Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in August 2016
<<   <   Page 3 / 3
Data Protection From The Inside Out
Commentary  |  8/8/2016  | 
Organizations must make fundamental changes in the way they approach data protection.
New Internet Security Domains Debut
News  |  8/5/2016  | 
Meet the new .security and .protection domains.
DHS Mulls Designating US Election System As Critical Infrastructure
Quick Hits  |  8/5/2016  | 
DHS studying whether election system should fall under DHS cyber-protection purview.
Cybersecurity Fears Among Consumers On The Rise
Quick Hits  |  8/5/2016  | 
Digital Citizens Alliance poll reveals nearly half of Americans have been victims of cyber fraud.
Team With Carnegie Mellon Roots Wins Machine Hacking Contest
News  |  8/5/2016  | 
'Mayhem' takes home $2 million prize in historic DARPA machine-to-machine hacking challenge.
Theres Something Phishy in the Package
Partner Perspectives  |  8/5/2016  | 
The typosquatting risk is real. Its time to increase our vigilance and control over third-party source code.
Apple Finally Launches Bug Bounty Program
News  |  8/4/2016  | 
Security researchers will be eligible for bounties of up to $200,000. But for the moment the program is invite-only
DDoS Attacks: Cybercriminals Are More Homegrown Than You Think
News  |  8/4/2016  | 
Researchers from the FBI and a private security company say many of the distributed denial of service attacks emanate from the West.
Dark Reading News Desk Coming Back To Black Hat, Live
News  |  8/4/2016  | 
Live from Las Vegas: over 40 video interviews with Black Hat USA conference speakers and sponsors. Wednesday Aug. 3, Thursday Aug, 4, starting at 2 p.m. ET.
FBI Reportedly Took Months To Warn DNC That Russia May Be Behind Hackings
Quick Hits  |  8/4/2016  | 
Full disclosure may have lessened damage but official says agency was acting in national interest.
Hacker Creates Software Ratings System
Quick Hits  |  8/4/2016  | 
The new formula to rate computer software could force creators to perform better, says Peiter Mudge Zatko.
Nigerian Prince All Grown Up And Bilking Millions From Businesses Via BEC
News  |  8/4/2016  | 
Researchers discover leader of wire-wire gang thats made millions off by laundering victims business transactions.
8 Alternatives to Selfie Authentication
Slideshows  |  8/4/2016  | 
How to definitively prove your identity? A variety of anatomical parts and functions may soon be able to vouch for you.
Do Security Companies Need to Issue Warranties?
News  |  8/3/2016  | 
Jeremiah Grossman outlines how IT security firms are starting to offer guarantees with the backing of insurance companies.
Best Of Black Hat Innovation Awards: And The Winners Are
Commentary  |  8/3/2016  | 
Three companies and leaders who think differently about security: Deep Instinct, most innovative startup; Vectra, most innovative emerging company; Paul Vixie, most innovative thought leader.
Researchers Show How To Steal Payment Card Data From PIN Pads
News  |  8/3/2016  | 
Attack works even against chip-enabled EMV smartcards.
Kaminsky Creates Prototype To Lock Out Attackers
News  |  8/3/2016  | 
Security expert warns the Internet could be lost to regulators and hackers if industry doesn't start locking down security.
Georgia Man Pleads Guilty To Hacking, Insider Trading
Quick Hits  |  8/3/2016  | 
Leonid Momotok breached newswire networks and used confidential data for illegal trades worth $30 million.
US Navy Organizes Cybersecurity Simulation
Quick Hits  |  8/3/2016  | 
Naval interns create 'Capture the Flag' challenge to protect US Navy cyberspace.
Hotel POS and Magstripe Cards Vulnerable to Attacks, Brute-Forcing
News  |  8/2/2016  | 
Researchers from Rapid7 at DefCon will demonstrate vulnerabilities that allow attackers to turn point-of-sale devices into keyboards
Awareness Improving But Security Still Lags For SAP Implementations
News  |  8/2/2016  | 
SAP ecosystem a huge Achilles heel for enterprise system security, report says.
Dark Reading Radio at Black Hat 2016: 2 Shows, 4 #BHUSA Presenters
Commentary  |  8/2/2016  | 
Even if you can't physically be at Black Hat USA 2016, Dark Reading offers a virtual alternative to engage with presenters about hot show topics and trends.
5 Email Security Tips to Combat Macro-Enabled Ransomware
Slideshows  |  8/2/2016  | 
Cybercriminals are increasingly looking to macro variants, leaving organizations to defend against advanced tactics like macro-based malware attacks any way they can.
BEC Scam Mastermind Arrested By Interpol
Quick Hits  |  8/2/2016  | 
Nigerian national charged with corporate email fraud of more than $60 million.
Clinton Campaign To Hold Cybersecurity-Themed Fundraiser In Vegas
Quick Hits  |  8/2/2016  | 
Cybersecurity experts to head event during the ongoing Black Hat hacker conference this week.
3 Steps Towards Building Cyber Resilience Into Critical Infrastructure
Commentary  |  8/2/2016  | 
The integration of asset management, incident response processes and education is critical to improving the industrial control system cybersecurity landscape.
How the Adoption of EDR Transforms a SOCs Effectiveness
Partner Perspectives  |  8/2/2016  | 
Endpoint detection response is helping take the headache out of responding to threats by providing visibility where most organizations are blind.
Kaspersky Lab Kicks Off Its First Bug Bounty Program
News  |  8/2/2016  | 
Security vendor teams up with HackerOne to pay out $50K to researchers over next six months.
This Time, Miller & Valasek Hack The Jeep At Speed
News  |  8/1/2016  | 
Car hacking duo accelerates -- literally -- their epic Jeep Cherokee hack.
Browser Exploits Increasingly Go For The Jugular
News  |  8/1/2016  | 
Black Hat USA panel to discuss browser attacks, which now go from browser userland to root privileges in no time flat.
Clinton Campaign: Voter Analytics Program Compromised, Not Internal Systems
Quick Hits  |  8/1/2016  | 
First the DNC, then the DCCC, and now the Clinton campaign have all been compromised by Russian attackers.
White-Hat Hacking Group Founder Arrested In China
Quick Hits  |  8/1/2016  | 
Chinese police crack down on ethical hacking community for undisclosed reasons, detain 10 members.
Crypto Malware: Responding To Machine-Timescale Breaches
Commentary  |  8/1/2016  | 
The game has changed again with hackers ability to steal your data at record speeds and cripple your organization before the first alert.
<<   <   Page 3 / 3


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27706
PUBLISHED: 2021-04-14
Buffer Overflow in Tenda G1 and G3 routers with firmware version V15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/&quot;IPMacBindIndex &quot;request. This occurs because the &quot;formIPMacBindDel&quot; function directly passes the parameter &quot;IPMacBind...
CVE-2021-27707
PUBLISHED: 2021-04-14
Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/&quot;portMappingIndex &quot;request. This occurs because the &quot;formDelPortMapping&quot; function directly passes the parameter &quot;portMappingIn...
CVE-2021-28098
PUBLISHED: 2021-04-14
An issue was discovered in Forescout CounterACT before 8.1.4. A local privilege escalation vulnerability is present in the logging function. SecureConnector runs with administrative privileges and writes logs entries to a file in %PROGRAMDATA%\ForeScout SecureConnector\ that has full permissions for...
CVE-2021-30493
PUBLISHED: 2021-04-14
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the ChromaBroadcast subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other wor...
CVE-2021-30494
PUBLISHED: 2021-04-14
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the Razer Chroma SDK subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other wo...