News & Commentary

Latest Content tagged with Perimeter
Page 1 / 2   >   >>
7 Low-Cost Security Tools
Slideshows  |  3/15/2019  | 
Security hardware doesn't have to be expensive or complex to do the job. Here are seven examples of low-cost hardware that could fill a need in your security operations.
Businesses Increase Investments in AI and Machine Learning
Quick Hits  |  3/14/2019  | 
More than three-quarters of IT pros say they feel safer for having done so, according to a new report.
Microsoft Patch Tuesday: 64 Vulnerabilities Patched, 2 Under Attack
News  |  3/12/2019  | 
Seventeen vulnerabilities patches today are rated critical, four are publicly known, and two have been exploited in the wild.
Ultrasound Machine Diagnosed with Major Security Gaps
News  |  3/8/2019  | 
Check Point researchers investigate security risks and point to implications for medical IoT devices.
Debunking 5 Myths About Zero Trust Security
Commentary  |  3/7/2019  | 
Rather than "trust but verify," a zero trust model assumes that attackers will inevitably get in if they aren't already. However, several misconceptions are impeding its adoption.
Fighting Alert Fatigue with Actionable Intelligence
Commentary  |  3/6/2019  | 
By fine-tuning security system algorithms, analysts can make alerts intelligent and useful, not merely generators of noise.
NTT Security Confirms WhiteHat Acquisition
Quick Hits  |  3/6/2019  | 
WhiteHat Security will continue to operate as an independent subsidiary of NTT Security following the deal.
Lazarus Research Highlights Threat from North Korea
News  |  3/5/2019  | 
A widespread attack against companies and government agencies have been linked to the North Korean Lazarus group, underscoring that the countries hackers are becoming more brazen.
Incident Response: Having a Plan Isn't Enough
News  |  3/5/2019  | 
Data shows organizations neglect to review and update breach response plans as employees and processes change, putting data at risk.
Security Pros Agree: Cloud Adoption Outpaces Security
News  |  3/1/2019  | 
Oftentimes, responsibility for securing the cloud falls to IT instead of the security organization, researchers report.
Microsoft Debuts Azure Sentinel SIEM, Threat Experts Service
News  |  2/28/2019  | 
New services, which are both available in preview, arrive at a time when two major trends are converging on security.
6 Tips for Getting the Most from Your VPN
Slideshows  |  2/22/2019  | 
VPNs are critical for information security. But simply having these cozy security tunnels in the toolkit isn't enough to keep an organization's data safe.
To Mitigate Advanced Threats, Put People Ahead of Tech
Commentary  |  2/22/2019  | 
Preventative technologies are only part of the picture and often come at the expense of the humans behind them.
Human Negligence to Blame for the Majority of Insider Threats
News  |  2/21/2019  | 
In 98% of the assessments conducted for its research, Dtex found employees exposed proprietary company information on the Web a 20% jump from 2018.
Cyber Extortionists Can Earn $360,000 a Year
News  |  2/21/2019  | 
Extortion scams capitalize on compromised credentials, sensitive data, and technical vulnerabilities on Internet-facing applications to pressure victims to pay up.
As Businesses Move Critical Data to Cloud, Security Risks Abound
News  |  2/20/2019  | 
Companies think their data is safer in the public cloud than in on-prem data centers, but the transition is driving security issues.
Mastercard, GCA Create Small Business Cybersecurity Toolkit
News  |  2/20/2019  | 
A new toolkit developed by the Global Cybersecurity Alliance aims to give small businesses a cookbook for better cybersecurity.
Microsoft Expands AccountGuard to Help Europe Prep for Cyberattacks
Quick Hits  |  2/20/2019  | 
A recent wave of cybercrime has targeted organizations with employees in Belgium, France, Germany, Poland, Romania, and Serbia.
'Formjacking' Compromises 4,800 Sites Per Month. Could Yours Be One?
News  |  2/20/2019  | 
Cybercriminals see formjacking as a simple opportunity to take advantage of online retailers and all they need is a small piece of JavaScript.
Valentine's Emails Laced with Gandcrab Ransomware
News  |  2/14/2019  | 
In the weeks leading up to Valentine's Day 2019, researchers notice a new form of Gandcrab appearing in romance-themed emails.
Security Spills: 9 Problems Causing the Most Stress
Slideshows  |  2/14/2019  | 
Security practitioners reveal what's causing them the most frustration in their roles.
'Picnic' Passes Test for Protecting IoT From Quantum Hacks
Quick Hits  |  2/12/2019  | 
Researchers from DigiCert, Utimaco, and Microsoft Research gives thumbs-up to a new algorithm for implementing quantum hacking-proof digital certificates.
6 Reasons to Be Wary of Encryption in Your Enterprise
Slideshows  |  2/8/2019  | 
Encryption can be critical to data security, but it's not a universal panacea.
Malware Campaign Hides Ransomware in Super Mario Wrapper
Quick Hits  |  2/8/2019  | 
A newly discovered malware campaign uses steganography to hide GandCrab in a seemingly innocent Mario image.
Carbonite Announces Webroot Purchase
Quick Hits  |  2/7/2019  | 
The purchase will add WebRoot's cloud-based security to the cloud-based data backup and recovery platform of Carbonite.
Security Bugs in Video Chat Tools Enable Remote Attackers
News  |  2/7/2019  | 
Lifesize is issuing a hotfix to address vulnerabilities in its enterprise collaboration devices, which could give hackers a gateway into target organizations.
When 911 Goes Down: Why Voice Network Security Must Be a Priority
Commentary  |  2/7/2019  | 
When there's a DDoS attack against your voice network, are you ready to fight against it?
DDoS Mitigation Pioneer Launches Network Security Startup
Quick Hits  |  2/7/2019  | 
Barrett Lyon is co-founder of Netography, which emerged today with $2.6M in seed funding from Andreessen Horowitz.
HelpSystems Buys Core Security Assets to Grow Infosec Portfolio
Quick Hits  |  2/6/2019  | 
Acquisition will enable it to provide threat detection, pen testing, and other security tools to customers.
Shellbot Crimeware Re-Emerges in Monero Mining Campaign
News  |  2/5/2019  | 
New attack uses a repurposed version of the Trojan that spreads using Internet Relay Chat.
Taming the Wild, West World of Security Product Testing
Commentary  |  2/5/2019  | 
The industry has long needed an open, industry-standard testing framework. NetSecOPEN is working to make that happen.
Exposed Consumer Data Skyrocketed 126% in 2018
News  |  2/4/2019  | 
The number of data breaches dropped overall, but the amount of sensitive records exposed jumped to 446.5 million last year, according to the ITRC.
6 Security Tips Before You Put a Digital Assistant to Work
Slideshows  |  2/4/2019  | 
If you absolutely have to have Amazon Alexa or Google Assistant in your home, heed the following advice.
How Hackers Could Hit Super Bowl LIII
News  |  2/1/2019  | 
Security threats and concerns abound for the year's biggest football game. What officials and fans can do about it.
Cisco Router Vulnerability Gives Window into Researchers' World
News  |  1/31/2019  | 
The research around a recent vulnerability shows how researchers follow leads and find unexpected results.
Dell, CrowdStrike, Secureworks Join Forces to Secure Endpoints
News  |  1/31/2019  | 
Dell SafeGuard and Response is geared toward businesses, governments, and schools that may lack resources they need to detect and remediate sophisticated threats.
Rubrik Data Leak is Another Cloud Misconfiguration Horror Story
News  |  1/30/2019  | 
A server security mishap exposed vast stores of data belonging to clients of Rubrik, a security and cloud management firm.
Access Control Lists: 6 Key Principles to Keep in Mind
Slideshows  |  1/30/2019  | 
Build them carefully and maintain them rigorously, and ACLs will remain a productive piece of your security infrastructure for generations of hardware to come.
Remote Access & the Diminishing Security Perimeter
Commentary  |  1/29/2019  | 
Where security really matters, the enterprise is only as secure as the endpoints it allows to access its sensitive core systems.
Symantec Rolls Out New Endpoint Security Tools, Updates
Quick Hits  |  1/29/2019  | 
Today's releases include more advanced EDR tools, a new managed EDR service, and protection and hardening for Symantec's endpoint portfolio.
The 5 Stages of CISO Success, Past & Future
Commentary  |  1/25/2019  | 
In cybersecurity, as in history, security leaders who forget the lessons of the past will be doomed to repeat them.
Cyberattackers Bait Financial Firms with Google Cloud Platform
News  |  1/24/2019  | 
A new wave of attacks abuses the Google Cloud Platform URL redirection in PDF decoys, sending users to a malicious link.
DHS Issues Emergency Directive on DNS Security
News  |  1/23/2019  | 
All government domain owners are instructed to take immediate steps to strengthen the security of their DNS servers following a successful hacking campaign.
Enterprise Malware Detections Up 79% as Attackers Refocus
News  |  1/23/2019  | 
A new report on the state of malware shows a spike in B2B malware, with former banking Trojans Emotet and TrickBot topping the list.
8 Tips for Monitoring Cloud Security
Slideshows  |  1/18/2019  | 
Cloud security experts weigh in with the practices and tools they prefer to monitor and measure security metrics in the cloud.
The Security Perimeter Is Dead; Long Live the New Endpoint Perimeter
Commentary  |  1/17/2019  | 
The network no longer provides an air gap against external threats, but access devices can take up the slack.
Simulating Lateral Attacks Through Email
Commentary  |  1/17/2019  | 
A skilled attacker can get inside your company by abusing common email applications. Here are three strategies to block them.
Former IBM Security Execs Launch Cloud Data Security Startup
News  |  1/15/2019  | 
Sonrai Security, the brainchild of two execs from IBM Security and Q1 Labs, debuts with $18.5 million in Series A funding.
Election Security Isn't as Bad as People Think
Commentary  |  1/10/2019  | 
Make no mistake, however: We'll always have to be on guard. And we can take some lessons from the world of industrial cybersecurity.
Consumers Demand Security from Smart Device Makers
News  |  1/10/2019  | 
Poll shows individuals want better security from IoT device manufacturers as connected products flood the market.
Page 1 / 2   >   >>


It Takes an Average of 3 to 6 Months to Fill a Cybersecurity Job
Kelly Jackson Higgins, Executive Editor at Dark Reading,  3/12/2019
Cybercriminals Think Small to Earn Big
Dark Reading Staff 3/12/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: LOL  Hope this one wins
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6149
PUBLISHED: 2019-03-18
An unquoted search path vulnerability was identified in Lenovo Dynamic Power Reduction Utility prior to version 2.2.2.0 that could allow a malicious user with local access to execute code with administrative privileges.
CVE-2018-15509
PUBLISHED: 2019-03-18
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).
CVE-2018-20806
PUBLISHED: 2019-03-17
Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).
CVE-2019-5616
PUBLISHED: 2019-03-15
CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser.
CVE-2018-17882
PUBLISHED: 2019-03-15
An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user.