Network Computing Dark Reading

Advertise

Risk

News & Commentary

Cyber Extortionists Can Earn $360,000 a Year

Kelly Sheridan, Staff Editor, Dark Reading

News

Extortion scams capitalize on compromised credentials, sensitive data, and technical vulnerabilities on Internet-facing applications to pressure victims to pay up.

By Kelly Sheridan Staff Editor, Dark Reading, 2/21/2019

1 Comment | Read | Post a Comment

Latest Comment: REISEN1955, Have to smile here. I am in a forensics unit for Malware at a major firm...

Insurer Offers GDPR-Specific Coverage for SMBs

News

Companies covered under the EU mandate can get policies for up to $10 million for fines, penalties, and other costs.

By Jai Vijayan Freelance writer, 2/20/2019

0 comments | Read | Post a Comment

Microsoft Expands AccountGuard to Help Europe Prep for Cyberattacks

Quick Hits

A recent wave of cybercrime has targeted organizations with employees in Belgium, France, Germany, Poland, Romania, and Serbia.

By Dark Reading Staff , 2/20/2019

0 comments | Read | Post a Comment

The Anatomy of a Lazy Phish

Jordan Shakhsheer, Information Security Engineer, Bluestone Analytics

Commentary

A security engineer breaks down how easy it is for unskilled attackers to trick an unsuspecting user to submit credentials to a phishing site.

By Jordan Shakhsheer Information Security Engineer, Bluestone Analytics, 2/20/2019

0 comments | Read | Post a Comment

'Formjacking' Compromises 4,800 Sites Per Month. Could Yours Be One?

News

Cybercriminals see formjacking as a simple opportunity to take advantage of online retailers – and all they need is a small piece of JavaScript.

By Kelly Sheridan Staff Editor, Dark Reading, 2/20/2019

0 comments | Read | Post a Comment

6 Tax Season Tips for Security Pros

Here are some practical ways to keep your company safe as Uncle Sam comes calling.

By Steve Zurier Freelance Writer, 2/19/2019

0 comments | Read | Post a Comment

Privacy Ops: The New Nexus for CISOs & DPOs

Amit Ashbel, Security Evangelist, Cognigo

Commentary

No longer can privacy be an isolated function managed by legal or compliance departments with little or no connection to the organization's underlying security technology.

By Amit Ashbel Security Evangelist, Cognigo, 2/18/2019

1 Comment | Read | Post a Comment

Latest Comment: Vincent Bureau, Good understanding of the culture and privacy operations. Agree with the Privacy...

Staffing Shortage Makes Vulnerabilities Worse

Quick Hits

Businesses don't have sufficient staff to find vulnerabilities or protect against their exploit, according to a new report by Ponemon Institute.

By Dark Reading Staff , 2/15/2019

1 Comment | Read | Post a Comment

Latest Comment: REISEN1955, Again, why would anyone go INTO IT as a career choice to start with when you...

Post-Quantum Crypto Standards Aren’t All About the Math

Ericka Chickowski, Contributing Writer, Dark Reading

News

The industry needs to keep in mind the realities of hardware limits and transitional growing pains, according to Microsoft, Utimaco researchers.

By Ericka Chickowski Contributing Writer, Dark Reading, 2/15/2019

0 comments | Read | Post a Comment

Valentine's Emails Laced with Gandcrab Ransomware

News

In the weeks leading up to Valentine's Day 2019, researchers notice a new form of Gandcrab appearing in romance-themed emails.

By Kelly Sheridan Staff Editor, Dark Reading, 2/14/2019

2 comments | Read | Post a Comment

Latest Comment: BogdanSTORM, I had an encounter this week with Grandcrab 5.1 and unfortunately not even...

How to Create a Dream Team for the New Age of Cybersecurity

Commentary

When each member of your security team is focused on one narrow slice of the pie, it's easy for adversaries to enter through the cracks. Here are five ways to stop them.

By Gaurav Banga Founder and CEO, Balbix, 2/14/2019

0 comments | Read | Post a Comment

Security Spills: 9 Problems Causing the Most Stress

Security practitioners reveal what's causing them the most frustration in their roles.

By Kelly Sheridan Staff Editor, Dark Reading, 2/14/2019

0 comments | Read | Post a Comment

Scammers Fall in Love with Valentine's Day

Curtis Franklin Jr., Senior Editor at Dark Reading

News

Online dating profiles and social media accounts add to the rich data sources that allow criminals to tailor attacks.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 2/13/2019

0 comments | Read | Post a Comment

Lessons Learned from a Hard-Hitting Security Review

Jaspreet Singh, founder and CEO of Druva

Commentary

Information security is a corporate posture and must be managed at all levels: systems, software, personnel, and all the key processes.

By Jaspreet Singh founder and CEO of Druva, 2/13/2019

0 comments | Read | Post a Comment

Up to 100,000 Reported Affected in Landmark White Data Breach

News

Australian property valuation firm Landmark White exposed files containing personal data and property valuation details.

By Kelly Sheridan Staff Editor, Dark Reading, 2/12/2019

1 Comment | Read | Post a Comment

Latest Comment: REISEN1955, Now whoever came up with this brilliant logic should be fired on the spot. ...

Identifying, Understanding & Combating Insider Threats

Ilan Paretsky, Chief Marketing Officer of Ericom

Commentary

Your organization is almost certainly on the lookout for threats from outside the company. But are you ready to address threats from within?

By Ilan Paretsky Chief Marketing Officer of Ericom, 2/12/2019

0 comments | Read | Post a Comment

Malware Campaign Hides Ransomware in Super Mario Wrapper

Quick Hits

A newly discovered malware campaign uses steganography to hide GandCrab in a seemingly innocent Mario image.

By Dark Reading Staff , 2/8/2019

5 comments | Read | Post a Comment

Latest Comment: t_madison, This is an interesting point of view.

4 Payment Security Trends for 2019

Ellen Richey, Vice Chairman and Chief Risk Officer, Visa

Commentary

Visa's chief risk officer anticipates some positive changes ahead.

By Ellen Richey Vice Chairman and Chief Risk Officer, Visa, 2/7/2019

0 comments | Read | Post a Comment

When 911 Goes Down: Why Voice Network Security Must Be a Priority

Mykola Konrad, Vice President of Product Management, Ribbon Communications

Commentary

When there's a DDoS attack against your voice network, are you ready to fight against it?

By Mykola Konrad Vice President of Product Management, Ribbon Communications, 2/7/2019

2 comments | Read | Post a Comment

Latest Comment: brtech99, DDoS and TDoS attacks like the ones you cite are now exceeding a terabit of...

Consumers Care About Security - Sometimes

Quick Hits

New RSA Security survey shows a generation gap in concerns over cybersecurity and privacy.

By Dark Reading Staff , 2/6/2019

0 comments | Read | Post a Comment

More Stories

Current Conversations

Posted by REISEN1955

Have to smile here. I am in a forensics unit for Malware at a major firm and my salary is well below the norm quoted herein. WTF? I am in the wrong job field - LOL Of course JAIL is also a condition...

In reply to: Wrong profession
Post Your Own Reply

Posted by MarcM

We won't cut you loose as long as you don't slow us down!

In reply to: Business drag
Post Your Own Reply

Posted by michaelmaloney

Sometimes consumers are just too complacent about the ready benefits that are being laid out in front of them. Every individual surely knows how to take advantage of each and every single one of them without considering...

In reply to: Too complacent too dangerous
Post Your Own Reply

Posted by acampbell448

Security? Our motto is Move Fast and Break things.

In reply to: Move Fast
Post Your Own Reply

Posted by MeeraSK

Please check on iiot-world website about the definition of IoT and IIoT. Couldn't share a link because of the current restriction.

In reply to: Do connected home appliances really fall under IoTs ?
Post Your Own Reply

Posted by jrig1842

It's clear even Security is not sure what to do for self driving cars

In reply to: Security Clearance
Post Your Own Reply

Posted by geeksquad9333

Thanks for this information.

In reply to: Re: Chrome update
Post Your Own Reply

Posted by REISEN1955

Dang - he really wants to be serious about websurfing!

In reply to: Re: New Cartoon! Check it out...
Post Your Own Reply

Posted by EdwardThirlwall

I'm sure that the requirements are going to continue to change across the ages. What is more important is that the CISO has relevant knowledge and experience to deal with exceptions as they happen. I reckon that crisis handling...

In reply to: Defend and protect!
Post Your Own Reply

Posted by MarkSindone

To be honest, who really thoroughly reads every single word of the terms and conditions of every platform we use? Even if Facebook did state in detailed its privacy clause to its members, I highly doubt that anyone would...

In reply to: Who is to be blamed?
Post Your Own Reply

Posted by aborsi

thansk your posting obat klg

In reply to: Re: Data science
Post Your Own Reply

Posted by Vincent Bureau

Good understanding of the culture and privacy operations. Agree with the Privacy ops approach. Beware of the conflict of interest as the DPO for the GDPR is an independent advisor.

In reply to: Privacy Ops & DPO role
Post Your Own Reply

More Conversations

Products & Releases

Prevalent Announces New CEO, Expands Leadership Team with 3 New C-Suite Positions

Tripwire IP360 Now Discovers More Than 200,000 Conditions

More Than Half of Companies See Rise in Mobile Security Threats: Bitglass 2018 BYOD Report

Global Cooperation And Regulation Key In Addressing Multilayered Threats Posed By New Technology

Eurofins Digital Testing Launches Cyber Security Division

New Research from eSentire Finds Only 30 Percent of Firms are Confident They Can Avoid a Major Security Event in the Next Two Years

CMMI Institute Updates Cybermaturity Platform with Practices to Build Cybersecurity Resilience

Smarsh Survey Reveals Financial Firms Looking for Communications Risks in the Wrong Places

More Products & Releases

PR Newswire

Hot Topics

Editors' Choice

Making the Case for a Cybersecurity Moon Shot

Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer, 2/19/2019

New Free Tool Scans for Chrome Extension Safety

Dark Reading Staff 2/21/2019

Privacy Ops: The New Nexus for CISOs & DPOs

Amit Ashbel, Security Evangelist, Cognigo, 2/18/2019

Live Events

Webinars

More UBM Tech
Live Events

Drive Your Business and Career Forward at Interop19

Interop 2019 - The Unbiased IT Conference

Enterprise Connect 2019 - Build Your Comms & Collaboration Future

White Papers

[SANS] The Need for Speed: Integrated Threat Response

2018 Cyberthreat Defense Report

[Report] The Evolution of the Secure Software Lifecycle

[ESG Report] Endpoint Security Must Include Rapid Query & Remediation Capabilities

Want to Stay In Front of Breaches? Train Like The Marines.

More White Papers

Video

All Risk Videos

Cartoon

Latest Comment: We won't cut you loose as long as you don't slow us down!

Cartoon Archive

Current Issue

5 Emerging Cyber Threats to Watch for in 2019

Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Enterprises Are Attacking the Cybersecurity Problem

Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.

Download Now!

How Enterprises Are Using IT Threat Intelligence

0 comments

Online Malware and Threats: A Profile of Today's Security Posture

0 comments

The Risk Management Struggle

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-8955
PUBLISHED: 2019-02-21

In Tor before 0.3.3.12, 0.3.4.x before 0.3.4.11, 0.3.5.x before 0.3.5.8, and 0.4.x before 0.4.0.2-alpha, remote denial of service against Tor clients and relays can occur via memory exhaustion in the KIST cell scheduler.

CVE-2019-1698
PUBLISHED: 2019-02-21

A vulnerability in the web-based user interface of Cisco Internet of Things Field Network Director (IoT-FND) Software could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. The vulnerability is due to improper handling of XML External E...

CVE-2019-1700
PUBLISHED: 2019-02-21

A vulnerability in field-programmable gate array (FPGA) ingress buffer management for the Cisco Firepower 9000 Series with the Cisco Firepower 2-port 100G double-width network module (PID: FPR9K-DNM-2X100G) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) conditio...

CVE-2019-6340
PUBLISHED: 2019-02-21

Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RE...

CVE-2019-8996
PUBLISHED: 2019-02-21

In Signiant Manager+Agents before 13.5, the implementation of the set command has a Buffer Overflow.

Terms of Service
Privacy Statement
Legal Entities