Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Careers and People
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
Botnet Infects Hundreds of Thousands of Websites
Need for 'Guardrails' in Cloud-Native Applications Intensifies
Securing Slack: 5 Tips for Safer Messaging, Collaboration
COVID-19: Latest Security News & Commentary
News & Commentary
First the Good News: Number of Breaches Down 51% Year Over Year
Robert Lemos, Contributing WriterNews
But the number of records put at risk experiences a massive increase. Here's why.
By Robert Lemos Contributing Writer, 10/29/2020
Comment0 comments  |  Read  |  Post a Comment
McAfee Launches XDR, Browser Isolation, Cloud App Security Tools
Dark Reading Staff, Quick Hits
New additions are built to help organizations better respond to threats and protect applications and data in the cloud.
By Dark Reading Staff , 10/29/2020
Comment0 comments  |  Read  |  Post a Comment
Hackers Make Off With Millions From Wisconsin Republicans
Dark Reading Staff, Quick Hits
According to the Wisconsin Republican Party, thieves used altered invoices to make off with $2.3 million in election funds.
By Dark Reading Staff , 10/29/2020
Comment0 comments  |  Read  |  Post a Comment
Ransomware Wave Targets US Hospitals: What We Know So Far
Kelly Sheridan, Staff Editor, Dark ReadingNews
A joint advisory from the CISA, FBI, and HHS warns of an "increased and imminent" threat to US hospitals and healthcare providers.
By Kelly Sheridan Staff Editor, Dark Reading, 10/29/2020
Comment0 comments  |  Read  |  Post a Comment
How Healthcare Organizations Can Combat Ransomware
Mike Wilson, Founder & CTO, EnzoicCommentary
The days of healthcare organizations relying solely on endpoint security software to stop attacks are over. Here are six ways that healthcare providers can fight the ever-present threat.
By Mike Wilson Founder & CTO, Enzoic, 10/29/2020
Comment0 comments  |  Read  |  Post a Comment
Why Defense, Not Offense, Will Determine Global Cyber Powers
Edge Editors, Dark Reading
Darktrace director of strategic threat Marcus Fowlers explains what to expect from nation-state attackers in the months to come -- and why kindergarten classes are a good model for solid cybersecurity.
By Edge Editors Dark Reading, 10/29/2020
Comment0 comments  |  Read  |  Post a Comment
Cybercriminals Aim BEC Attacks at Education Industry
Steve Zurier, Contributing WriterNews
Heightened vulnerability comes at a time when the sector has been focusing on setting up a remote workforce and online learning amid the pandemic.
By Steve Zurier Contributing Writer, 10/29/2020
Comment0 comments  |  Read  |  Post a Comment
Analysis: Forcepoint Can Still Succeed, but It Needs Committed Ownership
Eric Parizo, Senior Analyst, OmdiaCommentary
Raytheon intends to sell Forcepoint to PE firm Francisco Partners. Despite a solid product portfolio and bold strategy, Forcepoint's future is now even more uncertain.
By Eric Parizo Senior Analyst, Omdia, 10/29/2020
Comment0 comments  |  Read  |  Post a Comment
How to Increase Voter Turnout & Reduce Fraud
Husayn Kassai, Co-Founder and CEO, OnfidoCommentary
Digital identity verification has advanced, both technologically and legislatively. Is it the answer to simpler, safer voting?
By Husayn Kassai Co-Founder and CEO, Onfido, 10/29/2020
Comment0 comments  |  Read  |  Post a Comment
'Act of War' Clause Could Nix Cyber Insurance Payouts
Robert Lemos, Contributing WriterNews
The indictment of six members of the Russian military for the NotPetya ransomware attack places companies on notice that insurance "is not a get-out-of-jail-free card."
By Robert Lemos Contributing Writer, 10/29/2020
Comment2 comments  |  Read  |  Post a Comment
Is Your Encryption Ready for Quantum Threats?
Tim Hollebeek, Industry and Standards Technical Strategist at DigiCertCommentary
Answers to these five questions will help security teams defend against attackers in the post-quantum computing era.
By Tim Hollebeek Industry and Standards Technical Strategist at DigiCert, 10/29/2020
Comment0 comments  |  Read  |  Post a Comment
Breaking the Glass Ceiling: Tough for Women, Tougher for Women of Color
Kelly Sheridan, Staff Editor, Dark ReadingNews
Security practitioners shed light on obstacles limiting career growth and the steps businesses can take to achieve their promises of a more diverse workforce.
By Kelly Sheridan Staff Editor, Dark Reading, 10/28/2020
Comment1 Comment  |  Read  |  Post a Comment
US Government Issues Warning on Kimsuky APT Group
Dark Reading Staff, Quick Hits
The joint alert, from CISA, the FBI, and others, describes activities from the North Korean advanced persistent threat group.
By Dark Reading Staff , 10/28/2020
Comment0 comments  |  Read  |  Post a Comment
6 Ways Passwords Fail Basic Security Tests
Curtis Franklin Jr., Senior Editor at Dark Reading
New data shows humans still struggle with password creation and management.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 10/28/2020
Comment2 comments  |  Read  |  Post a Comment
Rethinking Security for the Next Normal -- Under Pressure
Justin Tibbs & Zane Lackey, CSO, National Security Practice, Presidio, and Zane Lackey, CSO & Co-Founder of Signal SciencesCommentary
By making a commitment to a unified approach to security, then doing what's necessary to operationalize it, organizations can establish a better security model for the next normal.
By Justin Tibbs & Zane Lackey CSO, National Security Practice, Presidio, and Zane Lackey, CSO & Co-Founder of Signal Sciences, 10/28/2020
Comment0 comments  |  Read  |  Post a Comment
Trump Campaign Website Defaced by Unknown Attackers
Dark Reading Staff, Quick Hits
Individuals behind the brief Tuesday night incident posted anti-Trump sentiments and appeared to solicit cryptocurrency.
By Dark Reading Staff , 10/28/2020
Comment0 comments  |  Read  |  Post a Comment
Tracking Down the Web Trackers
Seth Rosenblatt, Contributing Writer
Third-party Web trackers might be following your website visitors' every step. How can new tools like Blacklight help you stop them in their tracks?
By Seth Rosenblatt Contributing Writer, 10/28/2020
Comment0 comments  |  Read  |  Post a Comment
Physical Security Has a Lot of Catching Up to Do
Peter George, Chief Executive Officer at Evolv TechnologyCommentary
The transformation we need: merging the network operations center with the physical security operations center.
By Peter George Chief Executive Officer at Evolv Technology, 10/28/2020
Comment0 comments  |  Read  |  Post a Comment
Survey Uncovers High Level of Concern Over Firewalls
Jai Vijayan, Contributing WriterNews
More than half of respondents are planning to reduce their network firewall footprint because of what they see as limitations in the technology.
By Jai Vijayan Contributing Writer, 10/27/2020
Comment0 comments  |  Read  |  Post a Comment
Chinese Attackers' Favorite Flaws Prove Global Threats, Research Shows
Kelly Sheridan, Staff Editor, Dark ReadingNews
Following the NSA's list of 25 security flaws often weaponized by Chinese attackers, researchers evaluated how they're used around the world.
By Kelly Sheridan Staff Editor, Dark Reading, 10/27/2020
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Products & Releases
Contrast Security Launches Platform Delivering Comprehensive Security Observability to Secure Web Apps Across SDLC
Micron and Tata Communications Accelerate IoT Deployment With Cloud-Based Virtual SIM
Theta Lake Raises $12.7 Million In Series A Funding, Led by Lightspeed Venture Partners
Sophos Launches Rapid Response Service to Identify and Neutralize Active Cybersecurity Attacks
Axio Offers Free Cybersecurity Program Assessment Tools
Offensive Security Continues to Expand Security Training and Certification Offerings with New Advanced Pentest Training Course
Nozomi Networks Pioneers SaaS Security and Visibility Solution for Dynamic IoT and OT Networks
Former eBay Employee Pleads Guilty in Aggressive Cyberstalking Campaign
More Products & Releases
PR Newswire
Security Now Joins Dark Reading

Find out more about the combination of two of the industry's leading cybersecurity news sites.

Why Defense, Not Offense, Will Determine Global Cyber Powers
Darktrace director of strategic threat Marcus Fowlers explains what to expect from nation-state attackers in the months to come -- and why kindergarten classes are a good model for solid cybersecurity.
Tracking Down the Web Trackers
Third-party Web trackers might be following your website visitors' every step. How can new tools like Blacklight help you stop them in their tracks?
Teach Your Employees Well: How to Spot Smishing & Vishing Scams
One of the best ways to keep employees from falling victim to these social-engineering attacks is to teach them the signs.
Register for Dark Reading Newsletters
Cartoon
White Papers
Current Issue
How to Measure and Reduce Cybersecurity Risk in Your Organization
In this Tech Digest, we examine the difficult practice of measuring cyber-risk that has long been an elusive target for enterprises. Download it today!
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27885
PUBLISHED: 2020-10-29
Cross-Site Scripting (XSS) vulnerability on WSO2 API Manager 3.1.0. By exploiting a Cross-site scripting vulnerability the attacker can hijack a logged-in user’s session by stealing cookies which means that a malicious hacker can change the logged-in user’s pass...
CVE-2020-25646
PUBLISHED: 2020-10-29
A flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private key in logs. This directly impacts confidentiality
CVE-2020-26205
PUBLISHED: 2020-10-29
Sal is a multi-tenanted reporting dashboard for Munki with the ability to display information from Facter. In Sal through version 4.1.6 there is an XSS vulnerability on the machine_list view.
CVE-2020-14323
PUBLISHED: 2020-10-29
A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.
CVE-2020-27886
PUBLISHED: 2020-10-29
An issue was discovered in EyesOfNetwork eonweb 5.3-7 through 5.3-8. The eonweb web interface is prone to a SQL injection, allowing an unauthenticated attacker to exploit the username_available function of the includes/functions.php file (which is called by login.php).
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Flash Poll
Video
Slideshows
Twitter Feed