Perimeter

News & Commentary
VPN Vulnerabilities Point Out Need for Comprehensive Remote Security
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
VPNs are the primary tool for securing remote access, but recently disclosed vulnerabilities point out the weakness of relying on them as the only tool.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/17/2019
Comment0 comments  |  Read  |  Post a Comment
Meet Scranos: New Rootkit-Based Malware Gains Confidence
Kelly Sheridan, Staff Editor, Dark ReadingNews
The cross-platform operation, first tested on victims in China, has begun to spread around the world.
By Kelly Sheridan Staff Editor, Dark Reading, 4/16/2019
Comment1 Comment  |  Read  |  Post a Comment
CERT, CISA Warn of Vuln in at Least 4 Major VPNs
Dark Reading Staff, Quick Hits
VPN products by Cisco, Palo Alto Networks, F5 Networks, Pulse Secure, insecurely store session cookies.
By Dark Reading Staff , 4/12/2019
Comment1 Comment  |  Read  |  Post a Comment
This Week in Security Funding: Where the Money Went
Kelly Sheridan, Staff Editor, Dark ReadingNews
Predictions for cybersecurity investment in 2019 are holding true with funding announcements from four startups.
By Kelly Sheridan Staff Editor, Dark Reading, 4/12/2019
Comment0 comments  |  Read  |  Post a Comment
'Dragonblood' Vulnerabilities Seep Into WPA3 Secure Wifi Handshake
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A new set of vulnerabilities may put some early adopters of strong Wifi security at greater security risk.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/11/2019
Comment0 comments  |  Read  |  Post a Comment
Meet Baldr: The Inside Scoop on a New Stealer
Kelly Sheridan, Staff Editor, Dark ReadingNews
Baldr first appeared in January and has since evolved to version 2.2 as attackers aim to build a long-lasting threat.
By Kelly Sheridan Staff Editor, Dark Reading, 4/9/2019
Comment0 comments  |  Read  |  Post a Comment
Craigslist Founder Funds Security Toolkit for Journalists, Elections
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
The free tools will be developed by the Global Cyber Alliance to monitor election infrastructure and processes in the runup to the 2020 Presidential election.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/9/2019
Comment0 comments  |  Read  |  Post a Comment
8 Steps to More Effective Small Business Security
Curtis Franklin Jr., Senior Editor at Dark Reading
Small business face the same security challenges as large enterprises but with much smaller security teams. Here are 8 things to do to get the most from yours.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/8/2019
Comment1 Comment  |  Read  |  Post a Comment
Ongoing DNS Hijack Attack Hits Consumer Modems and Routers
Dark Reading Staff, Quick Hits
The attack campaigns have re-routed DNS requests through illicit servers in Canada and Russia.
By Dark Reading Staff , 4/5/2019
Comment1 Comment  |  Read  |  Post a Comment
How iOS App Permissions Open Holes for Hackers
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
The permissions iOS apps request from users can turn the devices into spy tools and provide a toehold into the enterprise network, according to new research.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/4/2019
Comment0 comments  |  Read  |  Post a Comment
Chinese National Carries Malware Into Mar-a-Lago
Curtis Franklin Jr., Senior Editor at Dark ReadingQuick Hits
A Chinese woman arrested for entering the grounds of Mar-a-Lago under false pretenses was carrying electronic equipment holding malware.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/3/2019
Comment3 comments  |  Read  |  Post a Comment
Microsoft Takes Down 99 Hacker-Controlled Websites
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A judge granted Microsoft the injunction allowing them to disrupt a network of sites operated by an Iranian-linked group of hackers.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 3/28/2019
Comment2 comments  |  Read  |  Post a Comment
Microsoft Tackles IoT Security with New Azure Updates
Kelly Sheridan, Staff Editor, Dark ReadingNews
The Azure Security Center for IoT provides teams with an overview of IoT devices and helps monitor their security properties.
By Kelly Sheridan Staff Editor, Dark Reading, 3/28/2019
Comment2 comments  |  Read  |  Post a Comment
Inside Cyber Battlefields, the Newest Domain of War
Kelly Sheridan, Staff Editor, Dark ReadingNews
In his Black Hat Asia keynote, Mikko Hypponen explored implications of "the next arms race" and why cyber will present challenges never before seen in warfare.
By Kelly Sheridan Staff Editor, Dark Reading, 3/28/2019
Comment3 comments  |  Read  |  Post a Comment
Inside Incident Response: 6 Key Tips to Keep in Mind
Kelly Sheridan, Staff Editor, Dark Reading
Experts share the prime window for detecting intruders, when to contact law enforcement, and what they wish they did differently after a breach.
By Kelly Sheridan Staff Editor, Dark Reading, 3/22/2019
Comment1 Comment  |  Read  |  Post a Comment
TLS 1.3: A Good News/Bad News Scenario
Paula Musich, Research Director, Enterprise Management AssociatesCommentary
Stronger encryption standards are improving the privacy of data in motion, but enterprises will need to adapt their security architectures to maintain visibility into network traffic.
By Paula Musich Research Director, Enterprise Management Associates, 3/20/2019
Comment1 Comment  |  Read  |  Post a Comment
Norsk Hydro Shuts Plants Amid Ransomware Attack
Kelly Sheridan, Staff Editor, Dark ReadingQuick Hits
The cyberattack, first detected on Monday night, has shut down Norsk's entire global network.
By Kelly Sheridan Staff Editor, Dark Reading, 3/19/2019
Comment1 Comment  |  Read  |  Post a Comment
7 Low-Cost Security Tools
Curtis Franklin Jr., Senior Editor at Dark Reading
Security hardware doesn't have to be expensive or complex to do the job. Here are seven examples of low-cost hardware that could fill a need in your security operations.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 3/15/2019
Comment0 comments  |  Read  |  Post a Comment
Businesses Increase Investments in AI and Machine Learning
Dark Reading Staff, Quick Hits
More than three-quarters of IT pros say they feel safer for having done so, according to a new report.
By Dark Reading Staff , 3/14/2019
Comment0 comments  |  Read  |  Post a Comment
Microsoft Patch Tuesday: 64 Vulnerabilities Patched, 2 Under Attack
Kelly Sheridan, Staff Editor, Dark ReadingNews
Seventeen vulnerabilities patches today are rated critical, four are publicly known, and two have been exploited in the wild.
By Kelly Sheridan Staff Editor, Dark Reading, 3/12/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by harish1527576726599761235
Current Conversations the nice post
In reply to: Re: And if someone told you to
Post Your Own Reply
More Conversations
PR Newswire
Julian Assange Arrested in London
Dark Reading Staff 4/11/2019
Tips for the Aftermath of a Cyberattack
Kelly Sheridan, Staff Editor, Dark Reading,  4/17/2019
The Single Cybersecurity Question Every CISO Should Ask
Arif Kareem, CEO, ExtraHop,  4/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-11320
PUBLISHED: 2019-04-18
In Motorola CX2 1.01 and M2 1.01, users can access the router's /priv_mgt.html web page to launch telnetd, as demonstrated by the 192.168.51.1 address.
CVE-2019-11321
PUBLISHED: 2019-04-18
An issue was discovered in Motorola CX2 1.01 and M2 1.01. The router opens TCP port 8010. Users can send hnap requests to this port without authentication to obtain information such as the MAC addresses of connected client devices.
CVE-2019-11322
PUBLISHED: 2019-04-18
An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a command injection in the function startRmtAssist in hnap, which leads to remote code execution via shell metacharacters in a JSON value.
CVE-2019-8999
PUBLISHED: 2019-04-18
An XML External Entity vulnerability in the UEM Core of BlackBerry UEM version(s) earlier than 12.10.1a could allow an attacker to potentially gain read access to files on any system reachable by the UEM service account.
CVE-2018-17168
PUBLISHED: 2019-04-18
PrinterOn Enterprise 4.1.4 contains multiple Cross Site Request Forgery (CSRF) vulnerabilities in the Administration page. For example, an administrator, by following a link, can be tricked into making unwanted changes to a printer (Disable, Approve, etc).