Endpoint

News & Commentary
'PowerSnitch' Hacks Androids via Power Banks
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Researcher demonstrates how attackers could steal data from smartphones while they're charging.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 12/8/2018
Comment0 comments  |  Read  |  Post a Comment
Iranian Nationals Charged for Atlanta Ransomware Attack
Dark Reading Staff, Quick Hits
The March attack used SamSam ransomware to infect 3,789 computers.
By Dark Reading Staff , 12/7/2018
Comment0 comments  |  Read  |  Post a Comment
Kubernetes Deployments Around the World Show Vulnerabilities
Dark Reading Staff, Quick Hits
Kubernetes owners who expose APIs to the Internet are leaving their systems open to hackers.
By Dark Reading Staff , 12/7/2018
Comment0 comments  |  Read  |  Post a Comment
Insider Threats & Insider Objections
Richard Ford, Chief Scientist, ForcepointCommentary
The tyranny of the urgent and three other reasons why its hard for CISOs to establish a robust insider threat prevention program.
By Richard Ford Chief Scientist, Forcepoint, 12/7/2018
Comment0 comments  |  Read  |  Post a Comment
Adobe Flash Zero-Day Spreads via Office Docs
Kelly Sheridan, Staff Editor, Dark ReadingNews
Adobe has patched a zero-day in its Flash player after attackers leveraged the exploit in an active campaign.
By Kelly Sheridan Staff Editor, Dark Reading, 12/6/2018
Comment0 comments  |  Read  |  Post a Comment
4 Lessons Die Hard Teaches About Combating Cyber Villains
Keith Graham, Chief Technology Officer, SecureAuthCommentary
With proper planning, modern approaches, and tools, we can all be heroes in the epic battle against the cyber threat.
By Keith Graham Chief Technology Officer, SecureAuth, 12/6/2018
Comment0 comments  |  Read  |  Post a Comment
Apple Issues Security Fixes Across Mac, iOS
Dark Reading Staff, Quick Hits
Software updates for Mac and iOS bring patches to Safari, iCloud, iTunes on Windows, and tvOS.
By Dark Reading Staff , 12/6/2018
Comment0 comments  |  Read  |  Post a Comment
55% of Companies Don't Offer Mandatory Security Awareness Training
Dark Reading Staff, Quick Hits
Even those that provide employee training do so sparingly, a new study finds.
By Dark Reading Staff , 12/6/2018
Comment0 comments  |  Read  |  Post a Comment
7 Common Breach Disclosure Mistakes
Jai Vijayan, Freelance writer
How you report a data breach can have a big impact on its fallout.
By Jai Vijayan Freelance writer, 12/6/2018
Comment0 comments  |  Read  |  Post a Comment
A Shift from Cybersecurity to Cyber Resilience: 6 Steps
Gus Hunt, Managing Director and Cyber Strategy Lead for Accenture Federal ServicesCommentary
Getting to cyber resilience means federal agencies must think differently about how they build and implement their systems. Here's where to begin.
By Gus Hunt Managing Director and Cyber Strategy Lead for Accenture Federal Services, 12/5/2018
Comment0 comments  |  Read  |  Post a Comment
Starwood Breach Reaction Focuses on 4-Year Dwell
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
The unusually long dwell time in the Starwood breach has implications for both parent company Marriott International and the companies watching to learn from.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 12/5/2018
Comment1 Comment  |  Read  |  Post a Comment
Google Cloud Security Command Center Now in Beta
Kelly Sheridan, Staff Editor, Dark ReadingNews
The beta release of Google Cloud SCC will include broader coverage across the cloud platform and more granular access controls, among other features.
By Kelly Sheridan Staff Editor, Dark Reading, 12/5/2018
Comment0 comments  |  Read  |  Post a Comment
Republican Committee Email Hacked During Midterms
Dark Reading Staff, Quick Hits
The National Republican Congressional Committee detected the compromise of four staffers' email accounts in April.
By Dark Reading Staff , 12/5/2018
Comment0 comments  |  Read  |  Post a Comment
Windows 10 Security Questions Prove Easy for Attackers to Exploit
Kelly Sheridan, Staff Editor, Dark ReadingNews
New research shows how attackers can abuse security questions in Windows 10 to maintain domain privileges.
By Kelly Sheridan Staff Editor, Dark Reading, 12/5/2018
Comment1 Comment  |  Read  |  Post a Comment
The Case for a Human Security Officer
Ira Winkler, CISSP, President, Secure MentemCommentary
Wanted: a security exec responsible for identifying and mitigating the attack vectors and vulnerabilities specifically targeting and involving people.
By Ira Winkler CISSP, President, Secure Mentem, 12/5/2018
Comment0 comments  |  Read  |  Post a Comment
6 Ways to Strengthen Your GDPR Compliance Efforts
Steve Zurier, Freelance Writer
Companies have some mistaken notions about how to comply with the new data protection and privacy regulation and that could cost them.
By Steve Zurier Freelance Writer, 12/5/2018
Comment0 comments  |  Read  |  Post a Comment
Backdoors Up 44%, Ransomware Up 43% from 2017
Kelly Sheridan, Staff Editor, Dark ReadingNews
Nearly one in three computers was hit with a malware attack this year, and ransomware and backdoors continue to pose a risk.
By Kelly Sheridan Staff Editor, Dark Reading, 12/4/2018
Comment0 comments  |  Read  |  Post a Comment
London Blue BEC Cybercrime Gang Unmasked
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Security firm turned the tables on attackers targeting its chief financial officer in an email-borne financial scam.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 12/4/2018
Comment0 comments  |  Read  |  Post a Comment
5 Emerging Trends in Cybercrime
Derek Manky, Global Security Strategist, FortinetCommentary
Organizations can start today to protect against 2019's threats. Look out for crooks using AI "fuzzing" techniques, machine learning, and swarms.
By Derek Manky Global Security Strategist, Fortinet, 12/4/2018
Comment0 comments  |  Read  |  Post a Comment
'Influence Agents' Used Twitter to Sway 2018 Midterms
Dark Reading Staff, Quick Hits
About 25% of political support in Arizona and Florida was generated by influence agents using Twitter as a platform, research shows.
By Dark Reading Staff , 12/3/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by Agent Aix les Bains
Current Conversations What do you mean ?
In reply to: Re: BLOCKCHAIN
Post Your Own Reply
Posted by tDi443
Current Conversations ?
In reply to: BLOCKCHAIN
Post Your Own Reply
More Conversations
PR Newswire
Microsoft, Mastercard Aim to Change Identity Management
Kelly Sheridan, Staff Editor, Dark Reading,  12/3/2018
Windows 10 Security Questions Prove Easy for Attackers to Exploit
Kelly Sheridan, Staff Editor, Dark Reading,  12/5/2018
Starwood Breach Reaction Focuses on 4-Year Dwell
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/5/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: I guess this answers the question: who's watching the watchers?
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19980
PUBLISHED: 2018-12-08
Anker Nebula Capsule Pro NBUI_M1_V2.1.9 devices allow attackers to cause a denial of service (reboot of the underlying Android 7.1.2 operating system) via a crafted application that sends data to WifiService.
CVE-2018-19961
PUBLISHED: 2018-12-08
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes.
CVE-2018-19962
PUBLISHED: 2018-12-08
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones.
CVE-2018-19963
PUBLISHED: 2018-12-08
An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because x86 IOREQ server resource accounting (for external emulators) was mishandled.
CVE-2018-19964
PUBLISHED: 2018-12-08
An issue was discovered in Xen 4.11.x allowing x86 guest OS users to cause a denial of service (host OS hang) because the p2m lock remains unavailable indefinitely in certain error conditions.