News & Commentary
IoT Medical Devices a Major Security Worry in Healthcare, Survey Shows
Dawn Kawamoto, Associate Editor, Dark ReadingNews
Healthcare providers, manufacturers, and regulators say cybersecurity risks of IoT medical devices and connected legacy systems a top concern.
By Dawn Kawamoto Associate Editor, Dark Reading, 8/15/2017
Comment0 comments  |  Read  |  Post a Comment
Cybersecurity: The Responsibility of Everyone
Ger Daly & Kevin O'Brien, Senior Managing Director, Defense and Public  Safety, Accenture Global & Senior Managing Director,  Defense and Public Safety, Accenture GlobalCommentary
The battle against cybercrime can only be won if we're all focused on the same goals. Here are four ways you can get involved.
By Ger Daly & Kevin O'Brien Senior Managing Director, Defense and Public Safety, Accenture Global & Senior Managing Director, Defense and Public Safety, Accenture Global, 8/15/2017
Comment0 comments  |  Read  |  Post a Comment
Taking Down the Internet Has Never Been Easier
Bogdan Botezatu, Senior E-threat Analyst, BitdefenderCommentary
Is there a reason why the Internet is so vulnerable? Actually, there are many, and taking steps to remain protected is crucial.
By Bogdan Botezatu Senior E-threat Analyst, Bitdefender, 8/10/2017
Comment0 comments  |  Read  |  Post a Comment
SMBs Practice Better IoT Security Than Large Enterprises Do
Dawn Kawamoto, Associate Editor, Dark ReadingNews
Small-to midsized businesses are more prepared than big ones to face the next IoT attack: good news given the sharp rise in IoT botnet attacks in the first half of 2017, new reports released today show.
By Dawn Kawamoto Associate Editor, Dark Reading, 8/9/2017
Comment0 comments  |  Read  |  Post a Comment
Uptick in Malware Targets the Banking Community
Geoffrey Pamerleau, senior ethical hacker, Threat  Resistance Unit, ArmorCommentary
A number of recent attacks, using tactics old and new, have made off with an astonishing amount of money. How can financial institutions fight back?
By Geoffrey Pamerleau senior ethical hacker, Threat Resistance Unit, Armor, 8/9/2017
Comment0 comments  |  Read  |  Post a Comment
Automating Defenses Against Assembly-Line Attacks
Derek Manky, Global Security Strategist, FortinetCommentary
A manual approach just won't cut it anymore. Here's a toolset to defeat automation and unify control across all attack vectors to stop automated attacks.
By Derek Manky Global Security Strategist, Fortinet, 8/8/2017
Comment0 comments  |  Read  |  Post a Comment
Voting System Hacks Prompt Push for Paper-Based Voting
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
DEF CON's Voting Machine Hacker Village hacks confirmed security experts' worst fears.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/7/2017
Comment4 comments  |  Read  |  Post a Comment
Proposed IoT Security Bill Well-Intentioned But Likely Hard To Enforce
Jai Vijayan, Freelance writerNews
Internet of Things Cybersecurity Improvement Act of 2017 proposes minimum set of security controls for IoT products sold to government.
By Jai Vijayan Freelance writer, 8/2/2017
Comment1 Comment  |  Read  |  Post a Comment
US Senators Propose IoT Security Legislation
Dark Reading Staff, Quick Hits
A new bill aims to prohibit the production of IoT devices if they can't be patched or have their password changed.
By Dark Reading Staff , 8/1/2017
Comment2 comments  |  Read  |  Post a Comment
Lethal Dosage of Cybercrime: Hacking the IV Pump
Kelly Sheridan, Associate Editor, Dark ReadingNews
At DEF CON, a researcher demonstrated how to attack a popular model of infusion pump used in major hospitals around the world.
By Kelly Sheridan Associate Editor, Dark Reading, 7/28/2017
Comment1 Comment  |  Read  |  Post a Comment
Get Ready for the 2038 'Epocholypse' (and Worse)
Dawn Kawamoto, Associate Editor, Dark ReadingNews
A leading security researcher predicts a sea of technology changes that will rock our world, including the Internet of Things, cryptocurrency, SSL encryption and national security.
By Dawn Kawamoto Associate Editor, Dark Reading, 7/27/2017
Comment1 Comment  |  Read  |  Post a Comment
Dark Reading News Desk Live at Black Hat USA 2017
Dark Reading Staff, Commentary
Over 40 interviews streaming live right from Black Hat USA, July 26-27, from 2 p.m. - 7 p.m. Eastern Time (11 - 4 P.T.).
By Dark Reading Staff , 7/27/2017
Comment4 comments  |  Read  |  Post a Comment
Majority of Consumers Believe IoT Needs Security Built In
Dark Reading Staff, Quick Hits
Respondents to a global survey say Internet of Things security is a shared responsibility between consumers and manufacturers.
By Dark Reading Staff , 7/26/2017
Comment5 comments  |  Read  |  Post a Comment
7 Hardware & Firmware Hacks Highlighted at Black Hat 2017
Ericka Chickowski, Contributing Writer, Dark Reading
Researchers will hammer home potentially devastating attacks, and demo a range of vulnerabilities, techniques and tools.
By Ericka Chickowski Contributing Writer, Dark Reading, 7/24/2017
Comment0 comments  |  Read  |  Post a Comment
Healthcare Industry Lacks Awareness of IoT Threat, Survey Says
Dawn Kawamoto, Associate Editor, Dark ReadingNews
Three-quarters of IT decision makers report they are "confident" or "very confident" that portable and connected medical devices are secure on their networks.
By Dawn Kawamoto Associate Editor, Dark Reading, 7/20/2017
Comment10 comments  |  Read  |  Post a Comment
IoT Security Incidents Rampant and Costly
Dawn Kawamoto, Associate Editor, Dark Reading
New research offers details about the hidden and not so hidden costs of defending the Internet of Things.
By Dawn Kawamoto Associate Editor, Dark Reading, 7/18/2017
Comment1 Comment  |  Read  |  Post a Comment
FBI Issues Warning on IoT Toy Security
Dark Reading Staff, Quick Hits
IoT toys are more than fun and games and can potentially lead to a violation of children's privacy and safety, the Federal Bureau of Investigation warned Monday.
By Dark Reading Staff , 7/17/2017
Comment1 Comment  |  Read  |  Post a Comment
IoT Physical Attack Exploit to be Revealed at Black Hat
Dawn Kawamoto, Associate Editor, Dark ReadingNews
Security researcher Billy Rios plans to demonstrate how an exploit can cause an IoT device to launch a physical attack against a human.
By Dawn Kawamoto Associate Editor, Dark Reading, 7/7/2017
Comment1 Comment  |  Read  |  Post a Comment
Black Hat Survey: Security Pros Expect Major Breaches in Next Two Years
Tim Wilson, Editor in Chief, Dark Reading, News
Significant compromises are not just feared, but expected, Black Hat attendees say.
By Tim Wilson, Editor in Chief, Dark Reading , 7/6/2017
Comment4 comments  |  Read  |  Post a Comment
The Growing Danger of IP Theft and Cyber Extortion
Robert McFarlane, Chief Revenue OfficerCommentary
The recent hacks of Disney and Netflix show the jeopardy that intellectual property and company secrets are in, fueled by cheap hacking tools and cryptocurrencies.
By Robert McFarlane Chief Revenue Officer, 7/6/2017
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: No, no, no! Have a Unix CRON do the pop-up reminders!
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
The Impact of a Security Breach 2017
The Impact of a Security Breach 2017
Despite the escalation of cybersecurity staffing and technology, enterprises continue to suffer data breaches and compromises at an alarming rate. How do these breaches occur? How are enterprises responding, and what is the impact of these compromises on the business? This report offers new data on the frequency of data breaches, the losses they cause, and the steps that organizations are taking to prevent them in the future.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.