Network Computing Dark Reading

Advertise

Risk

News & Commentary

Russia Hacked Clinton's Computers Five Hours After Trump's Call

Robert Lemos, Technology Journalist/Data Researcher

News

Mueller report finds that in July 2016, after then-candidate Donald Trump publicly called for Russia to "find the 30,000 emails," Russian agents targeted Hillary Clinton's personal office with cyberattacks.

By Robert Lemos Technology Journalist/Data Researcher, 4/19/2019

6 comments | Read | Post a Comment

Latest Comment: VectorVortec, If you ever handled website administration, you would know that Russian bots...

Why We Need a 'Cleaner Internet'

Darren Anstee, Chief Technology Officer at Arbor Networks

Commentary

By blocking threats and attacks nearer to their sources, cybersecurity pros could help turn the connected world into a safer place for all.

By Darren Anstee Chief Technology Officer at Arbor Networks, 4/19/2019

0 comments | Read | Post a Comment

Third-Party Cyber-Risk by the Numbers

Recent stats show that the state of third-party cyber risk and vendor risk management remains largely immature at most organizations.

By Ericka Chickowski Contributing Writer, Dark Reading, 4/19/2019

0 comments | Read | Post a Comment

Cisco Issues 31 Mid-April Security Alerts

Curtis Franklin Jr., Senior Editor at Dark Reading

News

Among them, two are critical and six are of high importance.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/18/2019

0 comments | Read | Post a Comment

Cloud Security Spend Set to Reach $12.6B by 2023

Kelly Sheridan, Staff Editor, Dark Reading

News

Growth corresponds with a greater reliance on public cloud services.

By Kelly Sheridan Staff Editor, Dark Reading, 4/18/2019

0 comments | Read | Post a Comment

The Cybersecurity Automation Paradox

News

Recent studies show that before automation can reduce the burden on understaffed cybersecurity teams, they need to bring in enough automation skills to run the tools.

By Ericka Chickowski Contributing Writer, Dark Reading, 4/18/2019

0 comments | Read | Post a Comment

Facebook Accidentally Imported 1.5M Users' Email Data Sans Consent

Quick Hits

The social media giant says it did not access the imported data and is notifying affected users.

By Dark Reading Staff , 4/18/2019

2 comments | Read | Post a Comment

Latest Comment: REISEN1955, Zucky does not really care - he has billions and can retire in comfort whenever...

VPN Vulnerabilities Point Out Need for Comprehensive Remote Security

News

VPNs are the primary tool for securing remote access, but recently disclosed vulnerabilities point out the weakness of relying on them as the only tool.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/17/2019

0 comments | Read | Post a Comment

Tips for the Aftermath of a Cyberattack

News

Incident response demands technical expertise, but you can't fully recover without non-IT experts.

By Kelly Sheridan Staff Editor, Dark Reading, 4/17/2019

2 comments | Read | Post a Comment

Latest Comment: REISEN1955, I wrote this for humor but one helluva lot of it comes out of Experian and...

New Malware Campaign Targets Financials, Retailers

Quick Hits

The attack uses a legitimate remote access system as well as several families of malware.

By Dark Reading Staff , 4/17/2019

0 comments | Read | Post a Comment

Legacy Apps: The Security Risk Lurking in Dusty Corners

Tim Buntel, VP, Application Security Products, Threat Stack

Commentary

Four best practices to keep old code from compromising your enterprise environment.

By Tim Buntel VP, Application Security Products, Threat Stack, 4/17/2019

1 Comment | Read | Post a Comment

Latest Comment: REISEN1955, Every firm has a legacy system, one old Compaq Prolinea that has weird or ancient...

Inside the Dark Web's How-To Guides for Teaching Fraud

Quick Hits

A new study investigates nearly 30,000 guides to explore what fraudsters sell and teach aspiring cybercriminals.

By Dark Reading Staff , 4/17/2019

0 comments | Read | Post a Comment

Selecting the Right Strategy to Reduce Vulnerability Risk

Tim Erlin, VP of Product Management & Strategy at Tripwire

Commentary

There's no one-size-fits-all strategy for eliminating vulnerability risk. Knowing how your organization operates is what makes the difference.

By Tim Erlin VP of Product Management & Strategy at Tripwire, 4/17/2019

0 comments | Read | Post a Comment

7 Tips for an Effective Employee Security Awareness Program

Breaches and compliance requirements have heightened the need for continuous and effective employee training, security experts say.

By Jai Vijayan Freelance writer, 4/17/2019

1 Comment | Read | Post a Comment

Latest Comment: REISEN1955, It is amazing how many security breach issues are directly related to phishing. ...

Security Audit Shows Gains, Though Privacy Lags

News

The 2018 Online Trust Audit shows that "encryption everywhere" is improving security, while fuzzy language is slowing privacy gains.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/16/2019

0 comments | Read | Post a Comment

Meet Scranos: New Rootkit-Based Malware Gains Confidence

News

The cross-platform operation, first tested on victims in China, has begun to spread around the world.

By Kelly Sheridan Staff Editor, Dark Reading, 4/16/2019

1 Comment | Read | Post a Comment

Latest Comment: REISEN1955, This has to be sister of Thanos in the next Avenger's movie for 2025 releas...

Benefiting from Data Privacy Investments

Marc Wilczek, Digital Strategist & CIO Advisor

Commentary

GDPR-ready companies experience lower overall costs associated with data breaches, research finds.

By Marc Wilczek Digital Strategist & CIO Advisor, 4/16/2019

0 comments | Read | Post a Comment

IT Outsourcing Firm Wipro Investigates Data Breach

Quick Hits

Employee accounts may have been compromised in a sophisticated phishing campaign.

By Dark Reading Staff , 4/16/2019

1 Comment | Read | Post a Comment

Latest Comment: REISEN1955, I spent 8 months before the mast with a Wipro-IBM client in 2016 to 2017 before...

New Details Emerge on Windows Zero Day

News

The CVE-2019-0859 vulnerability, patched last week, is the latest in a string of Windows local privilege escalation bugs discovered at Kaspersky Lab.

By Kelly Sheridan Staff Editor, Dark Reading, 4/15/2019

0 comments | Read | Post a Comment

CERT, CISA Warn of Vuln in at Least 4 Major VPNs

Quick Hits

VPN products by Cisco, Palo Alto Networks, F5 Networks, Pulse Secure, insecurely store session cookies.

By Dark Reading Staff , 4/12/2019

1 Comment | Read | Post a Comment

Latest Comment: RyanSepe, "exfiltrates the cookie using other methods" I would deem the most probable....

More Stories

Current Conversations

Posted by VectorVortec

If you ever handled website administration, you would know that Russian bots attack every 3 to 4 seconds, at least. So to state that there was an attempt on HRC's computer is not news to anyone who has ever worked in this...

In reply to: Re: Keep Politics out of this forum
Post Your Own Reply

Posted by RonR726

This comment is waiting for review by our moderators.

In reply to: Pending Review
Post Your Own Reply

Posted by amaliawhite

This comment is waiting for review by our moderators.

In reply to: Pending Review
Post Your Own Reply

Posted by Milos Rex

Interestingly enough, there is not much content about security matters related to mergers and acquisitions online, and yet it is one of the most important things to pay attention to. The only other place where I found articles...

In reply to: Compliments!
Post Your Own Reply

Posted by Kelly Jackson Higgins

@REISEN1955, I'm not sure I understand your comment on the article as "political." This is reporting on a key cybersecurity element/finding in the Mueller report. Dark Reading has been covering the Russian hacking of the...

In reply to: Re: Keep Politics out of this forum
Post Your Own Reply

Posted by REISEN1955

Agree - an article on HOW they did it might be more interesting.

In reply to: Re: Keep Politics out of this forum
Post Your Own Reply

Posted by LANCELOTT69

I know the tempation to allow your politics to bleed into your business is powerful, but please stop. This is not the place for it.

In reply to: Re: Keep Politics out of this forum
Post Your Own Reply

Posted by REISEN1955

Like Linkedin ---- political articles do NOT belong here.

In reply to: Keep Politics out of this forum
Post Your Own Reply

Posted by REISEN1955

Zucky does not really care - he has billions and can retire in comfort whenever he wants too. No vested interest in change.

In reply to: Re: Facebook
Post Your Own Reply

Posted by JayceJohnson

We have essay experts who specifically help in an Essay Writing assignment for students of all educational and they provide you with their assignments before delivery of time.

In reply to: Re: Interesting Post
Post Your Own Reply

Posted by niajax

Hi Kelly, It's great to know about Androdi Phones with Physical Security Keys. Google keeps updating the latest features to make Android more user-friendly & especially for Security. This Physical Security Keys update...

In reply to: Wait is over for Physical Security Keys
Post Your Own Reply

Posted by RyanSepe

How is Facebook still around? They consistently make these privacy blunders. I posit that they will not be around, at least in this form in the next two decades, at least not in the form they currently hold. Most Gen Y...

In reply to: Facebook
Post Your Own Reply

More Conversations

Products & Releases

Cybercriminals Using Popular TV Shows to Spread Malware

OPAQ Awarded Patent for Cyber Risk Assessment Technology

TrueVault Launches TrueVault Atlas To Automate Aspects of GDPR Compliance

Industrial Internet Consortium Announces Practitioner's Guide for Assessing Maturity of IoT System Security

Prevalent Announces New CEO, Expands Leadership Team with 3 New C-Suite Positions

Tripwire IP360 Now Discovers More Than 200,000 Conditions

More Than Half of Companies See Rise in Mobile Security Threats: Bitglass 2018 BYOD Report

Global Cooperation And Regulation Key In Addressing Multilayered Threats Posed By New Technology

More Products & Releases

PR Newswire

Hot Topics

Editors' Choice

Russia Hacked Clinton's Computers Five Hours After Trump's Call

Robert Lemos, Technology Journalist/Data Researcher, 4/19/2019

Tips for the Aftermath of a Cyberattack

Kelly Sheridan, Staff Editor, Dark Reading, 4/17/2019

Facebook Accidentally Imported 1.5M Users' Email Data Sans Consent

Dark Reading Staff 4/18/2019

Live Events

Webinars

More UBM Tech
Live Events

Drive Your Business and Career Forward at Interop19

Interop 2019 - The Unbiased IT Conference

White Papers

Security in the New World of Containers & Serverless

6 Keys to Faster Phishing Mitigation

The Race is On -- Stop Zero-Hour Phishing Attacks

Brochure: Ribbon Discover

Cybersecurity & The Internet of Medical Things

More White Papers

Video

All Risk Videos

Cartoon

Latest Comment: Bill just doesn't realize it's more than a 2 dimensional world.

Cartoon Archive

Current Issue

5 Emerging Cyber Threats to Watch for in 2019

Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Enterprises Are Developing Secure Applications

IT security and application development are disparate processes that are increasingly coming together. Here's a look at how that's happening.

Download Now!

The State of Cyber Security Incident Response

0 comments

How Enterprises Are Attacking the Cybersecurity Problem

0 comments

How Enterprises Are Using IT Threat Intelligence

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-11378
PUBLISHED: 2019-04-20

An issue was discovered in ProjectSend r1053. upload-process-form.php allows finished_files[]=../ directory traversal. It is possible for users to read arbitrary files and (potentially) access the supporting database, delete arbitrary files, access user passwords, or run arbitrary code.

CVE-2019-11372
PUBLISHED: 2019-04-20

An out-of-bounds read in MediaInfoLib::File__Tags_Helper::Synched_Test in Tag/File__Tags.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash.

CVE-2019-11373
PUBLISHED: 2019-04-20

An out-of-bounds read in File__Analyze::Get_L8 in File__Analyze_Buffer.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash.

CVE-2019-11374
PUBLISHED: 2019-04-20

74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the index.php?m=Admin&c=admin&a=add URI.

CVE-2019-11375
PUBLISHED: 2019-04-20

Msvod v10 has a CSRF vulnerability to change user information via the admin/member/edit.html URI.

Terms of Service
Privacy Statement
Legal Entities