Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in August 2016
<<   <   Page 3 / 3
Data Protection From The Inside Out
Commentary  |  8/8/2016  | 
Organizations must make fundamental changes in the way they approach data protection.
New Internet Security Domains Debut
News  |  8/5/2016  | 
Meet the new .security and .protection domains.
DHS Mulls Designating US Election System As Critical Infrastructure
Quick Hits  |  8/5/2016  | 
DHS studying whether election system should fall under DHS cyber-protection purview.
Cybersecurity Fears Among Consumers On The Rise
Quick Hits  |  8/5/2016  | 
Digital Citizens Alliance poll reveals nearly half of Americans have been victims of cyber fraud.
Team With Carnegie Mellon Roots Wins Machine Hacking Contest
News  |  8/5/2016  | 
'Mayhem' takes home $2 million prize in historic DARPA machine-to-machine hacking challenge.
Theres Something Phishy in the Package
Partner Perspectives  |  8/5/2016  | 
The typosquatting risk is real. Its time to increase our vigilance and control over third-party source code.
Apple Finally Launches Bug Bounty Program
News  |  8/4/2016  | 
Security researchers will be eligible for bounties of up to $200,000. But for the moment the program is invite-only
DDoS Attacks: Cybercriminals Are More Homegrown Than You Think
News  |  8/4/2016  | 
Researchers from the FBI and a private security company say many of the distributed denial of service attacks emanate from the West.
Dark Reading News Desk Coming Back To Black Hat, Live
News  |  8/4/2016  | 
Live from Las Vegas: over 40 video interviews with Black Hat USA conference speakers and sponsors. Wednesday Aug. 3, Thursday Aug, 4, starting at 2 p.m. ET.
FBI Reportedly Took Months To Warn DNC That Russia May Be Behind Hackings
Quick Hits  |  8/4/2016  | 
Full disclosure may have lessened damage but official says agency was acting in national interest.
Hacker Creates Software Ratings System
Quick Hits  |  8/4/2016  | 
The new formula to rate computer software could force creators to perform better, says Peiter Mudge Zatko.
Nigerian Prince All Grown Up And Bilking Millions From Businesses Via BEC
News  |  8/4/2016  | 
Researchers discover leader of wire-wire gang thats made millions off by laundering victims business transactions.
8 Alternatives to Selfie Authentication
Slideshows  |  8/4/2016  | 
How to definitively prove your identity? A variety of anatomical parts and functions may soon be able to vouch for you.
Do Security Companies Need to Issue Warranties?
News  |  8/3/2016  | 
Jeremiah Grossman outlines how IT security firms are starting to offer guarantees with the backing of insurance companies.
Best Of Black Hat Innovation Awards: And The Winners Are
Commentary  |  8/3/2016  | 
Three companies and leaders who think differently about security: Deep Instinct, most innovative startup; Vectra, most innovative emerging company; Paul Vixie, most innovative thought leader.
Researchers Show How To Steal Payment Card Data From PIN Pads
News  |  8/3/2016  | 
Attack works even against chip-enabled EMV smartcards.
Kaminsky Creates Prototype To Lock Out Attackers
News  |  8/3/2016  | 
Security expert warns the Internet could be lost to regulators and hackers if industry doesn't start locking down security.
Georgia Man Pleads Guilty To Hacking, Insider Trading
Quick Hits  |  8/3/2016  | 
Leonid Momotok breached newswire networks and used confidential data for illegal trades worth $30 million.
US Navy Organizes Cybersecurity Simulation
Quick Hits  |  8/3/2016  | 
Naval interns create 'Capture the Flag' challenge to protect US Navy cyberspace.
Hotel POS and Magstripe Cards Vulnerable to Attacks, Brute-Forcing
News  |  8/2/2016  | 
Researchers from Rapid7 at DefCon will demonstrate vulnerabilities that allow attackers to turn point-of-sale devices into keyboards
Awareness Improving But Security Still Lags For SAP Implementations
News  |  8/2/2016  | 
SAP ecosystem a huge Achilles heel for enterprise system security, report says.
Dark Reading Radio at Black Hat 2016: 2 Shows, 4 #BHUSA Presenters
Commentary  |  8/2/2016  | 
Even if you can't physically be at Black Hat USA 2016, Dark Reading offers a virtual alternative to engage with presenters about hot show topics and trends.
5 Email Security Tips to Combat Macro-Enabled Ransomware
Slideshows  |  8/2/2016  | 
Cybercriminals are increasingly looking to macro variants, leaving organizations to defend against advanced tactics like macro-based malware attacks any way they can.
BEC Scam Mastermind Arrested By Interpol
Quick Hits  |  8/2/2016  | 
Nigerian national charged with corporate email fraud of more than $60 million.
Clinton Campaign To Hold Cybersecurity-Themed Fundraiser In Vegas
Quick Hits  |  8/2/2016  | 
Cybersecurity experts to head event during the ongoing Black Hat hacker conference this week.
3 Steps Towards Building Cyber Resilience Into Critical Infrastructure
Commentary  |  8/2/2016  | 
The integration of asset management, incident response processes and education is critical to improving the industrial control system cybersecurity landscape.
How the Adoption of EDR Transforms a SOCs Effectiveness
Partner Perspectives  |  8/2/2016  | 
Endpoint detection response is helping take the headache out of responding to threats by providing visibility where most organizations are blind.
Kaspersky Lab Kicks Off Its First Bug Bounty Program
News  |  8/2/2016  | 
Security vendor teams up with HackerOne to pay out $50K to researchers over next six months.
This Time, Miller & Valasek Hack The Jeep At Speed
News  |  8/1/2016  | 
Car hacking duo accelerates -- literally -- their epic Jeep Cherokee hack.
Browser Exploits Increasingly Go For The Jugular
News  |  8/1/2016  | 
Black Hat USA panel to discuss browser attacks, which now go from browser userland to root privileges in no time flat.
Clinton Campaign: Voter Analytics Program Compromised, Not Internal Systems
Quick Hits  |  8/1/2016  | 
First the DNC, then the DCCC, and now the Clinton campaign have all been compromised by Russian attackers.
White-Hat Hacking Group Founder Arrested In China
Quick Hits  |  8/1/2016  | 
Chinese police crack down on ethical hacking community for undisclosed reasons, detain 10 members.
Crypto Malware: Responding To Machine-Timescale Breaches
Commentary  |  8/1/2016  | 
The game has changed again with hackers ability to steal your data at record speeds and cripple your organization before the first alert.
<<   <   Page 3 / 3


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Practical Network Security Approaches for a Multicloud, Hybrid IT World
The report covers areas enterprises should focus on for their multicloud/hybrid cloud security strategy: -increase visibility over the environment -learning cloud-specific skills -relying on established security frameworks -re-architecting the network
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-30333
PUBLISHED: 2022-05-09
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
CVE-2022-23066
PUBLISHED: 2022-05-09
In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Calculation which is caused by improper implementation of sdiv instruction. This can lead to the wrong execution path, resulting in huge loss in specific cases. For example, the result of a sdiv instruction may decide whether to tra...
CVE-2022-28463
PUBLISHED: 2022-05-08
ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.
CVE-2022-28470
PUBLISHED: 2022-05-08
marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor.
CVE-2022-1620
PUBLISHED: 2022-05-08
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input.