Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
2019 Pwnie Award Winners (And Those Who Wish They Weren't)
7 Online Safety Tips for College Students
8 Head-Turning Ransomware Attacks to Hit City Governments
Contest: Name That Toon
Moving on Up: Ready for Your Apps to Live in the Cloud?
News & Commentary
Compliance Training? What Compliance Training?
Beyond the Edge, Dark Reading
By Beyond the Edge Dark Reading, 8/19/2019
Comment0 comments  |  Read  |  Post a Comment
Google Analyzes Pilfered Password Reuse
Dark Reading Staff, Quick Hits
Password Checkup data shows some users still reuse their exposed passwords.
By Dark Reading Staff , 8/16/2019
Comment1 Comment  |  Read  |  Post a Comment
Project Zero Turns 5: How Google's Zero-Day Hunt Has Grown
Kelly Sheridan, Staff Editor, Dark ReadingNews
At Black Hat USA, Project Zero's team lead shared details of projects it has accomplished and its influence on the security community.
By Kelly Sheridan Staff Editor, Dark Reading, 8/16/2019
Comment1 Comment  |  Read  |  Post a Comment
European Central Bank Website Hit by Malware Attack
Dark Reading Staff, Quick Hits
The website was infected with malware that stole information on subscribers to a bank newsletter.
By Dark Reading Staff , 8/16/2019
Comment1 Comment  |  Read  |  Post a Comment
Beat the Heat: Dark Reading Caption Contest Winners
Marilyn Cohodas, Managing Editor, Dark ReadingCommentary
Phishing, token codes, training, MFA, polluted data entry, and whales. And the winners are ...
By Marilyn Cohodas Managing Editor, Dark Reading, 8/16/2019
Comment0 comments  |  Read  |  Post a Comment
Behind the Scenes at ICS Village
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
ICS Village co-founder Bryson Bort reveals plans for research-dedicated events that team independent researchers, critical infrastructure owners, and government specialists.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/16/2019
Comment0 comments  |  Read  |  Post a Comment
More Than 20 Data Breaches Reported Per Day in First Half of 2019
Jai Vijayan, Contributing WriterNews
But incidents involving SSNs, addresses, birth dates were smaller than in previous years.
By Jai Vijayan Contributing Writer, 8/15/2019
Comment0 comments  |  Read  |  Post a Comment
NSA Researchers Talk Development, Release of Ghidra SRE Tool
Kelly Sheridan, Staff Editor, Dark ReadingNews
NSA researchers took the Black Hat stage to share details of how they developed and released the software reverse-engineering framework.
By Kelly Sheridan Staff Editor, Dark Reading, 8/15/2019
Comment0 comments  |  Read  |  Post a Comment
Adware, Trojans Hit Education Sector Hard
Robert Lemos, Contributing WriterNews
Students continue to be weak links for schools and universities, according to data from security firm Malwarebytes.
By Robert Lemos Contributing Writer, 8/15/2019
Comment0 comments  |  Read  |  Post a Comment
New Research Finds More Struts Vulnerabilities
Dark Reading Staff, Quick Hits
Despite aggressive updating and patching, many organizations are still using versions of Apache Struts with known -- and new -- vulnerabilities.
By Dark Reading Staff , 8/15/2019
Comment0 comments  |  Read  |  Post a Comment
The Flaw in Vulnerability Management: It's Time to Get Real
Jim Souders, Chief Executive Officer at AdaptivaCommentary
Companies will never be 100% immune to cyberattacks. But by having a realistic view of the basics, starting with endpoint vulnerabilities, we can build for a safer future.
By Jim Souders Chief Executive Officer at Adaptiva, 8/15/2019
Comment2 comments  |  Read  |  Post a Comment
68% of Companies Say Red Teaming Beats Blue Teaming
Dark Reading Staff, Quick Hits
The majority of organizations surveyed find red team exercises more effective than blue team testing, research shows.
By Dark Reading Staff , 8/15/2019
Comment0 comments  |  Read  |  Post a Comment
The Mainframe Is Seeing a Resurgence. Is Security Keeping Pace?
Ray Overby, Co-Founder & President at Key Resources, Inc.Commentary
The old-school technology is experiencing new popularity, but too many people assume mainframes are inherently secure.
By Ray Overby Co-Founder & President at Key Resources, Inc., 8/15/2019
Comment3 comments  |  Read  |  Post a Comment
7 Biggest Cloud Security Blind Spots
Ericka Chickowski, Contributing Writer
Cloud computing boon is for innovation, yet security organizations find themselves running into obstacles.
By Ericka Chickowski Contributing Writer, 8/15/2019
Comment0 comments  |  Read  |  Post a Comment
5 Things to Know About Cyber Insurance
Joan Goodchild, Contributing Writer
More businesses are recognizing the need for cyber insurance as part of an overall security strategy. Here are some key points to consider when evaluating, purchasing, and relying on a policy.
By Joan Goodchild Contributing Writer, 8/15/2019
Comment1 Comment  |  Read  |  Post a Comment
Financial Phishing Grows in Volume and Sophistication in First Half of 2019
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Criminals are using the tools intended to protect consumers to attack them through techniques that are becoming more successful with each passing month.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/14/2019
Comment0 comments  |  Read  |  Post a Comment
Trend Micro Patches Privilege Escalation Bug in its Password Manager
Jai Vijayan, Contributing WriterNews
Organizations should update to latest build as soon as possible, security vendor says.
By Jai Vijayan Contributing Writer, 8/14/2019
Comment0 comments  |  Read  |  Post a Comment
Stronger Defenses Force Cybercriminals to Rethink Strategy
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers see the rise of new relationships and attack techniques as criminals put companies' resilience to the test.
By Kelly Sheridan Staff Editor, Dark Reading, 8/14/2019
Comment0 comments  |  Read  |  Post a Comment
Why Companies Fail to Learn from Peers' Mistakes (and How They Can Change)
Anurag Kahol, CTO, BitglassCommentary
Far too often, there's a new breach in the headlines. Companies need to start learning some obvious lessons.
By Anurag Kahol CTO, Bitglass, 8/14/2019
Comment1 Comment  |  Read  |  Post a Comment
Attackers Try to Evade Defenses with Smaller DDoS Floods, Probes
Robert Lemos, Contributing WriterNews
Cybercriminals are initiating more attacks using low-bandwidth techniques, but the tactics expand the gray area between DDoS attacks and popular methods of mass scanning.
By Robert Lemos Contributing Writer, 8/14/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Products & Releases
Canon & PrinterLogic Integration Allows for Serverless Printing with Security Features
Microsoft, Imprivata Launch Cloud Access Security Tool for Healthcare
70% of Financial Companies Suffered a Cybersecurity Incident in the Past 12 Months
Code42's Data Loss Detection and Response Capabilities Spot Data Theft When Employees Quit
New Cyber Research Records a 91% Reduction in Dwell Time for Users of Deception Technology
Kaspersky Research Finds Cloud Atlas APT Upgraded with Polymorphic Malware
McAfee to Acquire NanoSec to Enhance Capabilities in Cloud Security
ZeroFOX Expands AI Capabilities to Detect Deepfakes
More Products & Releases
PR Newswire
sponsored by alkamai

The latest on the number of attacks, types of attacks, and threats to enterprises' most critical IT infrastructure.
More businesses are recognizing the need for cyber insurance as part of an overall security strategy. Here are some key points to consider when evaluating, purchasing, and relying on a policy.
As threats continue to evolve and cybercriminals become more sophisticated, organizations that lack a mature security awareness and training program place themselves at serious risk.
Among the complications: traditional security tools work poorly or not at all in the cloud, and if a company screws up, the whole Internet will know.
Register for Dark Reading Newsletters
Cartoon Contest
White Papers
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-15160
PUBLISHED: 2019-08-19
The SweetXml (aka sweet_xml) package through 0.6.6 for Erlang and Elixir allows attackers to cause a denial of service (resource consumption) via an XML entity expansion attack with an inline DTD.
CVE-2019-15150
PUBLISHED: 2019-08-19
In the OAuth2 Client extension before 0.4 for MediaWiki, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function.
CVE-2017-18550
PUBLISHED: 2019-08-19
An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aac_get_hba_info does not initialize the hbainfo structure.
CVE-2017-18551
PUBLISHED: 2019-08-19
An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated.
CVE-2017-18552
PUBLISHED: 2019-08-19
An issue was discovered in net/rds/af_rds.c in the Linux kernel before 4.11. There is an out of bounds write and read in the function rds_recv_track_latency.
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Here’s some insight on what's working – and what isn't – in the data center.
Flash Poll
Video
Slideshows
Twitter Feed