News & Commentary

Latest Content tagged with Endpoint
Page 1 / 2   >   >>
Hackers Found Phishing for Facebook Credentials
Quick Hits  |  2/15/2019  | 
A "very realistic-looking" login prompt is designed to capture users' Facebook credentials, researchers report.
Post-Quantum Crypto Standards Arent All About the Math
News  |  2/15/2019  | 
The industry needs to keep in mind the realities of hardware limits and transitional growing pains, according to Microsoft, Utimaco researchers.
White-Hat Bug Bounty Programs Draw Inspiration from the Old West
Commentary  |  2/15/2019  | 
These programs are now an essential strategy in keeping the digital desperados at bay.
Valentine's Emails Laced with Gandcrab Ransomware
News  |  2/14/2019  | 
In the weeks leading up to Valentine's Day 2019, researchers notice a new form of Gandcrab appearing in romance-themed emails.
Security Spills: 9 Problems Causing the Most Stress
Slideshows  |  2/14/2019  | 
Security practitioners reveal what's causing them the most frustration in their roles.
Researchers Dig into Microsoft Office Functionality Flaws
News  |  2/13/2019  | 
An ongoing study investigating security bugs in Microsoft Office has so far led to two security patches.
Scammers Fall in Love with Valentine's Day
News  |  2/13/2019  | 
Online dating profiles and social media accounts add to the rich data sources that allow criminals to tailor attacks.
70% of Consumers Want Biometrics in the Workplace
News  |  2/13/2019  | 
Speed, simplicity, and security underscore their desire, a new study shows.
Lessons Learned from a Hard-Hitting Security Review
Commentary  |  2/13/2019  | 
Information security is a corporate posture and must be managed at all levels: systems, software, personnel, and all the key processes.
Up to 100,000 Reported Affected in Landmark White Data Breach
News  |  2/12/2019  | 
Australian property valuation firm Landmark White exposed files containing personal data and property valuation details.
Microsoft, Adobe Both Close More Than 70 Security Issues
News  |  2/12/2019  | 
With their regularly scheduled Patch Tuesday updates, both companies issued fixes for scores of vulnerabilities in their widely used software.
Cybersecurity and the Human Element: We're All Fallible
Commentary  |  2/12/2019  | 
We examine the issue of fallibility from six sides: end users, security leaders, security analysts, IT security administrators, programmers, and attackers.
'Picnic' Passes Test for Protecting IoT From Quantum Hacks
Quick Hits  |  2/12/2019  | 
Researchers from DigiCert, Utimaco, and Microsoft Research gives thumbs-up to a new algorithm for implementing quantum hacking-proof digital certificates.
Symantec Acquires Luminate to Build on Cloud Security
Quick Hits  |  2/12/2019  | 
Luminate Security, which specializes in software-defined perimeter technology, will extend Symantec's integrated defense platform.
Identifying, Understanding & Combating Insider Threats
Commentary  |  2/12/2019  | 
Your organization is almost certainly on the lookout for threats from outside the company. But are you ready to address threats from within?
Experian: US Suffers the Most Online Fraud
News  |  2/11/2019  | 
New data from the credit reporting firm shows the sheer scale of online activity in the US also has made businesses and consumers there prime targets.
New Encryption Mode Brings Sincerity and Discretion to Low-Cost Android Devices
Quick Hits  |  2/11/2019  | 
Adantium, developed by Google, brings communication encryption to bear on storage security.
OkCupid Denies Data Breach Amid Account Hack Complaints
Quick Hits  |  2/11/2019  | 
Users on the dating website report hackers breaking into their accounts, changing email addresses, and resetting passwords.
Security Pros Agree Military Should Conduct Offensive Hacking
Quick Hits  |  2/11/2019  | 
But it can't operate in a bubble, a new Washington Post study indicates.
A Dog's Life: Dark Reading Caption Contest Winners
Commentary  |  2/8/2019  | 
What do a telephony protocol, butt-sniffing, and multifactor authentication have in common? A John Klossner cartoon! And the winners are ...
We Need More Transparency in Cybersecurity
Commentary  |  2/8/2019  | 
Security has become a stand-alone part of the corporate IT organization. That must stop, and transparency is the way forward.
Cyberattack Hits Australian Parliament
Quick Hits  |  2/8/2019  | 
Officials believe a nation-state is to blame for the incident, which took place Thursday night into Friday morning.
Carbonite Announces Webroot Purchase
Quick Hits  |  2/7/2019  | 
The purchase will add WebRoot's cloud-based security to the cloud-based data backup and recovery platform of Carbonite.
Apple Patches Group FaceTime Flaw
Quick Hits  |  2/7/2019  | 
Teenaged Fortnite player gets credit for finding the bug.
4 Payment Security Trends for 2019
Commentary  |  2/7/2019  | 
Visa's chief risk officer anticipates some positive changes ahead.
Security Bugs in Video Chat Tools Enable Remote Attackers
News  |  2/7/2019  | 
Lifesize is issuing a hotfix to address vulnerabilities in its enterprise collaboration devices, which could give hackers a gateway into target organizations.
New Chrome Extension Takes Aim at Password Security
News  |  2/6/2019  | 
Google adds 'Password Checkup' feature that alerts users if their online credentials have been compromised.
HelpSystems Buys Core Security Assets to Grow Infosec Portfolio
Quick Hits  |  2/6/2019  | 
Acquisition will enable it to provide threat detection, pen testing, and other security tools to customers.
Google Tackles Gmail Spam with Tensorflow
News  |  2/6/2019  | 
Tensorflow, Google's open-source machine learning framework, has been used to block 100 million spam messages.
New Vulnerabilities Make RDP Risks Far from Remote
News  |  2/5/2019  | 
More than two dozen vulnerabilities raise the risk of using RDP clients to remotely manage and configure systems.
Over 59K Data Breaches Reported in EU Under GDPR
Quick Hits  |  2/5/2019  | 
In addition, 91 reported fines have been imposed since the regulation went into effect last May.
Taming the Wild, West World of Security Product Testing
Commentary  |  2/5/2019  | 
The industry has long needed an open, industry-standard testing framework. NetSecOPEN is working to make that happen.
Exposed Consumer Data Skyrocketed 126% in 2018
News  |  2/4/2019  | 
The number of data breaches dropped overall, but the amount of sensitive records exposed jumped to 446.5 million last year, according to the ITRC.
6 Security Tips Before You Put a Digital Assistant to Work
Slideshows  |  2/4/2019  | 
If you absolutely have to have Amazon Alexa or Google Assistant in your home, heed the following advice.
Facebook Struggles in Privacy Class-Action Lawsuit
Quick Hits  |  2/4/2019  | 
Facebook's privacy disclosures "are quite vague" and should have been made more prominent, a federal judge argued.
IoT Security's Coming of Age Is Overdue
Commentary  |  2/4/2019  | 
The unique threat landscape requires a novel security approach based on the latest advances in network and AI security.
How Hackers Could Hit Super Bowl LIII
News  |  2/1/2019  | 
Security threats and concerns abound for the year's biggest football game. What officials and fans can do about it.
8 Cybersecurity Myths Debunked
Commentary  |  1/31/2019  | 
The last thing any business needs is a swarm of myths and misunderstandings seeding common and frequent errors organizations of all sizes make in safeguarding data and infrastructure.
Dell, CrowdStrike, Secureworks Join Forces to Secure Endpoints
News  |  1/31/2019  | 
Dell SafeGuard and Response is geared toward businesses, governments, and schools that may lack resources they need to detect and remediate sophisticated threats.
Yes, You Can Patch Stupid
Commentary  |  1/30/2019  | 
Before you start calling users stupid, remember that behind every stupid user is a stupider security professional.
Discover Issues New Cards Following Data Breach
Quick Hits  |  1/30/2019  | 
The credit card company reports Discover's card systems were not involved in the breach, discovered in August 2018.
Remote Access & the Diminishing Security Perimeter
Commentary  |  1/29/2019  | 
Where security really matters, the enterprise is only as secure as the endpoints it allows to access its sensitive core systems.
Symantec Rolls Out New Endpoint Security Tools, Updates
Quick Hits  |  1/29/2019  | 
Today's releases include more advanced EDR tools, a new managed EDR service, and protection and hardening for Symantec's endpoint portfolio.
Creating a Security Culture & Solving the Human Problem
Commentary  |  1/29/2019  | 
People are the biggest weakness to security breaches; people can also be your organization's biggest defense.
Why Privacy Is Hard Work
Commentary  |  1/28/2019  | 
For Data Privacy Day, let's commit to a culture of privacy by design, nurtured by a knowledgeable team that can execute an effective operational compliance program.
Internet Society to Issue Privacy Code of Conduct
News  |  1/25/2019  | 
In time for Data Privacy Day, on Monday, the nine-point guidance will offer insights into how companies can more effectively manage personal data.
Satya Nadella: Privacy Is a Human Right
Quick Hits  |  1/25/2019  | 
In a talk at the World Economic Forum, Microsoft's CEO voiced support for GDPR and expressed hope the United States creates a similar approach to privacy.
Credential Compromises By the Numbers
Slideshows  |  1/25/2019  | 
Recent statistics show just how much credential stealing has become a staple in the attacker playbook.
The 5 Stages of CISO Success, Past & Future
Commentary  |  1/25/2019  | 
In cybersecurity, as in history, security leaders who forget the lessons of the past will be doomed to repeat them.
Cyberattackers Bait Financial Firms with Google Cloud Platform
News  |  1/24/2019  | 
A new wave of attacks abuses the Google Cloud Platform URL redirection in PDF decoys, sending users to a malicious link.
Page 1 / 2   >   >>


Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-8423
PUBLISHED: 2019-02-18
ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/views/events.php filter[Query][terms][0][cnj] parameter.
CVE-2019-8424
PUBLISHED: 2019-02-18
ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sort parameter.
CVE-2019-8425
PUBLISHED: 2019-02-18
includes/database.php in ZoneMinder before 1.32.3 has XSS in the construction of SQL-ERR messages.
CVE-2019-8426
PUBLISHED: 2019-02-18
skins/classic/views/controlcap.php in ZoneMinder before 1.32.3 has XSS via the newControl array, as demonstrated by the newControl[MinTiltRange] parameter.
CVE-2019-8427
PUBLISHED: 2019-02-18
daemonControl in includes/functions.php in ZoneMinder before 1.32.3 allows command injection via shell metacharacters.