Endpoint
News & Commentary
Underwriters Laboratories To Launch Cyber Security Certification Program
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Meanwhile, UL is also in discussion with the White House on its plans to foster standards for Internet of Things security.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/6/2015
Comment1 Comment  |  Read  |  Post a Comment
In The Cyber Realm, Letís Be Knights Not Blacksmiths
Jeff Schilling, CSO, FirehostCommentary
Why the Internet of Things is our chance to finally get information security right.
By Jeff Schilling CSO, Firehost, 7/2/2015
Comment3 comments  |  Read  |  Post a Comment
Smart Cities' 4 Biggest Security Challenges
Sara Peters, Senior Editor at Dark ReadingNews
The messiness of politics and the vulnerability of the Internet of Things in one big, unwieldy package.
By Sara Peters Senior Editor at Dark Reading, 7/1/2015
Comment4 comments  |  Read  |  Post a Comment
Android Malware On The Rise
Sara Peters, Senior Editor at Dark ReadingNews
By the end of 2015, researchers expect the number of new Android malware strains to hit 2 million.
By Sara Peters Senior Editor at Dark Reading, 7/1/2015
Comment0 comments  |  Read  |  Post a Comment
Clever CryptoWall Spreading Via New Attacks
Sara Peters, Senior Editor at Dark ReadingNews
Top ransomware doesn't waste time jumping on the latest Flash zero-day, and hops rides on click fraud campaigns, too.
By Sara Peters Senior Editor at Dark Reading, 6/29/2015
Comment4 comments  |  Read  |  Post a Comment
3 Simple Steps For Minimizing Ransomware Exposure
Michelle Drolet, Founder, TowerwallCommentary
If your data is important enough to pay a ransom, why wasn't it important enough to properly backup and protect in the first place?
By Michelle Drolet Founder, Towerwall, 6/26/2015
Comment0 comments  |  Read  |  Post a Comment
Stealthy Fobber Malware Takes Anti-Analysis To New Heights
Sara Peters, Senior Editor at Dark ReadingNews
Built off the Tinba banking Trojan and distributed through the elusive HanJuan exploit kit, Fobber info-stealer defies researchers with layers upon layers of encryption.
By Sara Peters Senior Editor at Dark Reading, 6/25/2015
Comment0 comments  |  Read  |  Post a Comment
FBI: CryptoWall Ransomware Cost US Users $18 Million
Sara Peters, Senior Editor at Dark ReadingNews
Increasing pace of ransomware innovation likely to keep that number going up.
By Sara Peters Senior Editor at Dark Reading, 6/24/2015
Comment0 comments  |  Read  |  Post a Comment
Why China Wants Your Sensitive Data
Adam Meyers, VP of Intelligence, CrowdStrikeCommentary
Since May 2014, the Chinese government has been amassing a 'Facebook for human intelligence.' Here's what it's doing with the info.
By Adam Meyers VP of Intelligence, CrowdStrike, 6/24/2015
Comment17 comments  |  Read  |  Post a Comment
FitBit, Acer Liquid Leap Fail In Security Fitness
Sara Peters, Senior Editor at Dark ReadingNews
Transmissions to the cloud are secured with these Internet of Things devices, but wristband-to-phone comms are open to eavesdropping.
By Sara Peters Senior Editor at Dark Reading, 6/22/2015
Comment4 comments  |  Read  |  Post a Comment
US Hosts The Most Botnet Servers
Jai Vijayan, Freelance writerNews
More malicious command and control servers are based in the US than anywhere else, and China is home to the most bots.
By Jai Vijayan Freelance writer, 6/19/2015
Comment0 comments  |  Read  |  Post a Comment
7 Top Security Quotes From London Technology Week
Sara Peters, Senior Editor at Dark Reading
Tech events across the city hit on IoT, smart cities, mobility and Legos.
By Sara Peters Senior Editor at Dark Reading, 6/19/2015
Comment9 comments  |  Read  |  Post a Comment
New Apple iOS, OS X Flaws Pose Serious Risk
Jai Vijayan, Freelance writerNews
Security vulnerabilities could expose passwords for Apple iCloud, email, and bank accounts, and other sensitive information, researchers say.
By Jai Vijayan Freelance writer, 6/18/2015
Comment0 comments  |  Read  |  Post a Comment
Cybersecurity Advice From A Former White House CIO
Theresa Payton, Former White House CIO, CEO of Fortalice Solutions, LLCCommentary
Today's playbook demands 'human-centered' user education that assumes people will share passwords, forget them, and do unsafe things to get their jobs done.
By Theresa Payton Former White House CIO, CEO of Fortalice Solutions, LLC, 6/18/2015
Comment4 comments  |  Read  |  Post a Comment
EFF Data Privacy Report Praises Apple, Slams AT&T
Nathan Eddy, Freelance WriterNews
In the Electronic Frontier Foundation's fifth annual report, Apple gets high marks for protecting privacy, while WhatsApp and AT&T land at the bottom.
By Nathan Eddy Freelance Writer, 6/18/2015
Comment8 comments  |  Read  |  Post a Comment
Smart Cities', IoT's Key Challenges: Security, Lack of Standards
Sara Peters, Senior Editor at Dark ReadingNews
London Technology Week: At IFSEC, futurologist Simon Moores asks who's responsible when a smart city crashes.
By Sara Peters Senior Editor at Dark Reading, 6/17/2015
Comment0 comments  |  Read  |  Post a Comment
Time to Focus on Data Integrity
Nate Lesser & Mary Yang, National Institute of Standards and TechnologyCommentary
Information security efforts have historically centered on data theft. But cybercriminals who alter corporate records and personal information can also cause serious harm.
By Nate Lesser & Mary Yang National Institute of Standards and Technology, 6/17/2015
Comment0 comments  |  Read  |  Post a Comment
New Malware Found Hiding Inside Image Files
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Dell SecureWorks CTU researchers say Stegoloader is third example in a year of malware using digital steganography as a detection countermeasure.
By Ericka Chickowski Contributing Writer, Dark Reading, 6/16/2015
Comment9 comments  |  Read  |  Post a Comment
Password Manager LastPass Hacked
Dark Reading Staff, Quick Hits
LastPass says user account email addresses, password reminders, server per user salts, and authentication hashes compromised.
By Dark Reading Staff , 6/16/2015
Comment8 comments  |  Read  |  Post a Comment
London Tech Week Kicks Off
Sara Peters, Senior Editor at Dark ReadingQuick Hits
Before IFSEC and Interop get underway, tech events are scattered about town in the unlikeliest places.
By Sara Peters Senior Editor at Dark Reading, 6/15/2015
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-2849
Published: 2015-07-07
SQL injection vulnerability in main.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices, when https is used, allows remote attackers to execute arbitrary SQL commands via the ppli parameter.

CVE-2015-2850
Published: 2015-07-07
Cross-site scripting (XSS) vulnerability in index-login.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

CVE-2015-3216
Published: 2015-07-07
Race condition in a certain Red Hat patch to the PRNG lock implementation in the ssleay_rand_bytes function in OpenSSL, as distributed in openssl-1.0.1e-25.el7 in Red Hat Enterprise Linux (RHEL) 7 and other products, allows remote attackers to cause a denial of service (application crash) by establi...

CVE-2014-3653
Published: 2015-07-06
Cross-site scripting (XSS) vulnerability in the template preview function in Foreman before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted provisioning template.

CVE-2014-5406
Published: 2015-07-06
The Hospira LifeCare PCA Infusion System before 7.0 does not validate network traffic associated with sending a (1) drug library, (2) software update, or (3) configuration change, which allows remote attackers to modify settings or medication data via packets on the (a) TELNET, (b) HTTP, (c) HTTPS, ...

Dark Reading Radio
Archived Dark Reading Radio
Marc Spitler, co-author of the Verizon DBIR will share some of the lesser-known but most intriguing tidbits from the massive report