Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
News & Commentary
Alexa, Disarm the Victim's Home Security System
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Researchers who last year hacked popular voice assistants with laser pointers take their work to the next level.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 11/24/2020
Comment0 comments  |  Read  |  Post a Comment
Security Researchers Sound Alarm on Smart Doorbells
Jai Vijayan, Contributing WriterNews
A new analysis of 11 relatively inexpensive video doorbells uncovered high-risk vulnerabilities in all of them.
By Jai Vijayan Contributing Writer, 11/23/2020
Comment0 comments  |  Read  |  Post a Comment
DARPA and Academia Jumpstart 5G IoT Security Efforts
Paul Shomo, Cybersecurity AnalystCommentary
With 5G IoT devices projected to hit 49 million units by 2023, researchers launch programs to keep IoT from becoming a blackhole of exfiltration.
By Paul Shomo Cybersecurity Analyst, 11/12/2020
Comment0 comments  |  Read  |  Post a Comment
Claroty Details Vulnerabilities in Schneider PLCs
Dark Reading Staff, Quick Hits
The vulnerabilities in a common line of programmable logic controllers could allow attackers to gain control of industrial equipment.
By Dark Reading Staff , 11/10/2020
Comment0 comments  |  Read  |  Post a Comment
New Gitpaste-12 Botnet Exploits 12 Known Vulnerabilities
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers discover a new worm and botnet dubbed Gitpaste-12 for its ability to spread via GitHub and Pastebin.
By Kelly Sheridan Staff Editor, Dark Reading, 11/6/2020
Comment0 comments  |  Read  |  Post a Comment
Hexagon Announces Deal to Acquire PAS Global
Dark Reading Staff, Quick Hits
The Houston-based PAS Global will operate as part of Hexagon's PPM (formerly Intergraph Process, Power & Marine) division.
By Dark Reading Staff , 11/4/2020
Comment1 Comment  |  Read  |  Post a Comment
Akamai Acquires Asavie
Dark Reading Staff, Quick Hits
Asavie's mobile, IoT, and security products and services will become part of the Akamai Security and Personalization Services product line.
By Dark Reading Staff , 10/27/2020
Comment0 comments  |  Read  |  Post a Comment
IASME Consortium to Kick-start New IoT Assessment Scheme
IFSEC Global, StaffNews
The IASME Consortium has been awarded a DCMS grant, enabling the UK organization to kick-start an Internet of Things (IoT) assessment scheme. IASME is looking for manufacturers interested in getting their IoT device certified cyber secure for free via the new pilot scheme.
By IFSEC Global Staff, 10/21/2020
Comment0 comments  |  Read  |  Post a Comment
IoT Vulnerability Disclosure Platform Launched
Dark Reading Staff, Quick Hits
VulnerableThings.com is intended to help vendors meet the terms of a host of new international IoT security laws and regulations.
By Dark Reading Staff , 10/19/2020
Comment0 comments  |  Read  |  Post a Comment
A 7-Step Cybersecurity Plan for Healthcare Organizations
Steve Zurier, Contributing Writer
With National Cybersecurity Awareness Month shining a spotlight on the healthcare industry, security pros share best practices for those charged with protecting these essential organizations.
By Steve Zurier Contributing Writer, 10/12/2020
Comment1 Comment  |  Read  |  Post a Comment
How to Pinpoint Rogue IoT Devices on Your Network
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers explain how security practitioners can recognize when a seemingly benign device could be malicious.
By Kelly Sheridan Staff Editor, Dark Reading, 10/12/2020
Comment0 comments  |  Read  |  Post a Comment
Bluetooth Security Weaknesses Pile Up, While Patching Remains Problematic
Robert Lemos, Contributing WriterNews
Turns out, creating wireless ecosystems for a vast number of different architectures, configurations, and use cases is hard.
By Robert Lemos Contributing Writer, 9/24/2020
Comment0 comments  |  Read  |  Post a Comment
Since Remote Work Isn't Going Away, Security Should Be the Focus
Mike Wronski, Technical Director of Product Marketing, NutanixCommentary
These three steps will help organizations reduce long-term work-from-home security risks.
By Mike Wronski Technical Director of Product Marketing, Nutanix, 9/24/2020
Comment0 comments  |  Read  |  Post a Comment
Gaming Industry Hit With 10B+ Attacks In Past Two Years
Nicole Ferraro, Contributing Writer
Criminals scored big with credential stuffing and web app attacks, yet many gamers seem unfazed.
By Nicole Ferraro Contributing Writer, 9/23/2020
Comment0 comments  |  Read  |  Post a Comment
Microsoft's Azure Defender for IoT Uses CyberX Tech
Dark Reading Staff, Quick Hits
Azure Defender for IoT is built to help IT and OT teams discover IoT and OT assets, identify critical flaws, and detect malicious behavior.
By Dark Reading Staff , 9/23/2020
Comment0 comments  |  Read  |  Post a Comment
Hacking Yourself: Marie Moe and Pacemaker Security
Gary McGraw Ph.D., Co-founder Berryville Institute of Machine LearningExpert Insights
Future consumer devices, including pacemakers, should be built with security from the start.
By Gary McGraw Ph.D. Co-founder Berryville Institute of Machine Learning, 9/21/2020
Comment2 comments  |  Read  |  Post a Comment
What's on Your Enterprise Network? You Might Be Surprised
Jai Vijayan, Contributing WriterNews
The strangest connected devices are showing up, and the threats they pose to security should not be overlooked.
By Jai Vijayan Contributing Writer, 9/16/2020
Comment0 comments  |  Read  |  Post a Comment
More Printers Could Mean Security Problems for Home-Bound Workers
Robert Lemos, Contributing WriterNews
Tricked-out home offices have led to an influx in printers, many of which have not been set up securely, leaving workers and their companies vulnerable.
By Robert Lemos Contributing Writer, 9/14/2020
Comment0 comments  |  Read  |  Post a Comment
Ripple20 Malware Highlights Industrial Security Challenges
Paul Lariviere, Technical Director, Security CompassCommentary
Poor security practices allowed software vulnerabilities to propagate throughout industrial and IoT products for more than 20 years.
By Paul Lariviere Technical Director, Security Compass, 9/10/2020
Comment0 comments  |  Read  |  Post a Comment
Most IoT Hardware Dangerously Easy to Crack
Jai Vijayan, Contributing WriterNews
Manufacturers need to invest more effort into protecting root-level access to connected devices, security researcher says.
By Jai Vijayan Contributing Writer, 9/2/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-20934
PUBLISHED: 2020-11-28
An issue was discovered in the Linux kernel before 5.2.6. On NUMA systems, the Linux fair scheduler has a use-after-free in show_numa_stats() because NUMA fault statistics are inappropriately freed, aka CID-16d51a590a8c.
CVE-2020-29368
PUBLISHED: 2020-11-28
An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.
CVE-2020-29369
PUBLISHED: 2020-11-28
An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe.
CVE-2020-29370
PUBLISHED: 2020-11-28
An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71.
CVE-2020-29371
PUBLISHED: 2020-11-28
An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd.