News & Commentary

Latest Content tagged with IoT
Page 1 / 2   >   >>
New Security Woes for Popular IoT Protocols
News  |  10/18/2018  | 
Researchers at Black Hat Europe will detail denial-of-service and other flaws in MQTT, CoAP machine-to-machine communications protocols that imperil industrial and other IoT networks online.
(ISC) : Global Cybersecurity Workforce Short 3 Million People
News  |  10/17/2018  | 
With the skills gap still wide, security leaders explain the challenges of hiring and retaining security experts.
Cybercrime-as-a-Service: No End in Sight
Commentary  |  10/17/2018  | 
Cybercrime is easy and rewarding, making it a perfect arena for criminals everywhere.
A Cybersecurity Weak Link: Linux and IoT
Commentary  |  10/16/2018  | 
Linux powers many of the IoT devices on which we've come to rely -- something that enterprises must address.
Spies Among Us: Tracking, IoT & the Truly Inside Threat
Commentary  |  10/16/2018  | 
In today's ultra-connected world, it's important for users to understand how to safeguard security while browsing the web and using electronic devices.
The Better Way: Threat Analysis & IIoT Security
Commentary  |  10/11/2018  | 
Threat analysis offers a more nuanced and multidimensional approach than go/no-go patching in the Industrial Internet of Things. But first, vendors must agree on how they report and address vulnerabilities.
California Enacts First-in-Nation IoT Security Law
Quick Hits  |  10/1/2018  | 
The new law requires some form of authentication for most connected devices.
How to Keep Up Security in a Bug-Infested World
Commentary  |  9/27/2018  | 
Good digital hygiene will lower your risk, and these six tips can help.
Security Flaw Found in Apple Mobile Device Enrollment Program
News  |  9/27/2018  | 
Authentication weakness in Apple's DEP could open a window of opportunity for attackers.
Inside Microsoft Azure Sphere
News  |  9/26/2018  | 
Microsoft engineer details how the company's IoT security solution operates - at multiple layers starting with the microcontroller.
Owning Security in the Industrial Internet of Things
Commentary  |  9/26/2018  | 
Why IIoT leaders from both information technology and line-of-business operations need to join forces to develop robust cybersecurity techniques that go beyond reflexive patching.
Romanian Hacker Pleads Guilty for Role in Inauguration Surveillance Ransomware
Quick Hits  |  9/21/2018  | 
Attack against the Metropolitan Police Department was disrupted before malware could be sent to additional systems.
3 Drivers Behind the Increasing Frequency of DDoS Attacks
Commentary  |  9/20/2018  | 
What's causing the uptick? Motivation, opportunity, and new capabilities.
As Tech Drives the Business, So Do CISOs
News  |  9/19/2018  | 
Security leaders are evolving from technicians to business executives as tech drives enterprise projects, applications, and goals.
Mirai Hackers' Sentence Includes No Jail Time
Quick Hits  |  9/19/2018  | 
The trio behind Mirai sentenced to probation and public service in return for cooperation with law enforcement and researchers.
Internet-Connected CCTV Cameras Vulnerable to 'Peekaboo' Hack
News  |  9/18/2018  | 
Zero-day flaw in China-based NUUO's video recorder technology still unfixed three months after vendor was alerted.
The Top 5 Security Threats & Mitigations for Industrial Networks
Commentary  |  9/18/2018  | 
While vastly different than their IT counterparts, operational technology environments share common risks and best practices.
IoT Threats Triple Since 2017
Quick Hits  |  9/18/2018  | 
Rapidly evolving malware is posing an ever-greater threat to the IoT and business users of the Internet.
Ransomware Takes Down Airport's Flight Information Screens
Quick Hits  |  9/17/2018  | 
The attack left airport staff to post flight times and gates on whiteboards at Bristol Airport in Britain.
How Secure are our Voting Systems for November 2018?
How Secure are our Voting Systems for November 2018?
Dark Reading Videos  |  9/14/2018  | 
Anomali CEO Hugh Njemanze discusses the importance of sharing threat intelligence across the countrys highly decentralized voting systems to safeguard the integrity of upcoming elections.
4 Trends Giving CISOs Sleepless Nights
Commentary  |  9/12/2018  | 
IoT attacks, budget shortfalls, and the skills gap are among the problems keeping security pros up at night.
Mirai, Gafgyt Botnets Resurface with New Tricks
News  |  9/11/2018  | 
A new version of Mirai exploits the Apache Struts flaw linked to the Equifax breach, while Gafgyt targets an old flaw in SonicWall.
The Key to Stealing a Tesla Model S
Quick Hits  |  9/11/2018  | 
A team of hackers finds it's possible to steal a Tesla Model S by cloning the key fob.
The Role of Incident Response in ICS Security Compliance
Commentary  |  9/7/2018  | 
The data-driven nature of IR can provide many of the reporting requirements governing industrial control system safety, finance, consumer privacy, and notifications.
7 Ways Blockchain is Being Used for Security
Slideshows  |  9/5/2018  | 
Blockchain is being used as a security tool. If you haven't thought about adopting it, you might want to reconsider your take.
How Hackers Hit Printers
News  |  8/31/2018  | 
New Booz Allen Hamilton report advises companies to include printers in their overall security strategy.
7 Steps to Start Searching with Shodan
Slideshows  |  8/29/2018  | 
The right know-how can turn the search engine for Internet-connected devices into a powerful tool for security professionals.
Researcher Cracks San Francisco's Emergency Siren System
Researcher Cracks San Francisco's Emergency Siren System
Dark Reading Videos  |  8/24/2018  | 
Bastille researcher Balint Seeber discusses the process of creating SirenJack and cracking one of a city's critical safety systems.
New Mirai Variants Leverage Open Source Project
Quick Hits  |  8/23/2018  | 
Aboriginal Linux gives Mirai new cross-platform capabilities - including Android.
The Votes Are In: Election Security Matters
Commentary  |  8/22/2018  | 
Three ways to make sure that Election Day tallies are true.
7 Serious IoT Vulnerabilities
Slideshows  |  8/21/2018  | 
A growing number of employees have various IoT devices in their homes where they're also connecting to an enterprise network to do their work. And that means significant threats loom.
Make a Wish: Dark Reading Caption Contest Winners
Commentary  |  8/18/2018  | 
Certification, endpoint security, 2FA, phishing, and PII were among the themes and puns offered by readers in our latest cartoon caption competition. And the winners are ...
Researchers Find New Fast-Acting Side-Channel Vulnerability
News  |  8/17/2018  | 
A group of researchers from Georgia Tech have discovered a method for pulling encryption keys from mobile devices without ever touching the phones, themselves.
Necurs Botnet Goes Phishing for Banks
News  |  8/16/2018  | 
A new Necurs botnet campaign targets thousands of banks with a malicious file dropping the FlawedAmmyy remote-access Trojan.
Researcher Finds MQTT Hole in IoT Defenses
News  |  8/16/2018  | 
A commonly used protocol provides a gaping backdoor when misconfigured.
Miller & Valasek: Security Stakes Higher for Autonomous Vehicles
News  |  8/15/2018  | 
Car hacking specialists shift gears and work on car defense in their latest gigs - at GM subsidiary Cruise Automation.
2018 Pwnie Awards: Who Pwned, Who Got Pwned
Slideshows  |  8/15/2018  | 
A team of security experts round up the best and worst of the year in cybersecurity at Black Hat 2018.
Gartner Says IT Security Spending to Hit $124B in 2019
Quick Hits  |  8/15/2018  | 
Global IT security spending will grow 12.4% in 2018 and another 8.7% in 2019.
Vulnerable Smart City Devices Can Be Exploited To Cause Panic, Chaos
News  |  8/10/2018  | 
False alerts about floods, radiation levels are just some of the ways attackers can abuse weakly protected IoT devices, researchers warn.
IoT Malware Discovered Trying to Attack Satellite Systems of Airplanes, Ships
News  |  8/9/2018  | 
Researcher Ruben Santamarta shared the details of his successful hack of an in-flight airplane Wi-Fi network and other findings at Black Hat USA today.
Dark Reading News Desk Live at Black Hat USA 2018
News  |  8/9/2018  | 
Watch here Wednesday and Thursday, 2 p.m. - 6 p.m. ET to see over 40 live video interviews straight from the Black Hat USA conference in Las Vegas.
Manufacturing Industry Experiencing Higher Incidence of Cyberattacks
News  |  8/8/2018  | 
New report reveals the natural consequences of ignoring the attendant risks of industrial IoT and Industry 4.0.
FBI Offers New IoT Security Tips
Quick Hits  |  8/3/2018  | 
A new article from the FBI offers insight into IoT risks and ways to reduce them.
New Spectre Variant Hits the Network
News  |  7/30/2018  | 
A new proof of concept is a reminder that complex systems can be vulnerable at the most basic level.
MUD: The Solution to Our Messy Enterprise IoT Security Problems?
Commentary  |  7/30/2018  | 
The 'Manufacturer Usage Description' proposal from IETF offers a promising route for bolstering security across the industry.
Tenable Prices IPO, Raises $250 Million
News  |  7/26/2018  | 
The past year has been one of significant growth for the cybersecurity firm, which is trading under the NASDAQ symbol TENB.
The ABCs of Hacking a Voting Machine
News  |  7/25/2018  | 
A hacker who successfully infiltrated a voting machine at last year's DEF CON will demonstrate at Black Hat USA how he did it, as well as what he later found stored on other decommissioned WinVote machines.
Securing Our Interconnected Infrastructure
Commentary  |  7/25/2018  | 
A little over a year ago, the world witnessed NotPetya, the most destructive cyberattack to date. What have we learned?
Why Security Startups Fly And Why They Crash
News  |  7/20/2018  | 
What makes startups stand out in a market flooded with thousands of vendors? Funding experts and former founders share their thoughts.
Robotic Vacuums May Hoover Your Data
Quick Hits  |  7/19/2018  | 
Researchers have discovered a pair of vulnerabilities that allow unauthorized code execution in a robotic vacuum.
Page 1 / 2   >   >>


12 Free, Ready-to-Use Security Tools
Steve Zurier, Freelance Writer,  10/12/2018
Most IT Security Pros Want to Change Jobs
Dark Reading Staff 10/12/2018
6 Security Trends for 2018/2019
Curtis Franklin Jr., Senior Editor at Dark Reading,  10/15/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-10839
PUBLISHED: 2018-10-16
Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.
CVE-2018-13399
PUBLISHED: 2018-10-16
The Microsoft Windows Installer for Atlassian Fisheye and Crucible before version 4.6.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.
CVE-2018-18381
PUBLISHED: 2018-10-16
Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.
CVE-2018-18382
PUBLISHED: 2018-10-16
Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.
CVE-2018-18374
PUBLISHED: 2018-10-16
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.