How Data Breaches Affect the Enterprise
7 Steps to Start Searching with Shodan
WhatsApp: Mobile Phishing's Newest Attack Target
Cartoon: Hack the Vote
6 Reasons Security Awareness Programs Go Wrong
News & Commentary
Machine Identities Need Protection, Too
Dark Reading Staff, Quick Hits
A new study shows that device identities need a level of protection that they're not getting from most organizations.
By Dark Reading Staff , 8/31/2018
Comment0 comments  |  Read  |  Post a Comment
How Hackers Hit Printers
Steve Zurier, Freelance WriterNews
New Booz Allen Hamilton report advises companies to include printers in their overall security strategy.
By Steve Zurier Freelance Writer, 8/31/2018
Comment0 comments  |  Read  |  Post a Comment
Why Automation Will Free Security Pros to Do What They Do Best
Roy Katmor, CEO & Co-Founder, enSiloCommentary
There are three reasons today's security talent pool is neither scalable nor effective in addressing the rapid evolution of cyberattacks.
By Roy Katmor CEO & Co-Founder, enSilo, 8/31/2018
Comment0 comments  |  Read  |  Post a Comment
Cryptocurrency Scams Replacing Ransomware as Attackers' Fave
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Cryptojacking miners and fileless malware see biggest growth in first half of 2018.
By Ericka Chickowski Contributing Writer, Dark Reading, 8/30/2018
Comment2 comments  |  Read  |  Post a Comment
Lessons From the Black Hat USA NOC
Curtis Franklin Jr., Senior Editor at Dark ReadingCommentary
The conference's temporary network operations center provides a snapshot of what is possible when a variety of professionals work together.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/30/2018
Comment0 comments  |  Read  |  Post a Comment
Who's At Greatest Risk for BEC Attacks? Not the CEO
Kelly Sheridan, Staff Editor, Dark ReadingNews
CEOs only make up 2.2% of business email compromise targets, a sign most victims are further down the corporate ladder.
By Kelly Sheridan Staff Editor, Dark Reading, 8/30/2018
Comment0 comments  |  Read  |  Post a Comment
Botnets Serving Up More Multipurpose Malware
Jai Vijayan, Freelance writerNews
Attackers increasingly are distributing malware that can be used for a variety of different tasks, Kaspersky Lab says.
By Jai Vijayan Freelance writer, 8/30/2018
Comment0 comments  |  Read  |  Post a Comment
Carbanak/Cobalt/FIN7 Group Targets Russian, Romanian Banks in New Attacks
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Latest campaign by the hard-to-kill cybercrime group hides malicious code behind legitimate files, Windows processes.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/30/2018
Comment0 comments  |  Read  |  Post a Comment
New Pen Test Tool Tricks Targets with Microsoft WCX Files
Dark Reading Staff, Quick Hits
The open-source tool lets penetration testers gather credentials by convincing targets to open a Microsoft WCX file.
By Dark Reading Staff , 8/30/2018
Comment0 comments  |  Read  |  Post a Comment
4 Benefits of a World with Less Privacy
Reg Harnish, CEO, GreyCastle SecurityCommentary
The privacy issue is a problem for a lot of people. I see it differently.
By Reg Harnish CEO, GreyCastle Security, 8/30/2018
Comment5 comments  |  Read  |  Post a Comment
'Celebgate' Hacker Heading to Prison
Dark Reading Staff, Quick Hits
Connecticut man gets eight months for role in attack involving leak of personal celebrity photos, including those of actress Jennifer Lawrence.
By Dark Reading Staff , 8/30/2018
Comment0 comments  |  Read  |  Post a Comment
'Security Fatigue' Could Put Business at Risk
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
The relentless march of security breaches may cause some individuals to drop their guard, but there's more to the story than that.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/29/2018
Comment0 comments  |  Read  |  Post a Comment
IT Professionals Think They're Better Than Their Security
Dark Reading Staff, Quick Hits
More than half of professionals think they have a good shot at a successful insider attack.
By Dark Reading Staff , 8/29/2018
Comment0 comments  |  Read  |  Post a Comment
Windows Zero-Day Flaw Disclosed Via Twitter
Kelly Sheridan, Staff Editor, Dark ReadingNews
Security experts confirm the privilege escalation vulnerability in Microsoft Windows still works.
By Kelly Sheridan Staff Editor, Dark Reading, 8/29/2018
Comment0 comments  |  Read  |  Post a Comment
Overestimating WebAssembly's Security Benefits Is Risky for Developers
Dark Reading Staff, CommentaryVideo
Although WebAssembly technology promises both better performance and better security to developers, it also creates a new risk for native exploits in the browser.
By Dark Reading Staff , 8/29/2018
Comment0 comments  |  Read  |  Post a Comment
Telecommunications Industry in the Bullseye
Steve Zurier, Freelance WriterNews
New report cites higher volume and increased sophistication of threats to the sector.
By Steve Zurier Freelance Writer, 8/29/2018
Comment0 comments  |  Read  |  Post a Comment
Passport Numbers Exposed in Air Canada Data Breach
Dark Reading Staff, Quick Hits
Mobile app hit in cyberattack that compromised 20K user accounts.
By Dark Reading Staff , 8/29/2018
Comment0 comments  |  Read  |  Post a Comment
Instagram Debuts New Security Tools
Dark Reading Staff, Quick Hits
Updates include a new feature to verify the authenticity of popular accounts and a means of integrating two-factor authentication.
By Dark Reading Staff , 8/29/2018
Comment0 comments  |  Read  |  Post a Comment
How One Company’s Cybersecurity Problem Becomes Another's Fraud Problem
Curtis Jordan, Lead Security Engineer, TruSTARCommentary
The solution: When security teams see something in cyberspace, they need to say something.
By Curtis Jordan Lead Security Engineer, TruSTAR, 8/29/2018
Comment8 comments  |  Read  |  Post a Comment
7 Steps to Start Searching with Shodan
Curtis Franklin Jr., Senior Editor at Dark Reading
The right know-how can turn the search engine for Internet-connected devices into a powerful tool for security professionals.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/29/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
How One Company's Cybersecurity Problem Becomes Another's Fraud Problem
Curtis Jordan, Lead Security Engineer, TruSTAR,  8/29/2018
Free Cybersecurity Services Offer a First Step to Securing US Elections
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/28/2018
4 Benefits of a World with Less Privacy
Reg Harnish, CEO, GreyCastle Security,  8/30/2018
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Cloud Misconceptions Are Pervasive Across Enterprises
Shadow IT is rampant at many organizations that rely upon cloud-delivered tools and services to enable remote work, according to a new study. Here's what security teams need to do about it. Read >>
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Boosting Security Effectiveness with 'Adjuvants'
How integrating corporate resources like the IT help desk, system administration, quality assurance and HR can breathe new life into your security program. Read >>
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
WanaCrypt0r Hits Worldwide
Consumers and businesses should be sure their Windows systems and software are updated with all current patches in order to stop the spread of this dangerous ransomware attack. Read >>
Partner Perspectives
What's This?
Endpoint Security: Putting The Focus On What Matters
Five tips to help sift through the noise and focus on actions that can dramatically impact your endpoint security program. Read >>
Cartoon
White Papers
Current Issue
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-16450
PUBLISHED: 2018-09-04
CraftedWeb through 2013-09-24 has reflected XSS via the p parameter.
CVE-2018-16444
PUBLISHED: 2018-09-04
An issue was discovered in SeaCMS 6.61. adm1n/admin_reslib.php has SSRF via the url parameter.
CVE-2018-16445
PUBLISHED: 2018-09-04
An issue was discovered in SeaCMS through 6.61. SQL injection exists via the tid parameter in an adm1n/admin_topic_vod.php request.
CVE-2018-16446
PUBLISHED: 2018-09-04
An issue was discovered in SeaCMS through 6.61. adm1n/admin_database.php allows remote attackers to delete arbitrary files via directory traversal sequences in the bakfiles parameter. This can allow the product to be reinstalled by deleting install_lock.txt.
CVE-2018-16447
PUBLISHED: 2018-09-04
Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF.
How Data Breaches Affect the Enterprise
How Data Breaches Affect the Enterprise
This report, offers new data on the frequency of data breaches, the losses they cause, and the steps that organizations are taking to prevent them in the future. Read the report today!
Flash Poll
Video
Slideshows
Twitter Feed