Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
News & Commentary
Most Bluetooth Devices Vulnerable to Impersonation Attacks
Jai Vijayan, Contributing WriterNews
Vulnerabilities in the Bluetooth authentication process give attackers a way to insert rogue devices between two securely paired devices, academic researchers find.
By Jai Vijayan Contributing Writer, 5/21/2020
Comment0 comments  |  Read  |  Post a Comment
Microsoft Reportedly in Talks to Acquire CyberX
Dark Reading Staff, Quick Hits
CyberX was founded in 2013 and has raised $48 million to build its cybersecurity platform for IoT and industrial control systems.
By Dark Reading Staff , 5/6/2020
Comment0 comments  |  Read  |  Post a Comment
Microsoft Challenges Security Researchers to Hack Azure Sphere
Kelly Sheridan, Staff Editor, Dark ReadingNews
Participants can earn up to $100,000 for finding severe flaws in Microsoft's Linux-based Azure Sphere IoT operating system.
By Kelly Sheridan Staff Editor, Dark Reading, 5/5/2020
Comment1 Comment  |  Read  |  Post a Comment
Designing Firmware Resilience for 3 Top Attack Vectors
Burzin Daruwala, Senior Offensive Security Researcher Manager,  Intel Corp.Commentary
Firmware has become an increasingly prevalent target for hackers. Here's how to stop them.
By Burzin Daruwala Senior Offensive Security Researcher Manager, Intel Corp., 5/5/2020
Comment0 comments  |  Read  |  Post a Comment
Industrial Networks' Newest Threat: Remote Users
Dave Weinstein, Chief Security Officer, ClarotyCommentary
We know remote working isn't going away anytime soon, so it's crucial we be extra vigilant about security for industrial networks and critical infrastructure.
By Dave Weinstein Chief Security Officer, Claroty, 5/1/2020
Comment0 comments  |  Read  |  Post a Comment
Health Prognosis on the Security of IoMT Devices? Not Good
Nicole Ferraro, Contributing WriterNews
As more so-called Internet of Medical Things devices go online, hospitals and medical facilities face significant challenges in securing them from attacks that could endanger patients' lives.
By Nicole Ferraro Contributing Writer, 4/25/2020
Comment1 Comment  |  Read  |  Post a Comment
Neglected Infrastructure, Invasive Tech to Plague Infosec in 2022
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers outline cybersecurity threats they predict businesses will face in two years as technology evolves.
By Kelly Sheridan Staff Editor, Dark Reading, 4/16/2020
Comment0 comments  |  Read  |  Post a Comment
Post Pandemic, Technologists Pose Secure Certification for Immunity
Robert Lemos, Contributing WriterNews
Going digital with immunity passports could speed rollout and allow for better warnings of potential hot spots. But security and privacy issues remain.
By Robert Lemos Contributing Writer, 4/16/2020
Comment0 comments  |  Read  |  Post a Comment
New Malware Family Assembles IoT Botnet
Jai Vijayan, Contributing WriterNews
'Mozi' combines code from three previously known IoT malware.
By Jai Vijayan Contributing Writer, 4/15/2020
Comment0 comments  |  Read  |  Post a Comment
DHS Issues Alert for New North Korean Cybercrime
Curtis Franklin Jr., Senior Editor at Dark ReadingQuick Hits
Cyber actors from North Korea's intelligence agencies are launching new attacks on financial targets, including hacks for hire on the open market.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/15/2020
Comment0 comments  |  Read  |  Post a Comment
Cybersecurity Prep for the 2020s
Dave Meltzer, Chief Technology Officer at TripwireCommentary
The more things change, the more they stay the same. Much of the world is still behind on the basics.
By Dave Meltzer Chief Technology Officer at Tripwire, 4/15/2020
Comment2 comments  |  Read  |  Post a Comment
7 Ways COVID-19 Has Changed Our Online Lives
Steve Zurier, Contributing Writer
The pandemic has driven more of our personal and work lives online and for the bad guys, business is booming. Here's how you can protect yourself.
By Steve Zurier Contributing Writer, 4/14/2020
Comment0 comments  |  Read  |  Post a Comment
Medical Devices on the IoT Put Lives at Risk
Dmitry Raidman, CEO & Co-Founder, CybeatsCommentary
Device security must become as important a product design feature as safety and efficacy.
By Dmitry Raidman CEO & Co-Founder, Cybeats, 4/9/2020
Comment0 comments  |  Read  |  Post a Comment
A Day in The Life of a Pen Tester
Kelly Sheridan, Staff Editor, Dark ReadingNews
Two penetration testers share their day-to-day responsibilities, challenges they encounter, and the skills they value most on the job.
By Kelly Sheridan Staff Editor, Dark Reading, 4/2/2020
Comment0 comments  |  Read  |  Post a Comment
New APT Targets Middle Eastern Victims
Dark Reading Staff, Quick Hits
The new malware, dubbed "Milum," can take control of industrial devices.
By Dark Reading Staff , 3/24/2020
Comment0 comments  |  Read  |  Post a Comment
How to Secure Your Kubernetes Deployments
Gadi Naor, CTO and Co-Founder, AlcideCommentary
As more companies shift their software to a microservices-based architecture and orchestrate their containerized applications in Kubernetes, distributed security controls become a must.
By Gadi Naor CTO and Co-Founder, Alcide, 3/24/2020
Comment0 comments  |  Read  |  Post a Comment
8 Infosec Page-Turners for Days Spent Indoors
Kelly Sheridan, Staff Editor, Dark Reading
Stuck inside and looking for a new read? Check out these titles written by security practitioners and reporters across the industry.
By Kelly Sheridan Staff Editor, Dark Reading, 3/23/2020
Comment2 comments  |  Read  |  Post a Comment
Dark Reading Cybersecurity Crossword Puzzle
Edge Editors, Dark Reading
Here's a little something to snuggle up with if you're on lockdown.
By Edge Editors Dark Reading, 3/20/2020
Comment1 Comment  |  Read  |  Post a Comment
4 Ways Thinking 'Childishly' Can Empower Security Professionals
Michal Bar, Head of Cybersecurity Professional Services at CylusCommentary
Younger minds -- more agile and less worried by failure -- provide a useful model for cyber defenders to think more creatively.
By Michal Bar Head of Cybersecurity Professional Services at Cylus, 3/16/2020
Comment1 Comment  |  Read  |  Post a Comment
DDoS Attack Trends Reveal Stronger Shift to IoT, Mobile
Kelly Sheridan, Staff Editor, Dark ReadingNews
Attackers are capitalizing on the rise of misconfigured Internet-connected devices running the WS-Discovery protocol, and mobile carriers are hosting distributed denial-of-service weapons.
By Kelly Sheridan Staff Editor, Dark Reading, 3/13/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
COVID-19: Latest Security News & Commentary
Dark Reading Staff 5/22/2020
How an Industry Consortium Can Reinvent Security Solution Testing
Henry Harrison, Co-founder & Chief Technology Officer, Garrison,  5/21/2020
10 iOS Security Tips to Lock Down Your iPhone
Kelly Sheridan, Staff Editor, Dark Reading,  5/22/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5537
PUBLISHED: 2020-05-25
Cybozu Desktop for Windows 2.0.23 to 2.2.40 allows remote code execution via unspecified vectors.
CVE-2020-13438
PUBLISHED: 2020-05-24
ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c.
CVE-2020-13439
PUBLISHED: 2020-05-24
ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c.
CVE-2020-13440
PUBLISHED: 2020-05-24
ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c.
CVE-2020-13433
PUBLISHED: 2020-05-24
Jason2605 AdminPanel 4.0 allows SQL Injection via the editPlayer.php hidden parameter.