Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in July 2016
<<   <   Page 2 / 3   >   >>
Hacker Jailed For Celebrity Swatting, Doxing
Quick Hits  |  7/19/2016  | 
New Yorker Mir Islam given a two-year jail term for online harassment of public figures.
Ubuntu Forums Database Hacked
Quick Hits  |  7/19/2016  | 
Canonical probe reveals user account details of 2 million stolen, passwords safe.
Ransomware Victims Rarely Pay The Full Ransom Price
News  |  7/18/2016  | 
The purveyors of cyber-extortion schemes often willing to negotiate their ransom fees, F-Secure study finds.
Locking Down Windows 10: 6 New Features
Slideshows  |  7/18/2016  | 
The latest version of Windows includes expanded identity and access controls, advanced Bitlocker encryption, and new malware protections.
UK Rail Hit By Four Cyberattacks In One Year
Quick Hits  |  7/18/2016  | 
No disruption to rail network caused, hackers appear to be nation-states, says cybersecurity firm Darktrace.
Crooks Hack Taiwan ATMs With 'Smartphone,' No Bank Card, Steal Millions
Quick Hits  |  7/18/2016  | 
Police say Russian suspects operate ATM machines without bank card, make off with $2.2 million.
Beyond Data: Why CISOs Must Pay Attention To Physical Security
Commentary  |  7/18/2016  | 
Information security professionals are missing the big picture if they think of vulnerabilities and threats only in terms of data protection, password hygiene and encryption.
Staying Cyber Safe At The Olympics
Slideshows  |  7/16/2016  | 
Travel tips and more in hostile environments abroad.
New HIPAA Guidance Tackles Ransomware Epidemic In Healthcare
Quick Hits  |  7/15/2016  | 
HHS addresses ransomware infections in wake of healthcare attacks.
Meet The Teams In DARPA's All-Machine Hacking Tournament
Slideshows  |  7/15/2016  | 
"Autonomous security" is DARPA's latest game. Its Cyber Grand Challenge will culminate at DEF CON with a contest to see which of these seven finalists' machines will automatically detect and remediate the most security vulnerabilities.
Microsoft Wins Landmark Case Of Overseas Email Handover
Quick Hits  |  7/15/2016  | 
US court overturns 2014 ruling favoring Department of Justice's right to seek data stored overseas.
Chinese Hacker Gets US Prison Term For Military Data Theft
Quick Hits  |  7/15/2016  | 
Su Bin worked alongside Chinese military officers to steal sensitive data from major US defense contractors.
What SMBs Need To Know About Security But Are Afraid To Ask
Slideshows  |  7/14/2016  | 
A comprehensive set of new payment protection resources from the PCI Security Standards Council aims to help small- and medium-sized businesses make security a priority.
Sandia Labs Researchers Build DNA-Based Encrypted Storage
News  |  7/14/2016  | 
Researchers at Sandia National Laboratories in New Mexico are experimenting with encrypted DNA storage for archival applications.
What's Next For Canadas Surveillance Landscape?
Commentary  |  7/14/2016  | 
Edward Snowden headlines SecTor security conference as Canadian privacy advocates await the Trudeau governments next move in the countrys complex privacy and security debate.
72% of Black Hat Attendees Expect To Be Hit By 'Major' Data Breach Within A Year
Commentary  |  7/14/2016  | 
End users are the biggest weakness, and we're not doing enough to address the problem.
1 In 3 Consumers Worldwide Hit By Payment Card Fraud
Quick Hits  |  7/14/2016  | 
Card scam cases on the rise globally reportedly due to an increase in smartphone and tablet usage, study finds.
FDIC Likely Hacked By China But Covered Up Breach, Report Says
Quick Hits  |  7/14/2016  | 
A 2013 FDIC internal memo indicates a cover-up of China breach by employees to protect chairmans job.
Context-Rich And Context-Aware Cybersecurity
Partner Perspectives  |  7/14/2016  | 
An adaptive threat-prevention model is quickly replacing traditional, unintegrated architectures as security teams work to achieve a sustainable advantage against complex threats.
Purple Teaming: Red & Blue Living Together, Mass Hysteria
News  |  7/13/2016  | 
When you set focused objectives for the red team, you get your blue team to work the weak muscles they need trained most.
AirbnBreach: How Networks At Short-Term Rentals Are Wide Open To Attack
News  |  7/13/2016  | 
New age of community lodging opens the door for old-school network hacks, putting hosts and guests at risk of cyberattacks and stolen personal information.
Adobe Fixes 52 Vulnerabilities In Flash
Quick Hits  |  7/13/2016  | 
Updated version fixes CVEs that allowed remote code execution on affected machines.
Fiat Chrysler Launches Bug Bounty Program
Quick Hits  |  7/13/2016  | 
Platform will be leveraged to identify and resolve security issues in automobile software.
What I Expect to See At Black Hat 2016: 5 Themes
Commentary  |  7/13/2016  | 
Over the years, Black Hat has morphed from a little show for security researchers to a big conference that attracts everyone from black-hat hackers to C-level security execs. Here's what piques my interest this year.
Healthcare Hacks Face Critical Condition
News  |  7/12/2016  | 
It's not just SSNs and credit cards -- detailed patient records and full EHR databases are targeted by cybercriminals today.
ICS Mess: US Industrial Systems The Most Exposed
News  |  7/12/2016  | 
New data shows vulnerable ICS equipment even as vendors are improving security.
EUs General Data Protection Regulation Is Law: Now What?
Commentary  |  7/12/2016  | 
Organizations have two years to prepare to act as borrowers, not owners, of customer data. Here are seven provisions of the new GPDR you ignore at your peril.
Covert Voice Commands Can Hack A Smartphone
News  |  7/12/2016  | 
Researchers from Georgetown University and the University of California, Berkeley say cybercriminals could use hidden voice commands via popular YouTube videos to infect Androids and iPhones with malware.
SWIFT Boosts Defense Against Cyberattacks
Quick Hits  |  7/12/2016  | 
Cyber security firms hired, intelligence team set up to ward off future attacks on banks through SWIFT.
Omni Hotels Discloses Payment Card Breach
Quick Hits  |  7/12/2016  | 
Certain properties infected by point-of-sale malware that stole guests' card details.
Profiles Of The Top 7 Bug Hunters From Around the Globe
Slideshows  |  7/12/2016  | 
'Super hunters' share a common goal: to find the most high impact valid bugs before a bad guy does.
Dark Reading Launches Best Of Black Hat Awards Program; Finalists Selected
Commentary  |  7/12/2016  | 
New awards recognize innovation on Black Hat exhibit floor, including startups, emerging companies, and industry thinkers.
New Ranscam Ransomware Lowers The Bar But Raises The Stakes
News  |  7/11/2016  | 
Cisco Talos researchers discover new variant that doesn't decrypt your files after you pay up--it has already deleted them.
Saving The Security Operations Center With Endpoint Detection And Response
Partner Perspectives  |  7/11/2016  | 
EDR is the beginning of our return to control in the fight against cybercrime.
Does Defense In Depth Still Work Against Todays Cyber Threats?
Commentary  |  7/11/2016  | 
Yes. But not for much longer unless the industry shifts to an automated security and zero trust model.
Facebook Will Offer 'Secret Conversations' On Messenger
Quick Hits  |  7/11/2016  | 
New feature with end-to-end encryption on some opt-in messages likely to be available soon.
EU Approves Revised Pact For Data Transfer With US
Quick Hits  |  7/11/2016  | 
Privacy Shield to replace Safe Harbour, ending months of uncertainty for Google, Facebook.
8 Ways Ethically Compromised Employees Compromise Security
Slideshows  |  7/10/2016  | 
From audit cheats to bringing data to a new job, unscrupulous employees put organizations at risk.
Cybercrime Now Surpasses Traditional Crime In UK
News  |  7/8/2016  | 
The US could be on an even worse trajectory, according to one security expert.
An Inside Look At The New Apple Mac Malware 'Eleanor'
Slideshows  |  7/8/2016  | 
Researchers from Bitdefender find security hole that opens up a backdoor to the Mac OS X system.
Report: Criminals Now Hack, Start And Then Steal Vehicles
Quick Hits  |  7/8/2016  | 
Thieves are using a mystery electronic device to turn on car ignition, say the police.
Wendys Gives Details On Payment Card Breach
Quick Hits  |  7/8/2016  | 
Fast food chain reveals franchisees hit and offers support services for affected customers.
Avast Acquires Anti-Virus Rival AVG In $1.3 Billion Deal
Quick Hits  |  7/8/2016  | 
Transaction gives Avast access to 400 million devices.
Hacking A Penetration Tester
News  |  7/7/2016  | 
How even a pen test conducted by a security pro can be hacked by a determined attacker looking for a way to its target.
NATO Ambassador: How The Ukraine Crisis Fits Cyber War Narrative
News  |  7/7/2016  | 
Kenneth Geers previews his Black Hat talk and discusses the strategic military maneuvers governments can make within cyberspace.
Ripping Away The Mobile Security Blanket
News  |  7/7/2016  | 
Upcoming Black Hat USA talk will highlight vulns in Good Technology platform and discuss the dangers of overreliance on enterprise mobility security suites.
A Holistic Approach to Cybersecurity Wellness: 3 Strategies
Commentary  |  7/7/2016  | 
Security professionals need to rely on more than vaccinations to protect the health and safety of company systems and data.
UEFA Euro Fans At High Risk Of Online Threats, Study Shows
Quick Hits  |  7/7/2016  | 
A study by Allot and Kaspersky Lab during 2016 UEFA Euro matches shows significant spike in cybercriminal activities.
Government Should Publicly ID Cyberattackers, Ex-US Intel Chief Says
Quick Hits  |  7/7/2016  | 
Michael Rogers believes acknowledgement will help insurance companies defend against lawsuits.
Landmark Cybersecurity Law Passed By European Union
Quick Hits  |  7/7/2016  | 
New rules impose obligations to strengthen cyber defense and report network threats and incidents.
<<   <   Page 2 / 3   >   >>


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-22879
PUBLISHED: 2021-04-14
Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource injection by way of missing validation of URLs, allowing a malicious server to execute remote commands. User interaction is needed for exploitation.
CVE-2021-27989
PUBLISHED: 2021-04-14
Appspace 6.2.4 is vulnerable to stored cross-site scripting (XSS) in multiple parameters within /medianet/sgcontentset.aspx.
CVE-2021-25316
PUBLISHED: 2021-04-14
A Insecure Temporary File vulnerability in s390-tools of SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-SP2 allows local attackers to prevent VM live migrations This issue affects: SUSE Linux Enterprise Server 12-SP5 s390-tools versions prior to 2.1.0-18.29.1. SUSE Linux Enterp...
CVE-2021-28797
PUBLISHED: 2021-04-14
A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveillance Station 5.1.5.4.3 (an...
CVE-2020-36323
PUBLISHED: 2021-04-14
In the standard library in Rust before 1.50.3, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.