7 Privacy Mistakes That Keep Security Pros on Their Toes
6 Serverless and Containerization Trends CISOs Should Track
Name that Toon: A Dog's Life
6 Ways to Beat Back BEC Attacks
How Intel Has Responded to Spectre and Meltdown
News & Commentary
How the US Chooses Which Zero-Day Vulnerabilities to Stockpile
Ricardo Arroyo, Senior Technical Product Manager, Watchguard TechnologiesCommentary
When it comes to acceptable circumstances for government disclosure of zero-days, the new Vulnerabilities Equity Process might be the accountability practice security advocates have been waiting for.
By Ricardo Arroyo Senior Technical Product Manager, Watchguard Technologies, 1/16/2019
Comment0 comments  |  Read  |  Post a Comment
BEC Groups Ramp Up Payroll Diversion Attacks
Jai Vijayan, Freelance writerNews
Criminals are increasingly trying to defraud businesses by diverting payrolls of CEOs, other senior executives, Agari says.
By Jai Vijayan Freelance writer, 1/16/2019
Comment0 comments  |  Read  |  Post a Comment
Fortnite Players Compromised Via Epic Games Vulnerability
Kelly Sheridan, Staff Editor, Dark ReadingNews
Bugs in Epic Games' platform could let intruders take over players' accounts, view personal data, and/or buy in-game currency.
By Kelly Sheridan Staff Editor, Dark Reading, 1/16/2019
Comment1 Comment  |  Read  |  Post a Comment
Are You Listening to Your Kill Chain?
Ben Haley, SVP Engineering at HOPZERO SecurityCommentary
With the right tools and trained staff, any organization should be able to deal with threats before information is compromised.
By Ben Haley SVP Engineering at HOPZERO Security, 1/16/2019
Comment0 comments  |  Read  |  Post a Comment
Triton/Trisis Attack Was More Widespread Than Publicly Known
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Signs of the attack first showed up two months before it was identified as a cyberattack, but they were mistaken for a pure equipment failure by Schneider Electric, security expert reveals at S4x19.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 1/16/2019
Comment0 comments  |  Read  |  Post a Comment
Hijacking a PLC Using its Own Network Features
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Researcher at S4x19 to show how attackers can exploit the built-in advanced connectivity functions in some Rockwell PLCs.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 1/15/2019
Comment0 comments  |  Read  |  Post a Comment
Report: Bots Add Volume to Account Takeover Attacks
Dark Reading Staff, Quick Hits
Bots that can launch hundreds of attacks per second are making account takeover fraud more difficult to defend against.
By Dark Reading Staff , 1/15/2019
Comment1 Comment  |  Read  |  Post a Comment
Online Fraud: Now a Major Application Layer Security Problem
Ting-Fang Yen, Research Scientist, DataVisor, Inc.Commentary
The explosion of consumer-facing online services and applications is making it easier and cheaper for cybercriminals to host malicious content and launch attacks.
By Ting-Fang Yen Research Scientist, DataVisor, Inc., 1/15/2019
Comment0 comments  |  Read  |  Post a Comment
US Judge: Police Can't Force Biometric Authentication
Dark Reading Staff, Quick Hits
Law enforcement cannot order individuals to unlock devices using facial or fingerprint scans, a California judge says.
By Dark Reading Staff , 1/15/2019
Comment1 Comment  |  Read  |  Post a Comment
7 Privacy Mistakes That Keep Security Pros on Their Toes
Steve Zurier, Freelance Writer
When it comes to privacy, it's the little things that can lead to big mishaps.
By Steve Zurier Freelance Writer, 1/15/2019
Comment0 comments  |  Read  |  Post a Comment
SEC Issues Charges in 'Edgar' Database Hack
Dark Reading Staff, Quick Hits
One defendant is still facing charges issued in 2015 for a $30 million hacking and securities fraud scheme.
By Dark Reading Staff , 1/15/2019
Comment0 comments  |  Read  |  Post a Comment
Why Cyberattacks Are the No. 1 Risk
Marc Wilczek, Digital Strategist & CIO AdvisorCommentary
The paradigm shift toward always-on IT requires business leaders to rethink their defense strategy.
By Marc Wilczek Digital Strategist & CIO Advisor, 1/15/2019
Comment0 comments  |  Read  |  Post a Comment
Former IBM Security Execs Launch Cloud Data Security Startup
Kelly Sheridan, Staff Editor, Dark ReadingNews
Sonrai Security, the brainchild of two execs from IBM Security and Q1 Labs, debuts with $18.5 million in Series A funding.
By Kelly Sheridan Staff Editor, Dark Reading, 1/15/2019
Comment0 comments  |  Read  |  Post a Comment
Cryptomining Continues to Be Top Malware Threat
Jai Vijayan, Freelance writerNews
Tools for illegally mining Coinhive, Monero, and other cryptocurrency dominate list of most prevalent malware in December 2018.
By Jai Vijayan Freelance writer, 1/14/2019
Comment0 comments  |  Read  |  Post a Comment
Radiflow: New Approach for Classifying OT Attack Flaws
Dark Reading Staff, Quick Hits
The firm says risk assessment should begin with understanding attacker taxonomy and continue with vulnerability analysis.
By Dark Reading Staff , 1/14/2019
Comment0 comments  |  Read  |  Post a Comment
Facebook Faces Action From German Watchdog
Dark Reading Staff, Quick Hits
German antitrust regulators prepare to require changes from Facebook regarding privacy and personal information.
By Dark Reading Staff , 1/14/2019
Comment1 Comment  |  Read  |  Post a Comment
Advanced Phishing Scenarios You Will Most Likely Encounter This Year
Eyal Benishti, CEO & Founder of IRONSCALESCommentary
In 2019, there will be no end in sight to email-driven cybercrime such as business email compromise, spearphishing, and ransomware.
By Eyal Benishti CEO & Founder of IRONSCALES, 1/14/2019
Comment1 Comment  |  Read  |  Post a Comment
Government Shutdown Brings Certificate Lapse Woes
Curtis Franklin Jr., Senior Editor at Dark ReadingQuick Hits
Among the problems: TLS certificates are expiring and websites are becoming inaccessible.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 1/11/2019
Comment2 comments  |  Read  |  Post a Comment
SCOTUS Says Suit Over Fiat-Chrysler Hack Can Move Forward
Dark Reading Staff, Quick Hits
A class-action suit over a 2015 attack demonstration against a Jeep Cherokee can move forward, US Supreme Court rules.
By Dark Reading Staff , 1/11/2019
Comment3 comments  |  Read  |  Post a Comment
NotPetya Victim Mondelez Sues Zurich Insurance for $100 Million
Dark Reading Staff, Quick Hits
Mondelez files lawsuit after Zurich rejects claim for damages from massive ransomware attack.
By Dark Reading Staff , 1/11/2019
Comment6 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Government Shutdown Brings Certificate Lapse Woes
Curtis Franklin Jr., Senior Editor at Dark Reading,  1/11/2019
Register for Dark Reading Newsletters
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
White Papers
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6455
PUBLISHED: 2019-01-16
An issue was discovered in GNU Recutils 1.8. There is a double-free problem in the function rec_mset_elem_destroy() in the file rec-mset.c.
CVE-2019-6456
PUBLISHED: 2019-01-16
An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function rec_fex_size() in the file rec-fex.c of librec.a.
CVE-2019-6457
PUBLISHED: 2019-01-16
An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_aggregate_reg_new in rec-aggregate.c in librec.a.
CVE-2019-6458
PUBLISHED: 2019-01-16
An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_buf_new in rec-buf.c when called from rec_parse_rset in rec-parser.c in librec.a.
CVE-2019-6459
PUBLISHED: 2019-01-16
An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_extract_type in rec-utils.c in librec.a.
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Flash Poll
Video
Slideshows
Twitter Feed