely accessible. This port is not accessible remotely by default after applying the Build 6985 patch.
CVE-2019-9734
PUBLISHED: 2019-04-24
aquaverde Aquarius CMS through 4.3.5 writes POST and GET parameters (including passwords) to a log file because of incorrect if/else usage in the Log-File writer component.
CVE-2019-9928
PUBLISHED: 2019-04-24
GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution.
CVE-2019-7211
PUBLISHED: 2019-04-24
SmarterTools SmarterMail 16.x before build 6995 has stored XSS. JavaScript code could be executed on the application by opening a malicious email or when viewing a malicious file attachment.
Flash Poll
Video
Slideshows
Twitter Feed