8 'SOC-as-a-Service' Offerings
8 Steps to More Effective Small Business Security
Cartoon: The Cyber Mindset
6 Essential Skills Cybersecurity Pros Need to Develop in 2019
Women Now Hold One-Quarter of Cybersecurity Jobs
News & Commentary
Nation-State Hacker Group Hijacking DNS to Redirect Email, Web Traffic
Jai Vijayan, Freelance writerNews
'Sea Turtle' group has compromised at least 40 national security organizations in 13 countries so far, Cisco Talos says.
By Jai Vijayan Freelance writer, 4/17/2019
Comment0 comments  |  Read  |  Post a Comment
VPN Vulnerabilities Point Out Need for Comprehensive Remote Security
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
VPNs are the primary tool for securing remote access, but recently disclosed vulnerabilities point out the weakness of relying on them as the only tool.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/17/2019
Comment0 comments  |  Read  |  Post a Comment
Tips for the Aftermath of a Cyberattack
Kelly Sheridan, Staff Editor, Dark ReadingNews
Incident response demands technical expertise, but you can't fully recover without non-IT experts.
By Kelly Sheridan Staff Editor, Dark Reading, 4/17/2019
Comment0 comments  |  Read  |  Post a Comment
New Malware Campaign Targets Financials, Retailers
Dark Reading Staff, Quick Hits
The attack uses a legitimate remote access system as well as several families of malware.
By Dark Reading Staff , 4/17/2019
Comment0 comments  |  Read  |  Post a Comment
Legacy Apps: The Security Risk Lurking in Dusty Corners
Tim Buntel, VP, Application Security Products, Threat StackCommentary
Four best practices to keep old code from compromising your enterprise environment.
By Tim Buntel VP, Application Security Products, Threat Stack, 4/17/2019
Comment1 Comment  |  Read  |  Post a Comment
Ever-Sophisticated Bad Bots Target Healthcare, Ticketing
Robert Lemos, Technology Journalist/Data ResearcherNews
From criminals to competitors, online bots continue to scrape information from sites and pose as legitimate users.
By Robert Lemos Technology Journalist/Data Researcher, 4/17/2019
Comment0 comments  |  Read  |  Post a Comment
Inside the Dark Web's How-To Guides for Teaching Fraud
Dark Reading Staff, Quick Hits
A new study investigates nearly 30,000 guides to explore what fraudsters sell and teach aspiring cybercriminals.
By Dark Reading Staff , 4/17/2019
Comment0 comments  |  Read  |  Post a Comment
Selecting the Right Strategy to Reduce Vulnerability Risk
Tim Erlin, VP of Product Management & Strategy at TripwireCommentary
There's no one-size-fits-all strategy for eliminating vulnerability risk. Knowing how your organization operates is what makes the difference.
By Tim Erlin VP of Product Management & Strategy at Tripwire, 4/17/2019
Comment0 comments  |  Read  |  Post a Comment
7 Tips for an Effective Employee Security Awareness Program
Jai Vijayan, Freelance writer
Breaches and compliance requirements have heightened the need for continuous and effective employee training, security experts say.
By Jai Vijayan Freelance writer, 4/17/2019
Comment1 Comment  |  Read  |  Post a Comment
Decoding a 'New' Elite Cyber Espionage Team
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Stealthy and well-heeled hacking group went undetected for five years and wields a massive attack framework of some 80 different modules.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 4/16/2019
Comment0 comments  |  Read  |  Post a Comment
Security Audit Shows Gains, Though Privacy Lags
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
The 2018 Online Trust Audit shows that "encryption everywhere" is improving security, while fuzzy language is slowing privacy gains.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/16/2019
Comment0 comments  |  Read  |  Post a Comment
Threat Group Exploits Chrome Bug to Serve Malicious Ads to iOS Users
Jai Vijayan, Freelance writerNews
A new exploit developed by eGobbler is allowing it to distribute malvertisementsmore than 500 million to dateat huge scale, Confiant says.
By Jai Vijayan Freelance writer, 4/16/2019
Comment0 comments  |  Read  |  Post a Comment
Meet Scranos: New Rootkit-Based Malware Gains Confidence
Kelly Sheridan, Staff Editor, Dark ReadingNews
The cross-platform operation, first tested on victims in China, has begun to spread around the world.
By Kelly Sheridan Staff Editor, Dark Reading, 4/16/2019
Comment1 Comment  |  Read  |  Post a Comment
Benefiting from Data Privacy Investments
Marc Wilczek, Digital Strategist & CIO AdvisorCommentary
GDPR-ready companies experience lower overall costs associated with data breaches, research finds.
By Marc Wilczek Digital Strategist & CIO Advisor, 4/16/2019
Comment0 comments  |  Read  |  Post a Comment
IT Outsourcing Firm Wipro Investigates Data Breach
Dark Reading Staff, Quick Hits
Employee accounts may have been compromised in a sophisticated phishing campaign.
By Dark Reading Staff , 4/16/2019
Comment1 Comment  |  Read  |  Post a Comment
New Attacks (and Old Attacks Made New)
Derek Manky, Global Security Strategist, FortinetCommentary
Although new attacks might get the most attention, don't assume old ones have gone away.
By Derek Manky Global Security Strategist, Fortinet, 4/16/2019
Comment0 comments  |  Read  |  Post a Comment
Data on Thousands of Law Enforcement Personnel Exposed in Breach
Dark Reading Staff, Quick Hits
Unknown hackers broke into databases of nonprofit and have posted online personal info on FBI, Secret Service, Capitol Police, US Park Police, others.
By Dark Reading Staff , 4/15/2019
Comment0 comments  |  Read  |  Post a Comment
Microsoft Downplays Scope of Email Attack
Jai Vijayan, Freelance writerNews
An unknown attacker used a support agent's credentials to access email content belonging to some Outlook, Hotmail users.
By Jai Vijayan Freelance writer, 4/15/2019
Comment1 Comment  |  Read  |  Post a Comment
New Details Emerge on Windows Zero Day
Kelly Sheridan, Staff Editor, Dark ReadingNews
The CVE-2019-0859 vulnerability, patched last week, is the latest in a string of Windows local privilege escalation bugs discovered at Kaspersky Lab.
By Kelly Sheridan Staff Editor, Dark Reading, 4/15/2019
Comment0 comments  |  Read  |  Post a Comment
TRITON Attacks Underscore Need for Better Defenses
Robert Lemos, Technology Journalist/Data ResearcherNews
As attackers focus on cyber-physical systems, companies must improve their visibility into IT system compromises as well as limit actions on operational-technology networks, experts say.
By Robert Lemos Technology Journalist/Data Researcher, 4/15/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by brucewinters
Current Conversations What is the question?  :-)
In reply to: One Question?
Post Your Own Reply
More Conversations
PR Newswire
When Your Sandbox Fails
Kowsik Guruswamy, Chief Technology Officer at Menlo Security,  4/11/2019
Julian Assange Arrested in London
Dark Reading Staff 4/11/2019
8 'SOC-as-a-Service' Offerings
Steve Zurier, Freelance Writer,  4/12/2019
Register for Dark Reading Newsletters
Cartoon
White Papers
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-1840
PUBLISHED: 2019-04-18
A vulnerability in the DHCPv6 input packet processor of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to restart the server and cause a denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete user-supplied input validation when...
CVE-2019-1841
PUBLISHED: 2019-04-18
A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vuln...
CVE-2019-1826
PUBLISHED: 2019-04-18
A vulnerability in the quality of service (QoS) feature of Cisco Aironet Series Access Points (APs) could allow an authenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation on QoS fields within Wi-Fi fra...
CVE-2019-1829
PUBLISHED: 2019-04-18
A vulnerability in the CLI of Cisco Aironet Series Access Points (APs) could allow an authenticated, local attacker to gain access to the underlying Linux operating system (OS) without the proper authentication. The attacker would need valid administrator device credentials. The vulnerability is due...
CVE-2019-1830
PUBLISHED: 2019-04-18
A vulnerability in Locally Significant Certificate (LSC) management for the Cisco Wireless LAN Controller (WLC) could allow an authenticated, remote attacker to cause the device to unexpectedly restart, which causes a denial of service (DoS) condition. The attacker would need to have valid administr...
Flash Poll
Video
Slideshows
Twitter Feed