News & Commentary

Latest Content tagged with Endpoint
Page 1 / 2   >   >>
4 Tips to Protect Your Business Against Social Media Mistakes
Commentary  |  4/22/2019  | 
Don't let social media become the go-to platform for cybercriminals looking to steal sensitive corporate information or cause huge reputational damage.
Why We Need a 'Cleaner Internet'
Commentary  |  4/19/2019  | 
By blocking threats and attacks nearer to their sources, cybersecurity pros could help turn the connected world into a safer place for all.
Creator of Hub for Stolen Credit Cards Sentenced to 90 Months
News  |  4/18/2019  | 
Coming eight years after he launched the site, the steep sentence for the cybercriminal operator is based on a tab of $30 million in damages calculated by Mastercard and other credit card companies.
Former Student Admits to USB Killer Attack
Quick Hits  |  4/18/2019  | 
An Indian national used device to attack computers and peripherals at a New York college.
Facebook Accidentally Imported 1.5M Users' Email Data Sans Consent
Quick Hits  |  4/18/2019  | 
The social media giant says it did not access the imported data and is notifying affected users.
Security Audit Shows Gains, Though Privacy Lags
News  |  4/16/2019  | 
The 2018 Online Trust Audit shows that "encryption everywhere" is improving security, while fuzzy language is slowing privacy gains.
Meet Scranos: New Rootkit-Based Malware Gains Confidence
News  |  4/16/2019  | 
The cross-platform operation, first tested on victims in China, has begun to spread around the world.
Benefiting from Data Privacy Investments
Commentary  |  4/16/2019  | 
GDPR-ready companies experience lower overall costs associated with data breaches, research finds.
New Details Emerge on Windows Zero Day
News  |  4/15/2019  | 
The CVE-2019-0859 vulnerability, patched last week, is the latest in a string of Windows local privilege escalation bugs discovered at Kaspersky Lab.
CERT, CISA Warn of Vuln in at Least 4 Major VPNs
Quick Hits  |  4/12/2019  | 
VPN products by Cisco, Palo Alto Networks, F5 Networks, Pulse Secure, insecurely store session cookies.
This Week in Security Funding: Where the Money Went
News  |  4/12/2019  | 
Predictions for cybersecurity investment in 2019 are holding true with funding announcements from four startups.
Home Office Apologizes for EU Citizen Data Exposure
Quick Hits  |  4/12/2019  | 
The Home Office has admitted to compromising private email addresses belonging to EU citizens hoping to settle in the UK.
'Dragonblood' Vulnerabilities Seep Into WPA3 Secure Wifi Handshake
News  |  4/11/2019  | 
A new set of vulnerabilities may put some early adopters of strong Wifi security at greater security risk.
Microsoft Patches Are Freezing Older PCs Running Sophos, Avast
Quick Hits  |  4/11/2019  | 
Computers running Sophos or Avast software have been failing to boot following the latest Patch Tuesday update.
Android Phones Now Double as Physical Security Keys
News  |  4/10/2019  | 
Google debuted a series of security updates at Next 2019, giving users the option to use their phone as a second authentication factor.
Microsoft Patch Tuesday Fixes Windows Bugs Under Attack
News  |  4/9/2019  | 
The April release of security updates patches 74 vulnerabilities, two of which are being exploited in the wild.
Meet Baldr: The Inside Scoop on a New Stealer
News  |  4/9/2019  | 
Baldr first appeared in January and has since evolved to version 2.2 as attackers aim to build a long-lasting threat.
Yahoo Reaches $117.5M Breach Accord Following Failed Settlement
Quick Hits  |  4/9/2019  | 
An adjusted settlement between Yahoo and the victims of its massive data breach is still awaiting approval.
Stop Mocking & Start Enabling Emerging Technologies
Commentary  |  4/9/2019  | 
Mocking new technology isn't productive and can lead to career disadvantage.
Credential-Stuffing Attacks Behind 30 Billion Login Attempts in 2018
News  |  4/8/2019  | 
Using e-mail addresses and passwords from compromised sites, attackers most often targeted retail sites, video-streaming services, and entertainment companies, according to Akamai.
Microsoft Products Under EU Investigation About Data Collection
Quick Hits  |  4/8/2019  | 
A new inquiry aims to determine whether contracts between Microsoft and EU organizations violate GDPR.
Ignore the Insider Threat at Your Peril
Commentary  |  4/8/2019  | 
Attacks from insiders often go undiscovered for months or years, so the potential impact can be huge. These 11 countermeasures can mitigate the damage.
Advanced Persistent Threat: Dark Reading Caption Contest Winners
Commentary  |  4/5/2019  | 
From sushi and phishing to robots, passwords and ninjas -- and the winners are ...
Third Parties in Spotlight as More Facebook Data Leaks
News  |  4/4/2019  | 
Two third-party services left Facebook user data exposed online -- in one case, 540 million records of user comments -- highlighting the ease with which third-party developers can access data and the risk of lax security.
True Cybersecurity Means a Proactive Response
Commentary  |  4/4/2019  | 
Successful, secure organizations must take an aggressive, pre-emptive posture if they want true data security.
Privacy & Regulatory Considerations in Enterprise Blockchain
Commentary  |  4/3/2019  | 
People who understand information governance, privacy, and security should be active participants on the distributed ledger technology implementation team to ensure success.
FireEye Creates Free Attack Toolset for Windows
News  |  4/2/2019  | 
The security services company releases a distribution of 140 programs for penetration testers who need to launch attacks and tools from an instance of Windows.
Airports & Operational Technology: 4 Attack Scenarios
Commentary  |  4/2/2019  | 
As OT systems increasingly fall into the crosshairs of cyberattackers, aviation-industry CISOs have become hyper-focused on securing them.
In the Race Toward Mobile Banking, Don't Forget Risk Management
Commentary  |  4/1/2019  | 
The rise of mobile banking and payment services has sparked widespread adoption, making a focus on risk essential.
Quantum Computing and Code-Breaking
Commentary  |  3/28/2019  | 
Prepare today for the quantum threats of tomorrow.
Data Privacy Manifestos: Competitive Advantage or the Start of Something Bigger?
Commentary  |  3/26/2019  | 
Facebook is the latest company to weigh in with a corporate manifesto focused on privacy. Though it's a welcome trend, only time will tell how many follow through.
Under Attack: Over Half of SMBs Breached Last Year
Commentary  |  3/26/2019  | 
Many small and midsize businesses work faster and harder than large enterprises, but they're just as vulnerable to cybercrime.
A Glass Ceiling? Not in Privacy
Commentary  |  3/25/2019  | 
According to a new study, female professionals in the US privacy profession outnumber males 53% to 47%.
Inside Incident Response: 6 Key Tips to Keep in Mind
Slideshows  |  3/22/2019  | 
Experts share the prime window for detecting intruders, when to contact law enforcement, and what they wish they did differently after a breach.
Two Found Guilty in Online Dating, BEC Scheme
Quick Hits  |  3/22/2019  | 
Cybercriminals involved in the operation created fake online dating profiles and tricked victims into sending money to phony bank accounts.
Facebook Employees for Years Could See Millions of User Passwords in Plain Text
Quick Hits  |  3/21/2019  | 
2,000 Facebook engineers or developers reportedly made some nine million internal queries for data elements with plain text passwords.
Hacker AI vs. Enterprise AI: A New Threat
Commentary  |  3/21/2019  | 
Artificial intelligence and machine learning are being weaponized using the same logic and functionality that legitimate organizations use.
Microsoft Brings Defender Security Tools to Mac
News  |  3/21/2019  | 
Windows Defender becomes Microsoft Defender, and it's available in limited preview for Mac users.
What the Transition to Smart Cards Can Teach the US Healthcare Industry
Commentary  |  3/21/2019  | 
Healthcare information security suffers from the inherent weakness of using passwords to guard information. Chip-based smart cards could change that.
Google Photos Bug Let Criminals Query Friends, Location
News  |  3/20/2019  | 
The vulnerability, now patched, let attackers query where, when, and with whom victims' photos were taken.
The Insider Threat: It's More Common Than You Think
Commentary  |  3/20/2019  | 
A new study shows why security teams must look holistically across cybersecurity, compliance, technology, and human resources to truly address the business effects of workforce risk.
TLS 1.3: A Good News/Bad News Scenario
Commentary  |  3/20/2019  | 
Stronger encryption standards are improving the privacy of data in motion, but enterprises will need to adapt their security architectures to maintain visibility into network traffic.
DDoS Attack Size Drops 85% in Q4 2018
News  |  3/19/2019  | 
The sharp decline follows an FBI takedown of so-called "booter," or DDoS-for-hire, websites in December 2018.
Norsk Hydro Shuts Plants Amid Ransomware Attack
Quick Hits  |  3/19/2019  | 
The cyberattack, first detected on Monday night, has shut down Norsk's entire global network.
Stealing Corporate Funds Still Top Goal of Messaging Attacks
News  |  3/19/2019  | 
Cybercriminals focus on collecting credentials, blackmailing users with fake sextortion scams, and convincing privileged employees to transfer cash. The latter still causes the most damage, and some signs suggest it is moving to mobile.
Are You Prepared for a Zombie (Domain) Apocalypse?
Commentary  |  3/18/2019  | 
When a domain registration expires, they can be claimed by new owners. And sometimes, those new owners have malicious intent.
Ransomware's New Normal
News  |  3/14/2019  | 
GandCrab's evolution underscores a shift in ransomware attack methods.
US Prosecutors Investigate Facebook's Data-Sharing Deals
Quick Hits  |  3/14/2019  | 
The news follows a long, tumultuous period of scandal around Facebook and its privacy practices.
Businesses Increase Investments in AI and Machine Learning
Quick Hits  |  3/14/2019  | 
More than three-quarters of IT pros say they feel safer for having done so, according to a new report.
New Malware Shows Marketing Polish
News  |  3/13/2019  | 
A new strain of point-of-sale malware skims credit card numbers and comes via a highly polished marketing campaign.
Page 1 / 2   >   >>


Russia Hacked Clinton's Computers Five Hours After Trump's Call
Robert Lemos, Technology Journalist/Data Researcher,  4/19/2019
Tips for the Aftermath of a Cyberattack
Kelly Sheridan, Staff Editor, Dark Reading,  4/17/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6157
PUBLISHED: 2019-04-22
In various firmware versions of Lenovo System x, the integrated management module II (IMM2)'s first failure data capture (FFDC) includes the web server's private key in the generated log file for support.
CVE-2015-1343
PUBLISHED: 2019-04-22
All versions of unity-scope-gdrive logs search terms to syslog.
CVE-2016-1573
PUBLISHED: 2019-04-22
Versions of Unity8 before 8.11+16.04.20160122-0ubuntu1 file plugins/Dash/CardCreator.js will execute any code found in place of a fallback image supplied by a scope.
CVE-2016-1579
PUBLISHED: 2019-04-22
UDM provides support for running commands after a download is completed, this is currently made use of for click package installation. This functionality was not restricted to unconfined applications. Before UDM version 1.2+16.04.20160408-0ubuntu1 any confined application could make use of the UDM C...
CVE-2016-1584
PUBLISHED: 2019-04-22
In all versions of Unity8 a running but not active application on a large-screen device could talk with Maliit and consume keyboard input.