Network Computing Dark Reading

Advertise

Risk

News & Commentary

Cryptojacking, Mobile Malware Growing Threats to the Enterprise

Curtis Franklin Jr., Senior Editor at Dark Reading

News

At the same time, criminal organizations continue to look for new ways to attack their victims.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/14/2018

0 comments | Read | Post a Comment

Black Hat: European Security Pros Wrestling With Potential Breaches, Privacy Issues

Tim Wilson, Editor in Chief, Dark Reading,

News

Black Hat Europe attendee survey shows European cybersecurity leaders are uncertain of their ability to protect end user data – and are fearful of a near-term breach of critical infrastructure.

By Tim Wilson, Editor in Chief, Dark Reading , 11/14/2018

0 comments | Read | Post a Comment

Airlines Have a Big Problem with Bad Bots

Kelly Sheridan, Staff Editor, Dark Reading

News

Bad bots account for 43.9% of all traffic on their websites, APIs, and mobile apps, according to a new analysis of 100 airlines.

By Kelly Sheridan Staff Editor, Dark Reading, 11/14/2018

0 comments | Read | Post a Comment

Can Businesses Stand Up to Cybercrime? Only 61% Say Yes

Quick Hits

While 96% of US organizations say business resilience should be core to company strategy, only 61% say it actually is.

By Dark Reading Staff , 11/14/2018

0 comments | Read | Post a Comment

Microsoft Patch Tuesday Recap: 12 Critical Bugs Fixed

Quick Hits

Eight of the 12 critical vulnerabilities addressed this month affect the Chakra Scripting Engine in Microsoft Edge.

By Dark Reading Staff , 11/13/2018

0 comments | Read | Post a Comment

Getting to Know Magecart: An Inside Look at 7 Groups

News

A new report spills the details on Magecart, the criminal groups driving it, and ongoing attacks targeting low- and high-profile victims.

By Kelly Sheridan Staff Editor, Dark Reading, 11/13/2018

0 comments | Read | Post a Comment

Empathy: The Next Killer App for Cybersecurity?

Shay Colson, CISSP, Senior Manager, CyberClarity360

Commentary

The toughest security problems involve people not technology. Here's how to motivate your frontline employees all the way from the service desk to the corner office.

By Shay Colson CISSP, Senior Manager, CyberClarity360, 11/13/2018

0 comments | Read | Post a Comment

Google Traffic Temporarily Rerouted via Russia, China

News

The incident, which Google reports is now resolved, could be the result of either technical mistakes or malicious activity.

By Kelly Sheridan Staff Editor, Dark Reading, 11/13/2018

0 comments | Read | Post a Comment

2018 on Track to Be One of the Worst Ever for Data Breaches

News

A total of 3,676 breaches involving over 3.6 billion records were reported in the first nine months of this year alone.

By Jai Vijayan Freelance writer, 11/12/2018

0 comments | Read | Post a Comment

Veterans Find New Roles in Enterprise Cybersecurity

News

Facebook and Synack create programs to educate vets and grow employment opportunities while shrinking the cybersecurity talent gap.

By Kelly Sheridan Staff Editor, Dark Reading, 11/12/2018

2 comments | Read | Post a Comment

Latest Comment: jrpolan, With the dearth of cybersecurity professionals out there and technology frontiers...

7 Cool New Security Tools to be Revealed at Black Hat Europe

Black Hat Europe's Arsenal lineup will include demoes of new security tools, from AI malware research to container orchestration.

By Ericka Chickowski Contributing Writer, Dark Reading, 11/12/2018

0 comments | Read | Post a Comment

Cyberattacks Top Business Risks in North America, Europe, EAP

Quick Hits

The World Economic Forum reports cyberattacks are a top enterprise concern following WannaCry and the rise of e-commerce.

By Dark Reading Staff , 11/12/2018

0 comments | Read | Post a Comment

'CARTA': A New Tool in the Breach Prevention Toolbox

Christopher Acton, VP, Security Services and Customer Success, RiskSense

Commentary

Gartner's continuous adaptive risk and trust assessment for averting a data breach addresses the shortcomings of static security programs.

By Christopher Acton VP, Security Services and Customer Success, RiskSense, 11/12/2018

0 comments | Read | Post a Comment

Inside CSAW, a Massive Student-Led Cybersecurity Competition

News

Nearly 400 high school, undergraduate, and graduate students advance to the final round of New York University's CSAW games.

By Kelly Sheridan Staff Editor, Dark Reading, 11/9/2018

0 comments | Read | Post a Comment

Dropbox Teams with Israeli Security Firm Coronet

Quick Hits

The partnership is expected to improve threat detection for Dropbox while growing Coronet's user base.

By Dark Reading Staff , 11/9/2018

0 comments | Read | Post a Comment

What You Should Know About Grayware (and What to Do About It)

Grayware is a tricky security problem, but there are steps you can take to defend your organization when you recognize the risk.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/9/2018

0 comments | Read | Post a Comment

Vulnerabilities in Our Infrastructure: 5 Ways to Mitigate the Risk

Michael Fabian, Principal Security Consultant, Synopsys

Commentary

By teaming up to address key technical and organizational issues, information and operational security teams can improve the resiliency and safety of their infrastructure systems.

By Michael Fabian Principal Security Consultant, Synopsys, 11/9/2018

0 comments | Read | Post a Comment

Microsoft President: Governments Must Cooperate on Cybersecurity

News

Microsoft's Brad Smith calls on nations and businesses to work toward "digital peace" and acknowledge the effects of cybercrime.

By Kelly Sheridan Staff Editor, Dark Reading, 11/8/2018

3 comments | Read | Post a Comment

Latest Comment: Cheeseman, Somewhat disappointing as it appears Microsoft is asking for a government subsidy...

Banking Malware Takes Aim at Brazilians

Quick Hits

Two malware distribution campaigns are sending banking Trojans to customers of financial institutions in Brazil.

By Dark Reading Staff , 11/8/2018

0 comments | Read | Post a Comment

Finding Gold in the Threat Intelligence Rush

News

Researchers sift through millions of threat intel observations to determine where to best find valuable threat data.

By Kelly Sheridan Staff Editor, Dark Reading, 11/7/2018

0 comments | Read | Post a Comment

More Stories

Current Conversations

Posted by jrpolan

With the dearth of cybersecurity professionals out there and technology frontiers growing daily, former military personnel are a great source of new weapons. As a vet myself, I can say they are highly-trainable, responsible,...

In reply to: Great topic
Post Your Own Reply

Posted by aricamartin

The secure operating system is the Linux operating system which is used in the IT organizations mostly. I am getting the windows error code 0x80004005 for the help purpose but did not get any response.

In reply to: OS Error
Post Your Own Reply

Posted by hucklesinthedark

Good points, but of course I'm saying that since I'm an auditor myself. I can vouch for internal audit's potential to help other departments stay on track and make the most of their own processes. I find that internal audit...

In reply to: Defining the Process
Post Your Own Reply

Posted by Ratteau

Do you have a link to the Synack course for more information? Cant find it at their corporate site.

In reply to: Link
Post Your Own Reply

Posted by jessicaglover012

Solving coding assignments can be really difficult at times because this subject covers many complex areas including MATLAB, visual basic, coldfusion, oracle, MYSQL, prolog, etc. We have seen that the number of students...

In reply to: Coding Assignment
Post Your Own Reply

Posted by tcritchley07

I hope Brad reads this response. I've writtne to him twice with researched ideas on tackling this issue to no avail. It reminds me of Mark Twain's 'Everybody is talking about the weather, nobody is doing anyhting about it'. tcritchley07...

In reply to: Brad Smith on Cybersecurity
Post Your Own Reply

Posted by dskquality

You know, at first glance, I liked the idea of wearable tech.. Never through it would be a security risk.

In reply to: Re: Check out the latest from John Klossner
Post Your Own Reply

Posted by taylor03

I think this is a good step to overcome cybercrimes.

In reply to: Taylor
Post Your Own Reply

Posted by doctor91

De mon coté c'est bien sécurisé

In reply to: Re: Lack of Proof is NOT Lack of Attacks -- its proof of a growing problem
Post Your Own Reply

Posted by amitaymolko

Did you end up writing that bruteforce permissions script?Did you find any other vulnerable services?

In reply to: Bruteforce permissions script
Post Your Own Reply

Posted by run3

Thanks for your sharing, great article. I enjoyed reading this article. asianfanfics

In reply to: Re: Biggest Malware threat - none of the above
Post Your Own Reply

Posted by nelly.fr

Asked whether the overall news regarding malware is good or bad, Doman says, "The answer varies depending on which side you're looking at. Are there more threats out there and more exploitable vulnerabilities?

In reply to: Re: Biggest Malware threat - none
Post Your Own Reply

More Conversations

Products & Releases

Eurofins Digital Testing Launches Cyber Security Division

New Research from eSentire Finds Only 30 Percent of Firms are Confident They Can Avoid a Major Security Event in the Next Two Years

CMMI Institute Updates Cybermaturity Platform with Practices to Build Cybersecurity Resilience

Smarsh Survey Reveals Financial Firms Looking for Communications Risks in the Wrong Places

Carbonite Introduces Comprehensive Data Protection for Virtual and Physical Servers

60% of IT Security Professionals Looking to Leave Current Job: Mondo

The Chertoff Group Announces Rebrand

New RiskRecon Asset Risk Valuation Algorithms Manage Third-Party Cyber Risk

More Products & Releases

PR Newswire

Hot Topics

Editors' Choice

Microsoft President: Governments Must Cooperate on Cybersecurity

Kelly Sheridan, Staff Editor, Dark Reading, 11/8/2018

Veterans Find New Roles in Enterprise Cybersecurity

Kelly Sheridan, Staff Editor, Dark Reading, 11/12/2018

To Click or Not to Click: The Answer Is Easy

Kowsik Guruswamy, Chief Technology Officer at Menlo Security, 11/14/2018

Live Events

Webinars

More UBM Tech
Live Events

Enterprise Connect 2019 - Build Your Comms & Collaboration Future

Communications & Collaboration 2022 at EC19 Orlando March 18-21

White Papers

2018 Cyberthreat Defense Report

What is the Main Obstacle to Security?

Design Secure Software from the First Line of Code

Picture This: Cyber Crime for Sale

The Surprising State of IT Security

More White Papers

Video

All Risk Videos

Cartoon

Latest Comment: You know, at first glance, I liked the idea of wearable tech.. Never through it would be a security risk.

Cartoon Archive

Current Issue

10 Emerging Threats Every Enterprise Should Know About

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Online Malware and Threats: A Profile of Today's Security Posture

This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!

Download Now!

The Risk Management Struggle

0 comments

How Data Breaches Affect the Enterprise

0 comments

The State of IT and Cybersecurity

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2015-9274
PUBLISHED: 2018-11-15

HarfBuzz before 1.0.4 allows remote attackers to cause a denial of service (invalid read of two bytes and application crash) because of GPOS and GSUB table mishandling, related to hb-ot-layout-gpos-table.hh, hb-ot-layout-gsub-table.hh, and hb-ot-layout-gsubgpos-private.hh.

CVE-2018-19286
PUBLISHED: 2018-11-15

The server in mubu note 2018-11-11 has XSS by configuring an account with a crafted name value (along with an arbitrary username value), and then creating and sharing a note.

CVE-2018-19287
PUBLISHED: 2018-11-15

XSS in the Ninja Forms plugin before 3.3.18 for WordPress allows Remote Attackers to execute JavaScript via the includes/Admin/Menus/Submissions.php (aka submissions page) begin_date, end_date, or form_id parameter.

CVE-2018-19288
PUBLISHED: 2018-11-15

Zoho ManageEngine OpManager 12.3 before Build 123223 has XSS via the updateWidget API.

CVE-2018-19289
PUBLISHED: 2018-11-15

An issue was discovered in Valine v1.3.3. It allows HTML injection, which can be exploited for JavaScript execution via an EMBED element in conjunction with a .pdf file.

Terms of Service
Privacy Statement
Legal Entities