Real-World Threats That Trump Spectre & Meltdown
8 Tips for Monitoring Cloud Security
7 Privacy Mistakes That Keep Security Pros on Their Toes
6 Serverless and Containerization Trends CISOs Should Track
6 Ways to Beat Back BEC Attacks
News & Commentary
RF Hacking Research Exposes Danger to Construction Sites
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Trend Micro team unearthed 17 vulnerabilities among seven vendors' remote controller devices.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 1/23/2019
Comment0 comments  |  Read  |  Post a Comment
DHS Issues Emergency Directive on DNS Security
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
All government domain owners are instructed to take immediate steps to strengthen the security of their DNS servers following a successful hacking campaign.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 1/23/2019
Comment0 comments  |  Read  |  Post a Comment
'Anatova' Emerges as Potentially Major New Ransomware Threat
Jai Vijayan, Freelance writerNews
Modular design, ability to infect network shares make the malware dangerous, McAfee says.
By Jai Vijayan Freelance writer, 1/23/2019
Comment0 comments  |  Read  |  Post a Comment
Aging PCs Running Out-of-Date Software Bring Security Worries
Dark Reading Staff, Quick Hits
Age is an issue with application languages and frameworks, too.
By Dark Reading Staff , 1/23/2019
Comment0 comments  |  Read  |  Post a Comment
The Evolution of SIEM
Chetan Mundhada, Vice President of Sales at NETMONASTERYCommentary
Expectations for these security information and event management systems have grown over the years, in ways that just aren't realistic.
By Chetan Mundhada Vice President of Sales at NETMONASTERY, 1/23/2019
Comment0 comments  |  Read  |  Post a Comment
Google Creates Online Phishing Quiz
Dark Reading Staff, Quick Hits
Google Alphabet incubator Jigsaw says knowing how to spot a phish plus two-factor authentication are the best defenses against falling for a phishing email.
By Dark Reading Staff , 1/23/2019
Comment1 Comment  |  Read  |  Post a Comment
Cybercriminals Home in on Ultra-High Net Worth Individuals
Steve Zurier, Freelance WriterNews
Research shows that better corporate security has resulted in some hackers shifting their sights to the estates and businesses of wealthy families.
By Steve Zurier Freelance Writer, 1/23/2019
Comment0 comments  |  Read  |  Post a Comment
Think Twice Before Paying a Ransom
Jadee Hanson, CISO and VP of Information Systems at Code42Commentary
Why stockpiling cryptocurrency or paying cybercriminals is not the best response.
By Jadee Hanson CISO and VP of Information Systems at Code42, 1/23/2019
Comment0 comments  |  Read  |  Post a Comment
Enterprise Malware Detections Up 79% as Attackers Refocus
Kelly Sheridan, Staff Editor, Dark ReadingNews
A new report on the state of malware shows a spike in B2B malware, with former banking Trojans Emotet and TrickBot topping the list.
By Kelly Sheridan Staff Editor, Dark Reading, 1/23/2019
Comment0 comments  |  Read  |  Post a Comment
Stealthy New DDoS Attacks Target Internet Service Providers
Jai Vijayan, Freelance writerNews
Adversaries took advantage of the large attack surface of large communications networks to spread small volumes of junk traffic across hundreds of IP prefixes in Q3 2018, Nexusguard says.
By Jai Vijayan Freelance writer, 1/22/2019
Comment0 comments  |  Read  |  Post a Comment
Hack of Plug-in Website Ruffles WordPress Community
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
An intruder thought to be a former employee used a backdoor into the WPML website to skim email addresses and send a mass email blast.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 1/22/2019
Comment0 comments  |  Read  |  Post a Comment
Security Talent Continues to Fetch Top Dollar on IT Job Market
Dark Reading Staff, Quick Hits
IT and cybersecurity positions continue to rank near the top of the salary ranges paid to IT professionals, according to a new survey.
By Dark Reading Staff , 1/22/2019
Comment1 Comment  |  Read  |  Post a Comment
The Fact and Fiction of Homomorphic Encryption
Ameesh Divatia, Co-Founder & CEO of BaffleCommentary
The approach's promise continues to entice cryptographers and academics. But don't expect it to help in the real world anytime soon.
By Ameesh Divatia Co-Founder & CEO of Baffle, 1/22/2019
Comment0 comments  |  Read  |  Post a Comment
Real-World Threats That Trump Spectre & Meltdown
Curtis Franklin Jr., Senior Editor at Dark Reading
New side-channel attacks are getting lots of attention, but other more serious threats should top your list of threats.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 1/22/2019
Comment0 comments  |  Read  |  Post a Comment
How Cybercriminals Clean Their Dirty Money
 Alexon Bell, Global Head of AML & Compliance, QuantexaCommentary
By using a combination of new cryptocurrencies and peer-to-peer marketplaces, cybercriminals are laundering up to an estimated $200 billion in ill-gotten gains a year. And that's just the beginning.
By Alexon Bell Global Head of AML & Compliance, Quantexa, 1/22/2019
Comment5 comments  |  Read  |  Post a Comment
Google Hit With $57 Million GDPR Fine in France
Dark Reading Staff, Quick Hits
The fine represents the first major penalty for a US technology company under the new European regulations.
By Dark Reading Staff , 1/21/2019
Comment0 comments  |  Read  |  Post a Comment
Shadow IT, IaaS & the Security Imperative
Sanjay Kalra, Co-Founder & Chief Strategy Officer at LaceworkCommentary
Organizations must strengthen their security posture in cloud environments. That means considering five critical elements about their infrastructure, especially when it operates as an IaaS.
By Sanjay Kalra Co-Founder & Chief Strategy Officer at Lacework, 1/21/2019
Comment1 Comment  |  Read  |  Post a Comment
2018's Most Common Vulnerabilities Include Issues New and Old
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
The most common vulnerabilities seen last year run the gamut from cross-site scripting to issues with CMS platforms.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 1/18/2019
Comment0 comments  |  Read  |  Post a Comment
VC Investments in Cybersecurity Hit Record Highs in 2018
Jai Vijayan, Freelance writerNews
But rate of funding appears unsustainable, according to Strategic Cyber Ventures.
By Jai Vijayan Freelance writer, 1/18/2019
Comment0 comments  |  Read  |  Post a Comment
GDPR Suit Filed Against Amazon, Apple
Dark Reading Staff, Quick Hits
An Austrian non-profit, led by privacy activist and attorney Max Schrems, has filed suit against 8 tech giants for non-compliance with the EU General Data Protection Regulation.
By Dark Reading Staff , 1/18/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
How Cybercriminals Clean Their Dirty Money
Alexon Bell, Global Head of AML & Compliance, Quantexa,  1/22/2019
Facebook Shuts Hundreds of Russia-Linked Pages, Accounts for Disinformation
Sara Peters, Senior Editor at Dark Reading,  1/17/2019
Register for Dark Reading Newsletters
Cartoon Contest
White Papers
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-0187
PUBLISHED: 2019-01-23
A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain confidential information for privileged accounts. The vulnerability is due to the improper handling of confidential information. An attacker could exploit this vulnerab...
CVE-2018-10009
PUBLISHED: 2019-01-23
A path traversal vulnerability exists in the Stapler web framework used by Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/org/kohsuke/stapler/Facet.java, groovy/src/main/java/org/kohsuke/stapler/jelly/groovy/GroovyFacet.java, jelly/src/main/java/org/kohsuke/stapler/jelly/Je...
CVE-2018-15455
PUBLISHED: 2019-01-23
A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to the improper validation of requests stored in the system's logging database. An attacker could exploit this ...
CVE-2018-15459
PUBLISHED: 2019-01-23
A vulnerability in the administrative web interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to gain additional privileges on an affected device. The vulnerability is due to improper controls on certain pages in the web interface. An attacker could exploi...
CVE-2019-1636
PUBLISHED: 2019-01-23
A vulnerability in the Cisco Webex Teams client, formerly Cisco Spark, could allow an attacker to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI that is defined in Windows operating systems. An attacker could exploit this...
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Flash Poll
Video
Slideshows
Twitter Feed