Database Security
Authentication
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
20 Cybersecurity Firms to Watch
The Morris Worm Turns 30
What You Should Know About Grayware (and What to Do About It)
7 Non-Computer Hacks That Should Never Happen
9 Traits of A Strong Infosec Resume
News & Commentary
2018 On Track to Be One of the Worst Ever for Data Breaches
Jai Vijayan, Freelance writerNews
A total of 3,676 breaches involving over 3.6 billion records were reported in the first nine months of this year alone.
By Jai Vijayan Freelance writer, 11/12/2018
Comment0 comments  |  Read  |  Post a Comment
Paris Agreement on Cybercrime Falls Short of Unanimous Agreement
Dark Reading Staff, Quick Hits
More than 50 nations and 150 global companies agree to join effort to fight cybercrime.
By Dark Reading Staff , 11/12/2018
Comment0 comments  |  Read  |  Post a Comment
Veterans Find New Roles in Enterprise Cybersecurity
Kelly Sheridan, Staff Editor, Dark ReadingNews
Facebook and Synack create programs to educate vets and grow employment opportunities while shrinking the cybersecurity talent gap.
By Kelly Sheridan Staff Editor, Dark Reading, 11/12/2018
Comment0 comments  |  Read  |  Post a Comment
7 Cool New Security Tools to be Revealed at Black Hat Europe
Ericka Chickowski, Contributing Writer, Dark Reading
Black Hat Europe's Arsenal lineup will include demoes of new security tools, from AI malware research to container orchestration.
By Ericka Chickowski Contributing Writer, Dark Reading, 11/12/2018
Comment0 comments  |  Read  |  Post a Comment
Cyberattacks Top Business Risks in North America, Europe, EAP
Dark Reading Staff, Quick Hits
The World Economic Forum reports cyberattacks are a top enterprise concern following WannaCry and the rise of e-commerce.
By Dark Reading Staff , 11/12/2018
Comment0 comments  |  Read  |  Post a Comment
'CARTA': A New Tool in the Breach Prevention Toolbox
Christopher Acton, VP, Security Services and Customer Success, RiskSenseCommentary
Gartner's continuous adaptive risk and trust assessment for averting a data breach addresses the shortcomings of static security programs.
By Christopher Acton VP, Security Services and Customer Success, RiskSense, 11/12/2018
Comment0 comments  |  Read  |  Post a Comment
Inside CSAW, a Massive Student-Led Cybersecurity Competition
Kelly Sheridan, Staff Editor, Dark ReadingNews
Nearly 400 high school, undergraduate, and graduate students advance to the final round of New York University's CSAW games.
By Kelly Sheridan Staff Editor, Dark Reading, 11/9/2018
Comment0 comments  |  Read  |  Post a Comment
Dropbox Teams with Israeli Security Firm Coronet
Dark Reading Staff, Quick Hits
The partnership is expected to improve threat detection for Dropbox while growing Coronet's user base.
By Dark Reading Staff , 11/9/2018
Comment0 comments  |  Read  |  Post a Comment
What You Should Know About Grayware (and What to Do About It)
Curtis Franklin Jr., Senior Editor at Dark Reading
Grayware is a tricky security problem, but there are steps you can take to defend your organization when you recognize the risk.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/9/2018
Comment0 comments  |  Read  |  Post a Comment
Guilty Plea Made in Massive International Cell Phone Fraud Case
Dark Reading Staff, Quick Hits
A former West Palm Beach resident is the fifth defendant to plead guilty in a case involving thousands of victims.
By Dark Reading Staff , 11/9/2018
Comment0 comments  |  Read  |  Post a Comment
The Morris Worm Turns 30
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
How the historic Internet worm attack of 1988 has shaped security – or not.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 11/9/2018
Comment0 comments  |  Read  |  Post a Comment
Vulnerabilities in Our Infrastructure: 5 Ways to Mitigate the Risk
Michael Fabian, Principal Security Consultant, SynopsysCommentary
By teaming up to address key technical and organizational issues, information and operational security teams can improve the resiliency and safety of their infrastructure systems.
By Michael Fabian Principal Security Consultant, Synopsys, 11/9/2018
Comment0 comments  |  Read  |  Post a Comment
Symantec Uncovers North Korean Group's ATM Attack Malware
Jai Vijayan, Freelance writerNews
Lazarus Group has been using FastCash Trojan on obsolete AIX servers to empty tens of millions of dollars from ATMs.
By Jai Vijayan Freelance writer, 11/8/2018
Comment0 comments  |  Read  |  Post a Comment
Microsoft President: Governments Must Cooperate on Cybersecurity
Kelly Sheridan, Staff Editor, Dark ReadingNews
Microsoft's Brad Smith calls on nations and businesses to work toward "digital peace" and acknowledge the effects of cybercrime.
By Kelly Sheridan Staff Editor, Dark Reading, 11/8/2018
Comment3 comments  |  Read  |  Post a Comment
User Behavior Analytics Could Find a Home in the OT World of the IIoT
Satish Gannu, Chief Security Officer, ABBCommentary
The technology never really took off in IT, but it could be very helpful in the industrial world.
By Satish Gannu Chief Security Officer, ABB, 11/8/2018
Comment0 comments  |  Read  |  Post a Comment
Banking Malware Takes Aim at Brazilians
Dark Reading Staff, Quick Hits
Two malware distribution campaigns are sending banking Trojans to customers of financial institutions in Brazil.
By Dark Reading Staff , 11/8/2018
Comment0 comments  |  Read  |  Post a Comment
5 Things the Most Secure Software Companies Do (and How You Can Be Like Them)
Oege de Moor, CEO and Co-Founder at SemmleCommentary
What sets apart the largest and most innovative software engineering organizations? These five approaches are a good way to start, and they won't break the bank.
By Oege de Moor CEO and Co-Founder at Semmle, 11/8/2018
Comment1 Comment  |  Read  |  Post a Comment
New Side-Channel Attacks Target Graphics Processing Units
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A trio of new attacks bypass CPUs to wring data from vulnerable GPUs.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/7/2018
Comment0 comments  |  Read  |  Post a Comment
Finding Gold in the Threat Intelligence Rush
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers sift through millions of threat intel observations to determine where to best find valuable threat data.
By Kelly Sheridan Staff Editor, Dark Reading, 11/7/2018
Comment0 comments  |  Read  |  Post a Comment
Crytpocurrency Exchange Targeted Via Attack on Web Traffic Analysis Firm
Jai Vijayan, Freelance writerNews
"Island-hopping" attackers breached StatCounter so they could get to users of gate.io.
By Jai Vijayan Freelance writer, 11/7/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Products & Releases
CMMI Institute Updates Cybermaturity Platform with Practices to Build Cybersecurity Resilience
Phishing Attacks Exceed 137 Million in Q3: Kaspersky Lab
DH2i Launches DxOdyssey for Zero Trust Hybrid/Multi-Cloud Security
Romanian Indicted in Pittsburgh for Bank Fraud Scheme that Used ATM Skimming Devices
Shape Security Raises $26M Round
UC Berkeley Launches Cybersecurity "Citizen Clinic"
Arctic Wolf Lands $45 Million in New Funding to Accelerate Company Growth
Explosive IoT Growth Slowed by 'Early Adopter Paradox'
More Products & Releases
PR Newswire
Microsoft President: Governments Must Cooperate on Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/8/2018
Why the CISSP Remains Relevant to Cybersecurity After 28 Years
Steven Paul Romero, SANS Instructor and Sr. SCADA Network Engineer, Chevron,  11/6/2018
5 Reasons Why Threat Intelligence Doesn't Work
Jonathan Zhang, CEO/Founder of WhoisXML API and TIP,  11/7/2018
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
A Cybersecurity Christmas Story
Automation and orchestration will be essential components of security in 2017. Read >>
Partner Perspectives
What's This?
'Insider Sabotage' among Top 3 Threats CISOs Can't yet Handle
These five steps can help your organizations limit the risks from disgruntled employees and user errors. Read >>
Partner Perspectives
What's This?
A Sneak Peek at the New NIST Cybersecurity Framework
Key focus areas include supply chain risks, identity management, and cybersecurity risk assessment and measurement. Read >>
Partner Perspectives
What's This?
Cloud Misconceptions Are Pervasive Across Enterprises
Shadow IT is rampant at many organizations that rely upon cloud-delivered tools and services to enable remote work, according to a new study. Here's what security teams need to do about it. Read >>
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Continuous Compliance and Effective Audit Preparation for the Cloud
Why audits are a necessary evil, and how they can actually help you improve your brand value. Read >>
Partner Perspectives
What's This?
Boosting Security Effectiveness with 'Adjuvants'
How integrating corporate resources like the IT help desk, system administration, quality assurance and HR can breathe new life into your security program. Read >>
Partner Perspectives
What's This?
Breach Defense Playbook: Cybersecurity Governance
Time to leave the island: Integrate cybersecurity into your risk management strategy. Read >>
Partner Perspectives
What's This?
Let's Get Smarter About Security By Working Together
We all need help, and only by working together can we move the needle on security. Read >>
Partner Perspectives
What's This?
WanaCrypt0r Hits Worldwide
Consumers and businesses should be sure their Windows systems and software are updated with all current patches in order to stop the spread of this dangerous ransomware attack. Read >>
Partner Perspectives
What's This?
Endpoint Security: Putting The Focus On What Matters
Five tips to help sift through the noise and focus on actions that can dramatically impact your endpoint security program. Read >>
Cartoon
White Papers
Current Issue
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19220
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to execute arbitrary PHP code via the host parameter to the install/ URI.
CVE-2018-19221
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. It allows SQL Injection via the admin/login.php guanliyuan parameter.
CVE-2018-19222
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. It allows a /install/mysql_hy.php?riqi=0&i=0 attack to reset the admin password, even if install.txt exists.
CVE-2018-19223
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. It allows XSS via the first input field to the admin/type.php?id=1 URI.
CVE-2018-19224
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. /admin/login.php allows spoofing of the id and guanliyuan cookies.
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Flash Poll
Video
Slideshows
Twitter Feed