Advertise

Risk

News & Commentary

'Wallchart' Phishing Campaign Exploits World Cup Watchers

Kelly Sheridan, Staff Editor, Dark Reading

News

The details on a phishing attack designed to lure soccer fans with a subject line about the World Cup schedule and scoresheet.

By Kelly Sheridan Staff Editor, Dark Reading, 6/18/2018

0 comments | Read | Post a Comment

3 Tips for Driving User Buy-in to Security Policies

Marc Laliberte, Information Security Threat Analyst, WatchGuard Technologies

Commentary

Teaching users why it's important to commit to security controls is a far more effective strategy than simply demanding that they follow them. Here's how.

By Marc Laliberte Information Security Threat Analyst, WatchGuard Technologies, 6/18/2018

0 comments | Read | Post a Comment

Cisco Talos Summit: Network Defenders Not Serious Enough About Attacks

Curtis Franklin Jr., Senior Editor at Dark Reading

News

Security is weak, and most companies are clueless, according to Immunity researcher Lurene Grenier, who kicked off the Cisco Talos Threat Research Summit on Sunday.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/13/2018

1 Comment | Read | Post a Comment

Latest Comment: REISEN1955, I am honored to be working with a talented group of warfare professoinals at...

Security Ratings Answer Big Questions in Cyber Insurance

News

More insurers are teaming up with security ratings firms to learn more about their clients, define policies, and determine coverage.

By Kelly Sheridan Staff Editor, Dark Reading, 6/11/2018

0 comments | Read | Post a Comment

6 Ways Greed Has a Negative Effect on Cybersecurity

Joshua Goldfarb, Co-founder & Chief Product Officer, IDRRA

Commentary

How the security industry can both make money and stay true to its core values, and why that matters.

By Joshua Goldfarb Co-founder & Chief Product Officer, IDRRA , 6/11/2018

3 comments | Read | Post a Comment

Latest Comment: Ronn91, Great Information sharing .. I am very happy to read this article .. thanks...

Bug Bounty Payouts Up 73% Per Vulnerability: Bugcrowd

News

Bug bounty programs grew along with payouts, which averaged $781 per vulnerability this year, researchers report.

By Kelly Sheridan Staff Editor, Dark Reading, 6/7/2018

0 comments | Read | Post a Comment

DevSecOps Gains Enterprise Traction

News

Enterprise adoption of DevSecOps has surged in the past year, according to a study conducted at this year's RSA Conference.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/7/2018

0 comments | Read | Post a Comment

In Pursuit of Cryptography's Holy Grail

Ellison Anne Williams, Founder and CEO of Enveil

Commentary

Homomorphic encryption eliminates the need for data exposure at any point — something that certainly would be welcome these days.

By Ellison Anne Williams Founder and CEO of Enveil, 6/7/2018

0 comments | Read | Post a Comment

Survey Shows Florida at the Bottom for Consumer Cybersecurity

News

A new survey shows that residents of the Sunshine State engage in more risky behavior than their counterparts in the other 49 states.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/6/2018

0 comments | Read | Post a Comment

Tax-Season Malware Campaign Delivers Trojan Via Email

Quick Hits

A new example of a long-term phenomenon delivers a banking trojan via a downloader activated by a URL in a phishing email.

By Dark Reading Staff , 6/6/2018

0 comments | Read | Post a Comment

Panorays Debuts With $5 Million Investment

Quick Hits

Panorays, a company focusing on third-party security issues for the enterprise, has exited stealth mode.

By Dark Reading Staff , 6/5/2018

0 comments | Read | Post a Comment

The Breach Disclosure Double Standard

Ericka Chickowski, Contributing Writer, Dark Reading

News

Cybersecurity pros expect to be notified immediately when they're breached, but most don't do the same – and some even cover up breaches.

By Ericka Chickowski Contributing Writer, Dark Reading, 6/5/2018

0 comments | Read | Post a Comment

Dark Reading Launches Second INsecurity Conference

Tim Wilson, Editor in Chief, Dark Reading,

News

To be held in Chicago Oct. 23-25, defense-focused conference will feature closed-door discussions, co-resident Black Hat Training sessions

By Tim Wilson, Editor in Chief, Dark Reading , 6/5/2018

0 comments | Read | Post a Comment

Building a Safe, Efficient, Cost-Effective Security Infrastructure

Ken Mills, General Manager of IoT, Surveillance and Security, Dell EMC

Commentary

The Industrial Internet of Things allows organizations to address both physical and digital security concerns.

By Ken Mills General Manager of IoT, Surveillance and Security, Dell EMC, 6/4/2018

0 comments | Read | Post a Comment

Google Groups Misconfiguration Exposes Corporate Data

News

Researchers say as many as 10,000 businesses are affected by a widespread misconfiguration in Google Groups settings.

By Kelly Sheridan Staff Editor, Dark Reading, 6/1/2018

0 comments | Read | Post a Comment

Telegram: Apple Has Blocked Updates since April

Quick Hits

Telegram founder and chief executive Pavel Durov claims the messaging service has not been able to make technical updates anywhere in the world.

By Dark Reading Staff , 6/1/2018

0 comments | Read | Post a Comment

New Federal Report Gives Guidance on Beating Botnets

News

A report from the Departments of Commerce and Homeland Security provides five goals for protecting infrastructure from botnets and other automated threats.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/31/2018

1 Comment | Read | Post a Comment

Latest Comment: BrianN060, While the report and the executive order are meaningful, a number of the points...

6 Security Investments You May Be Wasting

Not all tools and services provide the same value. Some relatively low-cost practices have a major payoff while some of the most expensive tools make little difference.

By Kelly Sheridan Staff Editor, Dark Reading, 5/31/2018

0 comments | Read | Post a Comment

Hacker Sentenced to 5 Years in Yahoo Credential Theft Case

News

Karim Baratov given prison time and seven-figure fine after guilty plea in the massive Yahoo data breach

By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/30/2018

2 comments | Read | Post a Comment

Latest Comment: REISEN1955, Agree in nature of Yahoo - a fading search engine and right up there with anyone...

FireEye Offers Free Tool to Detect Malicious Remote Logins

Kelly Jackson Higgins, Executive Editor at Dark Reading

News

Open source GeoLogonalyzer helps to weed out hackers exploiting stolen credentials to log into their targets.

By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/30/2018

0 comments | Read | Post a Comment

More Stories

Current Conversations

Posted by Ronn91

Great Information sharing .. I am very happy to read this article .. thanks for giving us go through info Fantastic nice.

In reply to: Re: cool
Post Your Own Reply

Posted by Brother Printer Support

I thought I should try to call that number, Trust me the Brother Printer Repair Services its cool and very much helpful, their advisors having too much depth on the subject, they know how to treat a customer for his/her...

In reply to: Re: Brother Printer Support
Post Your Own Reply

Posted by Brother Printer Support

In reply to: Re: Brother Printer Support
Post Your Own Reply

Posted by ShimonO600

I can think of more, in any case, interesting read.

In reply to: Only 6?
Post Your Own Reply

Posted by REISEN1955

I am honored to be working with a talented group of warfare professoinals at Fiserv - where we have a dedicated malware forensics and threat hunting group for the entire firm. We are ACTIVE in finding incoming threats...

In reply to: Working in a real shop
Post Your Own Reply

Posted by williamlucas

Thanks for sharing an informative post and detailed explanation for the same.

In reply to: re: Hacking Higher Education
Post Your Own Reply

Posted by baranteo

Cybersecurity is a problem of last 5-8 years. I'm sure it's a global issue because society afraid that their lives are in danger. We must monitor websites to protect ourselves as consumers

In reply to: cool
Post Your Own Reply

Posted by printer1

Actually, on my side, it was very great full for us that we all have the reporter and then you also depended on the report. For that, if you interested in that for them I suggest a site. From the site, you will know...

In reply to: Reporter
Post Your Own Reply

Posted by BrianN060

While the report and the executive order are meaningful, a number of the points mentioned in the article are questionable, if not downright head-scratching. Those referenced in the article summary are perplexing -...

In reply to: Guidance on Beating Botnets - report
Post Your Own Reply

Posted by Brother Printer Support

Off Course, you have to search any kind of information we have to want we search at GOOGLE. But Need is an important matter what we need actually If we want to support related issue then Search Support like we have a printer...

In reply to: Brother Printer Support
Post Your Own Reply

Posted by quickbookshelp

Antiviruses is a software which prevents pcs from outsiders malware viruses etc. To know more visit Hp printer support.

In reply to: Hp printer support
Post Your Own Reply

Posted by jpatterson300

You can take the hacker out of Mom's basement...

In reply to: Acclimation
Post Your Own Reply

More Conversations

Products & Releases

68% of EU, US Crypto Exchanges and Wallets Fail on Proper Customer Identity Checks

Cybersecurity, IT Governance, Emerging Tech Shaping 2018 IT Audit Plans: Protiviti, ISACA

ISACA Unveils GDPR Assessment for Enterprises to Gauge Regulation Readiness and Compliance Path

Tax Software Providers Not Protecting Emails from Phishing and Spoofing

Kaspersky Lab finds Prilex POS malware evolving to target chip and PIN-protected cards

PCI SSC Announces Changes to Qualified Integrators and Resellers Program

TechDemocracy’s Cyber Risk Governance Portfolio Meets Highest Quality and Information Security Standards with New ISO Certifications

Cyber Insurer Coalition Raises $10 Million to Solve Cyber Risk for SMBs

More Products & Releases

PR Newswire

Hot Topics

Editors' Choice

Weaponizing IPv6 to Bypass IPv4 Security

John Anderson, Principal Security Consultant, Trustwave Spiderlabs, 6/12/2018

'Shift Left' & the Connected Car

Rohit Sethi, COO of Security Compass, 6/12/2018

Why CISOs Need a Security Reality Check

Joel Fulton, Chief Information Security Officer for Splunk, 6/13/2018

Live Events

Webinars

More UBM Tech
Live Events

INsecurity Conference - An Event Like No Other

Black Hat Trainings - October 22 & 23

Are You Looking to Learn About New Cybersecurity Threats & Challenges? Then INsecurity Is For You!

White Papers

2018 Security Report

Microsoft Fixes 11 Critical, 39 Important Vulns

CIAM vs. IAM - How Customer IAM differs from traditional IAM

[Cybersecurity] 11 key points to consider when choosing a solution

Build vs. Buy? Pros & Cons of Customer Identity & Access Management (CIAM) Implementation Options

More White Papers

Video

All Risk Videos

Cartoon

Latest Comment: IT'S A BEAUTIFUL WALL! AND MEXICO WILL PAY FOR IT!

Cartoon Archive

Current Issue

The Changing Role of the CISO

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The State of IT and Cybersecurity

IT and security are often viewed as different disciplines - and different departments. Find out what our survey data revealed, read the report today!

Download Now!

[Strategic Security Report] Navigating the Threat Intelligence Maze

0 comments

[Strategic Security Report] Cloud Security's Changing Landscape

0 comments

The State of Ransomware

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-10617
PUBLISHED: 2018-06-18

Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior utilizes a fixed-length heap buffer where a value larger than the buffer can be read from a .dpa file into the buffer, causing the buffer to be overwritten. This may allow remote code execution or cause the application t...

CVE-2018-10621
PUBLISHED: 2018-06-18

Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior utilizes a fixed-length stack buffer where a value larger than the buffer can be read from a .dpa file into the buffer, causing the buffer to be overwritten. This may allow remote code execution or cause the application ...

CVE-2018-10623
PUBLISHED: 2018-06-18

Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior performs read operations on a memory buffer where the position can be determined by a value read from a .dpa file. This may cause improper restriction of operations within the bounds of the memory buffer, allow remote co...

CVE-2015-4664
PUBLISHED: 2018-06-18

An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands.

CVE-2018-9021
PUBLISHED: 2018-06-18

An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests.

Terms of Service
Privacy Statement
Legal Entities