Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in February 2017
<<   <   Page 3 / 4   >   >>
US Teen Admits To Brussels Airport Cyberattack
Quick Hits  |  2/10/2017  | 
A 14-year-old Pittsburgh resident failed to hack Zaventem airport just hours after last year's terrorist attacks that killed 32.
Keep Employees Secure, Wherever They Are
Commentary  |  2/10/2017  | 
As workers grow more dispersed, organizations need to focus on three areas to maintain security.
Arbys Acknowledges Payment Card Breach At US Corporate Stores
Quick Hits  |  2/10/2017  | 
More than 355,000 credit and debit cards were reportedly compromised between October 2016 and January 2017.
Hacking The Penetration Test
News  |  2/9/2017  | 
Penetration testers rarely get spotted, according to a Rapid7 report analyzing its real-world engagements.
4 Signs You, Your Users, Tech Peers & C-Suite All Have 'Security Fatigue'
Commentary  |  2/9/2017  | 
If security fatigue is the disease we've all got, the question is how do we get over it?
Threat Hunting Becoming Top Of Mind Issue For SOCs
News  |  2/9/2017  | 
Nearly 80% of the respondents in a LinkedIn poll said that threat hunting already is, or should be a top-level initiative.
InfoSec Teams Share Keys To CISO Success
News  |  2/9/2017  | 
Tech expertise and business engagement are critical for CISOs who want to strengthen security but lack authority in their organizations.
Harvest Season: Why Cyberthieves Want Your Compute Power
Commentary  |  2/9/2017  | 
Attackers are hijacking compute power in order to pull off their other crimes.
When Hackers Hack Hackers
Slideshows  |  2/9/2017  | 
Notable cases of internecine cyber squabbles.
Ex-NSA Contractor Indicted In Alleged Theft Of Classified Data
Quick Hits  |  2/9/2017  | 
Harold Thomas Martin III, accused of stealing 50 terabytes of highly sensitive government information, will appear in court on Feb. 14.
AT&T, IBM, Palo Alto Networks, Symantec, Team Up In IoT Security
Quick Hits  |  2/9/2017  | 
IoT Cybersecurity Alliance is made up of AT&T, IBM, Nokia, Palo Alto Networks, Symantec, and Trustonic.
Organizations In 40 Countries Under Invisible Cyberattacks
News  |  2/8/2017  | 
Unknown threat actors are stealing sensitive financial data using memory resident malware crafted from legitimate tools, Kaspersky Lab warns.
Machine Learning at Heart of Security M&A Splurge
News Analysis-Security Now  |  2/8/2017  | 
Four acquisitions in a week all point to the growing importance of machine learning for major security system vendors.
Facebook Aims To Shape Stronger Security Practices
News  |  2/8/2017  | 
Facebook is among social platforms focusing on security as social media poses a growing risk to individuals and businesses.
Sophos Acquisition Targets Next-Gen Endpoint Security
Quick Hits  |  2/8/2017  | 
Sophos buys Invincea to bring next-gen malware protection and machine learning into its product portfolio.
What to Watch (& Avoid) At RSAC
Commentary  |  2/8/2017  | 
A renowned security veteran shares his RSA dance card, offering views on technologies destined for the dustbin of history and those that will move the industry forward.
David Beckham Hires Cybersecurity Expert To Probe Email Leak
Quick Hits  |  2/8/2017  | 
18.6 million emails were stolen and leaked from PR firm, including allegedly doctored messages made to damage Beckham's reputation.
Dutch Voter Guide Website Leak Highlights Privacy Concerns
Quick Hits  |  2/8/2017  | 
StemWijzer fixes vulnerabilities after researcher discovers website is secretly maintaining voter-preference record.
Cloud Storage The New Favorite Target Of Phishing Attacks
News  |  2/7/2017  | 
2016 data shows that phishing scams involving brands like Google and DropBox will soon overtake scams involving financial companies, PhishLabs says.
New Method Can Catch Smartphone Thieves In 14 Seconds
News  |  2/7/2017  | 
New research from Ben-Gurion University of the Negev shows promise in quickly identifying smartphone hackers.
Enterprise Android Vs iOS: Which is More Secure?
Commentary  |  2/7/2017  | 
The answer is not as simple as you think. A mobile security expert parses the pros and cons.
The Promise & Peril Of The App Era
Commentary  |  2/7/2017  | 
Sure, apps are convenient. But when not properly assessed, they can cause security holes.
Taiwan Brokerage Firms Receive DDoS Threats Demanding Ransom
Quick Hits  |  2/7/2017  | 
Five brokerages in the country ignore demands to pay up $9,731 in Bitcoin or risk getting DDoS'ed.
Brooklyn Man Pleads Guilty In Banking Scam Involving Money Mules
Quick Hits  |  2/7/2017  | 
Investigation unearths alleged scheme spread over several countries costing victims more than $1 million in losses.
Point-of-Sale Malware Declined 93% Since 2014
News  |  2/7/2017  | 
SonicWall study highlights alarming growth in ransomware incidents.
Vulnerabilities Hit High Water Mark in 2016
News  |  2/6/2017  | 
The good news is that coordinated disclosure keeps getting better.
Appeals Court Orders Review Of 2015 Target Breach Settlement
Quick Hits  |  2/6/2017  | 
Order follows victim appeal to hold the retailer liable for future identity theft claims stemming from the 2013 breach.
Fight Back Against Ransomware
Commentary  |  2/6/2017  | 
The No More Ransom project helps those affected by ransomware and works to prevent the problem's spread.
InterContinental Confirms Security Breach At 12 US Hotels
Quick Hits  |  2/6/2017  | 
Investigation reveals payment cards of customers were compromised between August and December.
Windows SMB Zero-Day Exploit On The Loose
News  |  2/3/2017  | 
Vulnerability allows remote attackers to trigger denial-of-service conditions on several Windows client versions.
IRS Warns Of New W-2 Phishing Attacks
Quick Hits  |  2/3/2017  | 
The infamous Form W-2 email phishing scam plaguing the corporate sector now targeting school districts, tribal organizations, nonprofits, others.
Talking Cybersecurity From A Risk Management Point of View
Commentary  |  2/3/2017  | 
CenturyLink CSO David Mahon reflects on the evolution of the chief information security officer, and why todays CISOs are increasingly adopting a risk-based approach to security.
How to Handle Threats When Short-Staffed
How to Handle Threats When Short-Staffed
Dark Reading Videos  |  2/3/2017  | 
Skyboxs Michelle Cobb, VP of Worldwide Marketing, explains how automation and advanced analytics can give security teams the data they need when their teams are stretched
WordPress Quietly Fixes Serious Security Flaw
Quick Hits  |  2/3/2017  | 
Wordpress admits delaying its disclosure of a vulnerability that would let attackers modify users' posts or pages.
Two Arrested For CCTV Camera Hack On Washington, DC
Quick Hits  |  2/3/2017  | 
A British man and Swedish woman have reportedly been arrested in the UK for the cyberattack ahead of Trump's inauguration.
Metasploit Can Now Be Directly Linked To Hardware For Vulnerability Testing
News  |  2/2/2017  | 
New hardware bridge extends penetration testing tools capabilities into physical world.
HD Moore Joins Research-Driven Consulting Firm
News  |  2/2/2017  | 
Metasploit creator joins Atredis Partners.
Businesses Fear Brand Damage More Than Security Breaches
News  |  2/2/2017  | 
Organizations struggling with risk management are more concerned about brand damage than cyberattacks, new Ponemon study shows.
A Hogwarts For Cyber Protection?
Commentary  |  2/2/2017  | 
How the UK is minting a new generation of cybersecurity wizards.
Nokia's Efforts to Lead in Security
News Analysis-Security Now  |  2/2/2017  | 
Nokia is maintaining its strategic emphasis on network security and may have some plausible claims to be ahead of its major vendor rivals – but it still has a lot of questions to answer.
10 Essential Elements For Your Incident-Response Plan
Slideshows  |  2/2/2017  | 
The middle of a DDoS attack or ransomware infection is hardly the time to start talking about divisions of labor, or who should do what when.
Netherlands Opts For Manual Vote-Count Amid Cyberattack Fears
Quick Hits  |  2/2/2017  | 
Ballots will be counted by hand in the March 15 election after doubts surface over the safety and security of electronic system.
Hewlett Packard Enterprise Buys User And Entity Behavioral Analytics Firm
Quick Hits  |  2/2/2017  | 
Integration expected to boost HPEs Intelligent Edge strategy for better protection against next-gen attacks.
Netgear Addresses Password Bypass Vulns In 31 Router Models
News  |  2/1/2017  | 
Company has made patches, workarounds available to mitigate password bypass threat that potentially impacted 1 million devices, Trustwave says.
Spam Now Makes Up Nearly Two-Thirds Of All Email
News  |  2/1/2017  | 
Spam spikes, and nearly three-fourths of all organizations worldwide have suffered adware-borne infections, according to Cisco's annual cybersecurity report.
The Interconnected Nature Of International Cybercrime
Commentary  |  2/1/2017  | 
How burgeoning hackers are honing their craft across language barriers from top tier cybercriminal ecosystems and forums of the Deep and Dark Web.
A New Mantra For Cybersecurity: 'Simulate, Simulate, Simulate!'
Commentary  |  2/1/2017  | 
What security teams can learn from the Apollo 13 space program, a global pandemic, and major infrastructure disruptions to identify their best responses to attacks.
Cisco Report: They're Coming for Your Servers
Curt Franklin  |  2/1/2017  | 
Cisco's Annual Cybersecurity Report 2017 said that organizations suffered serious cybersecurity losses in 2016 – and the bad guys are coming for your server in 2017.
Cyberattacks On Czech Foreign Ministry The Handiwork Of A Nation-State
Quick Hits  |  2/1/2017  | 
Russia suspected to be behind the Foreign Ministry hacks that resemble those of the attacks against the US, Reuters says.
PCI Security Standards Council Issues Guidance For E-Commerce Security
Quick Hits  |  2/1/2017  | 
Update educates merchants on payment security challenges and significance of encryption.
<<   <   Page 3 / 4   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Improving Enterprise Cybersecurity With XDR
Enterprises are looking at eXtended Detection and Response technologies to improve their abilities to detect, and respond to, threats. While endpoint detection and response is not new to enterprise security, organizations have to improve network visibility, expand data collection and expand threat hunting capabilites if they want their XDR deployments to succeed. This issue of Tech Insights also includes: a market overview for XDR from Omdia, questions to ask before deploying XDR, and an XDR primer.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-32411
PUBLISHED: 2022-07-01
An issue in the languages config file of HongCMS v3.0 allows attackers to getshell.
CVE-2022-32412
PUBLISHED: 2022-07-01
An issue in the /template/edit component of HongCMS v3.0 allows attackers to getshell.
CVE-2022-34903
PUBLISHED: 2022-07-01
GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.
CVE-2022-32324
PUBLISHED: 2022-07-01
PDFAlto v0.4 was discovered to contain a heap buffer overflow via the component /pdfalto/src/pdfalto.cc.
CVE-2022-32325
PUBLISHED: 2022-07-01
JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation which is caused by a READ memory access at jpegoptim.c.