Threat Intelligence

News & Commentary
Report: Tens of Thousands of E-Commerce Sites at Heightened Security Risk
Dark Reading Staff, Quick Hits
Report delivered at Payment Card Industry Security Standards Council meeting flags issues in deployments of Magento, a popular e-commerce platform.
By Dark Reading Staff , 11/20/2018
Comment0 comments  |  Read  |  Post a Comment
6,500 Dark Web Sites Offline After Hosting Service Attacked
Dark Reading Staff, Quick Hits
The actor behind the attack on Daniel's Hosting, and their initial point of entry, remain unknown.
By Dark Reading Staff , 11/20/2018
Comment0 comments  |  Read  |  Post a Comment
Vulnerabilities Dip 7%, but Researchers Are Cautious
Kelly Sheridan, Staff Editor, Dark ReadingNews
Risk Based Security reports 16,172 bugs disclosed through the end of October, but researchers warn things may change.
By Kelly Sheridan Staff Editor, Dark Reading, 11/19/2018
Comment1 Comment  |  Read  |  Post a Comment
7 Holiday Security Tips for Retailers
Steve Zurier, Freelance Writer
It's the most wonderful time of the year and hackers are ready to pounce. Here's how to prevent them from wreaking holiday havoc.
By Steve Zurier Freelance Writer, 11/19/2018
Comment0 comments  |  Read  |  Post a Comment
Instagram Privacy Tool Exposed Passwords
Dark Reading Staff, Quick Hits
The 'Download Your Data' tool, intended to improve users' privacy, actually became a privacy risk.
By Dark Reading Staff , 11/19/2018
Comment0 comments  |  Read  |  Post a Comment
26M Texts Exposed in Poorly Secured Vovox Database
Dark Reading Staff, Quick Hits
The server, which lacked password protection, contained tens of millions of SMS messages, two-factor codes, shipping alerts, and other user data.
By Dark Reading Staff , 11/16/2018
Comment0 comments  |  Read  |  Post a Comment
AI Poised to Drive New Wave of Exploits
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Criminals are ready to use AI to dramatically speed the process of finding zero-day vulnerabilities in systems.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/16/2018
Comment0 comments  |  Read  |  Post a Comment
Cloud, China, Generic Malware Top Security Concerns for 2019
Kelly Sheridan, Staff Editor, Dark ReadingNews
FireEye researchers unveil an extensive list of security risks waiting in the new year's wings.
By Kelly Sheridan Staff Editor, Dark Reading, 11/15/2018
Comment0 comments  |  Read  |  Post a Comment
Black Hat: European Security Pros Wrestling With Potential Breaches, Privacy Issues
Tim Wilson, Editor in Chief, Dark Reading, News
Black Hat Europe attendee survey shows European cybersecurity leaders are uncertain of their ability to protect end user data and are fearful of a near-term breach of critical infrastructure.
By Tim Wilson, Editor in Chief, Dark Reading , 11/14/2018
Comment0 comments  |  Read  |  Post a Comment
Airlines Have a Big Problem with Bad Bots
Kelly Sheridan, Staff Editor, Dark ReadingNews
Bad bots account for 43.9% of all traffic on their websites, APIs, and mobile apps, according to a new analysis of 100 airlines.
By Kelly Sheridan Staff Editor, Dark Reading, 11/14/2018
Comment0 comments  |  Read  |  Post a Comment
Microsoft Patch Tuesday Recap: 12 Critical Bugs Fixed
Dark Reading Staff, Quick Hits
Eight of the 12 critical vulnerabilities addressed this month affect the Chakra Scripting Engine in Microsoft Edge.
By Dark Reading Staff , 11/13/2018
Comment0 comments  |  Read  |  Post a Comment
Getting to Know Magecart: An Inside Look at 7 Groups
Kelly Sheridan, Staff Editor, Dark ReadingNews
A new report spills the details on Magecart, the criminal groups driving it, and ongoing attacks targeting low- and high-profile victims.
By Kelly Sheridan Staff Editor, Dark Reading, 11/13/2018
Comment0 comments  |  Read  |  Post a Comment
Google Traffic Temporarily Rerouted via Russia, China
Kelly Sheridan, Staff Editor, Dark ReadingNews
The incident, which Google reports is now resolved, could be the result of either technical mistakes or malicious activity.
By Kelly Sheridan Staff Editor, Dark Reading, 11/13/2018
Comment0 comments  |  Read  |  Post a Comment
Sophisticated Campaign Targets Pakistan's Air Force
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Espionage campaign uses a variety of new evasion techniques.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/13/2018
Comment0 comments  |  Read  |  Post a Comment
2018 on Track to Be One of the Worst Ever for Data Breaches
Jai Vijayan, Freelance writerNews
A total of 3,676 breaches involving over 3.6 billion records were reported in the first nine months of this year alone.
By Jai Vijayan Freelance writer, 11/12/2018
Comment1 Comment  |  Read  |  Post a Comment
Inside CSAW, a Massive Student-Led Cybersecurity Competition
Kelly Sheridan, Staff Editor, Dark ReadingNews
Nearly 400 high school, undergraduate, and graduate students advance to the final round of New York University's CSAW games.
By Kelly Sheridan Staff Editor, Dark Reading, 11/9/2018
Comment0 comments  |  Read  |  Post a Comment
Microsoft President: Governments Must Cooperate on Cybersecurity
Kelly Sheridan, Staff Editor, Dark ReadingNews
Microsoft's Brad Smith calls on nations and businesses to work toward "digital peace" and acknowledge the effects of cybercrime.
By Kelly Sheridan Staff Editor, Dark Reading, 11/8/2018
Comment3 comments  |  Read  |  Post a Comment
Banking Malware Takes Aim at Brazilians
Dark Reading Staff, Quick Hits
Two malware distribution campaigns are sending banking Trojans to customers of financial institutions in Brazil.
By Dark Reading Staff , 11/8/2018
Comment0 comments  |  Read  |  Post a Comment
Finding Gold in the Threat Intelligence Rush
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers sift through millions of threat intel observations to determine where to best find valuable threat data.
By Kelly Sheridan Staff Editor, Dark Reading, 11/7/2018
Comment0 comments  |  Read  |  Post a Comment
Why Password Management and Security Strategies Fall Short
Steve Zurier, Freelance WriterNews
Researchers say companies need to rethink their password training and take a more holistic approach to security.
By Steve Zurier Freelance Writer, 11/7/2018
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by mousemicky800
Current Conversations Very Helpful
In reply to: home
Post Your Own Reply
More Conversations
New Bluetooth Hack Affects Millions of Vehicles
Dark Reading Staff 11/16/2018
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19406
PUBLISHED: 2018-11-21
kvm_pv_send_ipi in arch/x86/kvm/lapic.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where the apic map is uninitialized.
CVE-2018-19407
PUBLISHED: 2018-11-21
The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.
CVE-2018-19404
PUBLISHED: 2018-11-21
In YXcms 1.4.7, protected/apps/appmanage/controller/indexController.php allow remote authenticated Administrators to execute any PHP code by creating a ZIP archive containing a config.php file, hosting the .zip file at an external URL, and visiting index.php?r=appmanage/index/onlineinstall&url= ...
CVE-2018-19387
PUBLISHED: 2018-11-20
format_cb_pane_tabs in format.c in tmux 2.7 through 2.8 might allow attackers to cause a denial of service (NULL Pointer Dereference and application crash) by arranging for a malloc failure.
CVE-2018-19388
PUBLISHED: 2018-11-20
FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read, access violation, and application crash) via TIFF data because of a ConvertToPDF_x86!ReleaseFXURLToHtml issue.