IoT
News & Commentary
Hacker AI vs. Enterprise AI: A New Threat
Satish Abburi, Founder of Elysium AnalyticsCommentary
Artificial intelligence and machine learning are being weaponized using the same logic and functionality that legitimate organizations use.
By Satish Abburi Founder of Elysium Analytics, 3/21/2019
Comment0 comments  |  Read  |  Post a Comment
DDoS Attack Size Drops 85% in Q4 2018
Kelly Sheridan, Staff Editor, Dark ReadingNews
The sharp decline follows an FBI takedown of so-called "booter," or DDoS-for-hire, websites in December 2018.
By Kelly Sheridan Staff Editor, Dark Reading, 3/19/2019
Comment0 comments  |  Read  |  Post a Comment
Norsk Hydro Shuts Plants Amid Ransomware Attack
Kelly Sheridan, Staff Editor, Dark ReadingQuick Hits
The cyberattack, first detected on Monday night, has shut down Norsk's entire global network.
By Kelly Sheridan Staff Editor, Dark Reading, 3/19/2019
Comment1 Comment  |  Read  |  Post a Comment
New Mirai Version Targets Business IoT Devices
Dark Reading Staff, Quick Hits
The notorious Internet of Things botnet is evolving to attack more types of devices including those found in enterprises.
By Dark Reading Staff , 3/19/2019
Comment1 Comment  |  Read  |  Post a Comment
New IoT Security Bill: Third Time's the Charm?
Robert Lemos, Technology Journalist/Data ResearcherNews
The latest bill to set security standards for connected devices sold to the US government has fewer requirements, instead leaving recommendations to the National Institute of Standards and Technology.
By Robert Lemos Technology Journalist/Data Researcher, 3/18/2019
Comment0 comments  |  Read  |  Post a Comment
7 Low-Cost Security Tools
Curtis Franklin Jr., Senior Editor at Dark Reading
Security hardware doesn't have to be expensive or complex to do the job. Here are seven examples of low-cost hardware that could fill a need in your security operations.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 3/15/2019
Comment0 comments  |  Read  |  Post a Comment
Anomaly Detection Techniques: Defining Normal
Rosaria Silipo, Ph.D., Principal Data Scientist, KNIMECommentary
The challenge is identifying suspicious events in training sets where no anomalies are encountered. Part two of a two-part series.
By Rosaria Silipo Ph.D., Principal Data Scientist, KNIME, 3/14/2019
Comment0 comments  |  Read  |  Post a Comment
New Malware Shows Marketing Polish
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A new strain of point-of-sale malware skims credit card numbers and comes via a highly polished marketing campaign.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 3/13/2019
Comment0 comments  |  Read  |  Post a Comment
GPS Spoof Hits Geneva Motor Show
Dark Reading Staff, Quick Hits
Incident leaves GPS units showing a location in England and a date 17 years in the future.
By Dark Reading Staff , 3/13/2019
Comment1 Comment  |  Read  |  Post a Comment
The Case for Transparency in End-User License Agreements
Lysa Myers, Security Researcher, ESETCommentary
Why it behooves technology companies to consider EULAs as an opportunity to accurately inform customers about privacy issues and other important information.
By Lysa Myers Security Researcher, ESET, 3/13/2019
Comment0 comments  |  Read  |  Post a Comment
NSA, DHS Call for Info Sharing Across Public and Private Sectors
Kelly Sheridan, Staff Editor, Dark ReadingNews
Industry leaders debate how government and businesses can work together on key cybersecurity issues.
By Kelly Sheridan Staff Editor, Dark Reading, 3/11/2019
Comment0 comments  |  Read  |  Post a Comment
Georgia's Jackson County Pays $400K to Ransomware Attackers
Dark Reading Staff, Quick Hits
The ransomware campaign started March 1 and shut down most of Jackson County's IT systems.
By Dark Reading Staff , 3/11/2019
Comment3 comments  |  Read  |  Post a Comment
Ultrasound Machine Diagnosed with Major Security Gaps
Kelly Sheridan, Staff Editor, Dark ReadingNews
Check Point researchers investigate security risks and point to implications for medical IoT devices.
By Kelly Sheridan Staff Editor, Dark Reading, 3/8/2019
Comment3 comments  |  Read  |  Post a Comment
Trust, or Lack of It, Is a Key Theme on RSAC Keynote Stage
Sara Peters, Senior Editor at Dark ReadingNews
Neither machines nor humans might be entirely trustworthy, but the cooperation of the two might be the answer to issues of misinformation, deep fake videos, and other issues of trust, say security leaders.
By Sara Peters Senior Editor at Dark Reading, 3/5/2019
Comment0 comments  |  Read  |  Post a Comment
IoT, APIs, and Criminal Bots Pose Evolving Dangers
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A pair of reports reach similar conclusions about some of the threats growing in cyberspace and the industries likely to be most affected.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 2/27/2019
Comment0 comments  |  Read  |  Post a Comment
Stay Ahead of the Curve by Using AI in Compliance
Eric Winston, Executive Vice President, General Counsel, and Chief Ethics and Compliance Officer at MphasisCommentary
Although human oversight is required, advanced technologies built on AI will become pivotal in building safer financial markets and a safer world.
By Eric Winston Executive Vice President, General Counsel, and Chief Ethics and Compliance Officer at Mphasis, 2/27/2019
Comment0 comments  |  Read  |  Post a Comment
DIY Botnet Detection: Techniques and Challenges
Johnathan Azaria, Data Scientist and Security Researcher at ImpervaCommentary
Botnets continue to spread to places never dreamed of a few years ago. But you can fight them off, and these tips can help.
By Johnathan Azaria Data Scientist and Security Researcher at Imperva, 2/26/2019
Comment0 comments  |  Read  |  Post a Comment
New Arm Certification Aims to Secure IoT Devices
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A three-tier certification regimen shows adherence to the Platform Security Architecture.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 2/25/2019
Comment1 Comment  |  Read  |  Post a Comment
Lessons From the War on Malicious Mobile Apps
Robert Lemos, Technology Journalist/Data ResearcherNews
Despite the openness of the Android platform, Google has managed to keep its Play store mainly free of malware and malicious apps. Outside of the marketplace is a different matter.
By Robert Lemos , 2/22/2019
Comment0 comments  |  Read  |  Post a Comment
Post-Quantum Crypto Standards Arent All About the Math
Ericka Chickowski, Contributing Writer, Dark ReadingNews
The industry needs to keep in mind the realities of hardware limits and transitional growing pains, according to Microsoft, Utimaco researchers.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/15/2019
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Crowdsourced vs. Traditional Pen Testing
Alex Haynes, Chief Information Security Officer, CDL,  3/19/2019
BEC Scammer Pleads Guilty
Dark Reading Staff 3/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-3483
PUBLISHED: 2019-03-25
Mitigates a potential information leakage issue in ArcSight Logger versions prior to 6.7.
CVE-2019-3484
PUBLISHED: 2019-03-25
Mitigates a remote code execution issue in ArcSight Logger versions prior to 6.7.
CVE-2019-6240
PUBLISHED: 2019-03-25
An issue was discovered in GitLab Community and Enterprise Edition before 11.4. It allows Directory Traversal.
CVE-2015-3953
PUBLISHED: 2019-03-25
Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the affected devices. Hospi...
CVE-2015-3954
PUBLISHED: 2019-03-25
Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior give unauthenticated users root privileges on Port 23/TELNET by default. An unauthorized user could issue commands to the pump. Hospira recommen...