Perimeter

News & Commentary
Fault-Tolerant Method Use for Security Purposes in New Framework
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A young company has a new patent for using fault tolerance techniques to protect against malware infection in applications.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 9/24/2018
Comment0 comments  |  Read  |  Post a Comment
Microsoft Deletes Passwords for Azure Active Directory Applications
Kelly Sheridan, Staff Editor, Dark ReadingNews
At Ignite 2018, security took center stage as Microsoft rolled out new security services and promised an end to passwords for online apps.
By Kelly Sheridan Staff Editor, Dark Reading, 9/24/2018
Comment0 comments  |  Read  |  Post a Comment
Think Like An Attacker: How a Red Team Operates
Kelly Sheridan, Staff Editor, Dark ReadingNews
Seasoned red teamers explain the value-add of a red team, how it operates, and how to maximize its effectiveness.
By Kelly Sheridan Staff Editor, Dark Reading, 9/20/2018
Comment0 comments  |  Read  |  Post a Comment
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin SystemsCommentary
Actionable advice for tailoring the National Institute of Standards and Technology's security road map to your company's business needs.
By Mukul Kumar & Anupam Sahai CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems, 9/20/2018
Comment4 comments  |  Read  |  Post a Comment
The Top 5 Security Threats & Mitigations for Industrial Networks
Barak Perelman, CEO, IndegyCommentary
While vastly different than their IT counterparts, operational technology environments share common risks and best practices.
By Barak Perelman CEO, Indegy, 9/18/2018
Comment0 comments  |  Read  |  Post a Comment
Modular Malware Brings Stealthy Attacks to Former Soviet States
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A new malware technique is making phishing attacks harder to spot when they succeed.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 9/12/2018
Comment0 comments  |  Read  |  Post a Comment
8 Attack Vectors Puncturing Cloud Environments
Kelly Sheridan, Staff Editor, Dark Reading
These methods may not yet be on your security team's radar, but given their impact, they should be.
By Kelly Sheridan Staff Editor, Dark Reading, 9/7/2018
Comment0 comments  |  Read  |  Post a Comment
Take (Industrial) Control: A Look at the 2018 ICS Threat Landscape
Kelly Sheridan, Staff Editor, Dark ReadingNews
New research sheds light on the biggest threats to strike ICS systems in the first half of 2018, and what's in store for the rest of this year.
By Kelly Sheridan Staff Editor, Dark Reading, 9/6/2018
Comment1 Comment  |  Read  |  Post a Comment
7 Ways Blockchain is Being Used for Security
Curtis Franklin Jr., Senior Editor at Dark Reading
Blockchain is being used as a security tool. If you haven't thought about adopting it, you might want to reconsider your take.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 9/5/2018
Comment0 comments  |  Read  |  Post a Comment
NIST Releases Draft on BGP Security
Dark Reading Staff, Quick Hits
Paper describes a technique to protect the Internet from Border Gateway Protocol route hijacking attacks.
By Dark Reading Staff , 9/5/2018
Comment0 comments  |  Read  |  Post a Comment
Authentication Grows Up
Kelly Sheridan, Staff Editor, Dark ReadingNews
Which forms of multi-factor authentication (MFA) are working, which are not, and where industry watchers think the market is headed.
By Kelly Sheridan Staff Editor, Dark Reading, 9/4/2018
Comment0 comments  |  Read  |  Post a Comment
Machine Identities Need Protection, Too
Dark Reading Staff, Quick Hits
A new study shows that device identities need a level of protection that they're not getting from most organizations.
By Dark Reading Staff , 8/31/2018
Comment0 comments  |  Read  |  Post a Comment
Who's At Greatest Risk for BEC Attacks? Not the CEO
Kelly Sheridan, Staff Editor, Dark ReadingNews
CEOs only make up 2.2% of business email compromise targets, a sign most victims are further down the corporate ladder.
By Kelly Sheridan Staff Editor, Dark Reading, 8/30/2018
Comment0 comments  |  Read  |  Post a Comment
'Security Fatigue' Could Put Business at Risk
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
The relentless march of security breaches may cause some individuals to drop their guard, but there's more to the story than that.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/29/2018
Comment0 comments  |  Read  |  Post a Comment
IT Professionals Think They're Better Than Their Security
Dark Reading Staff, Quick Hits
More than half of professionals think they have a good shot at a successful insider attack.
By Dark Reading Staff , 8/29/2018
Comment2 comments  |  Read  |  Post a Comment
How Can We Improve the Conversation Among Blue Teams?
Tim Wilson, Editor in Chief, Dark Reading, Commentary
Dark Reading seeks new ways to bring defenders together to share information and best practices
By Tim Wilson, Editor in Chief, Dark Reading , 8/27/2018
Comment5 comments  |  Read  |  Post a Comment
New Mirai Variants Leverage Open Source Project
Dark Reading Staff, Quick Hits
Aboriginal Linux gives Mirai new cross-platform capabilities - including Android.
By Dark Reading Staff , 8/23/2018
Comment0 comments  |  Read  |  Post a Comment
How Threats Increase in Internet Time
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Cybercrime incidents and costs increase with each passing minute on the Internet.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/21/2018
Comment0 comments  |  Read  |  Post a Comment
7 Serious IoT Vulnerabilities
Curtis Franklin Jr., Senior Editor at Dark Reading
A growing number of employees have various IoT devices in their homes where they're also connecting to an enterprise network to do their work. And that means significant threats loom.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/21/2018
Comment1 Comment  |  Read  |  Post a Comment
Researcher Finds MQTT Hole in IoT Defenses
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A commonly used protocol provides a gaping backdoor when misconfigured.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/16/2018
Comment3 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Are you sure this is how we get our data into the cloud?
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14633
PUBLISHED: 2018-09-25
A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The at...
CVE-2018-14647
PUBLISHED: 2018-09-25
Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by contructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming larg...
CVE-2018-10502
PUBLISHED: 2018-09-24
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 4.2.18.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exist...
CVE-2018-11614
PUBLISHED: 2018-09-24
This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Samsung Members Fixed in version 2.4.25. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists wit...
CVE-2018-14318
PUBLISHED: 2018-09-24
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. User interaction is required to exploit this vulnerability in that the target must have their cellular radios enabled. The specific flaw exists within the handling of ...