News & Commentary

Latest Content tagged with Endpoint
Page 1 / 2   >   >>
Actor Advertises Japanese PII on Chinese Underground
News  |  5/18/2018  | 
The dataset contains 200 million rows of information stolen from websites across industries, likely via opportunistic access.
Syrian Electronic Army Members Indicted for Conspiracy
Quick Hits  |  5/18/2018  | 
Two men have been charged for their involvement in a plot to commit computer hacking as members of the Syrian Electronic Army.
How to Hang Up on Fraud
Commentary  |  5/18/2018  | 
Three reasons why the phone channel is uniquely vulnerable to spoofing and what call centers are doing about it.
Get Ready for 'WannaCry 2.0'
News  |  5/17/2018  | 
Another widespread worm attack is "inevitable," but spreading a different more lucrative or destructive payload, experts say.
Cracking 2FA: How It's Done and How to Stay Safe
Slideshows  |  5/17/2018  | 
Two-factor authentication is a common best security practice but not ironclad. Here's how it can be bypassed, and how you can improve security.
The Risks of Remote Desktop Access Are Far from Remote
Commentary  |  5/17/2018  | 
RDP is used by fraudsters to steal and monetize data more often than you might think. But there are ways to stay safe.
Tanium's Valuation Reaches $5 Billion With New Investment
Quick Hits  |  5/17/2018  | 
Tanium has received a $175 million investment from TPG Growth.
California Teen Arrested for Phishing Teachers to Change Grades
Quick Hits  |  5/17/2018  | 
The student faces 14 felony counts for using a phishing campaign to steal teachers' credentials and alter students' grades.
Why Isn't Integrity Getting the Attention It Deserves?
Commentary  |  5/17/2018  | 
A focus on integrity requires a shift in the way many approach security management, but it's one of the most promising approaches to effective enterprise security.
7 Tools for Stronger IoT Security, Visibility
Slideshows  |  5/16/2018  | 
If you don't know what's on your IoT network, you don't know what to protect -- or protect from. These tools provide visibility into your network so you can be safe with (and from) what you see.
Newly Discovered Malware Targets Telegram Desktop
News  |  5/16/2018  | 
Russian-speaking attacker behind new malware capable of lifting credentials, cookies, desktop cache, and key files.
FIDO Alliance Appoints Facebook to Board of Directors
Quick Hits  |  5/16/2018  | 
Facebook joins Google, Microsoft, Amazon, and Intel, all among major influential tech companies backing FIDO authentication.
IT Pros Worried About IoT But Not Prepared to Secure It
News  |  5/16/2018  | 
Few organizations have a security policy in place for Internet of Things devices, new survey shows.
Rail Europe Notifies Riders of Three-Month Data Breach
Quick Hits  |  5/15/2018  | 
Rail Europe North America alerts customers to a security incident in which hackers planted card-skimming malware on its website.
New DDoS Attack Method Leverages UPnP
News  |  5/15/2018  | 
'Lock down UPnP routers,' researchers say.
Smashing Silos and Building Bridges in the IT-Infosec Divide
News  |  5/14/2018  | 
A strong relationship between IT and security leads to strong defense, but it's not always easy getting the two to collaborate.
'EFAIL' Email Encryption Flaw Research Stirs Debate
News  |  5/14/2018  | 
A newly revealed vulnerability in email encryption is a big problem for a small subset of users.
Facebook Suspends 200 Apps
Quick Hits  |  5/14/2018  | 
Thousands of apps have been investigated as Facebook determines which had access to large amounts of user data before its 2014 policy changes.
Chili's Suffers Data Breach
Quick Hits  |  5/14/2018  | 
The restaurant believes malware was used to collect payment card data including names and credit or debit numbers.
Why Enterprises Can't Ignore Third-Party IoT-Related Risks
Commentary  |  5/14/2018  | 
There's a major disconnect between Internet of Things governance and risk management, according to a new report. Follow these five steps to address the risks.
Gandcrab Ransomware Exploits Website Vulnerabilities
News  |  5/11/2018  | 
Researchers find campaigns distributing Gandcrab by hosting malware on legitimate websites with poor security measures.
8 Ways Hackers Can Game Air Gap Protections
Slideshows  |  5/11/2018  | 
Isolating critical systems from connectivity isn't a guarantee they can't be hacked.
The New Security Playbook: Get the Whole Team Involved
Commentary  |  5/11/2018  | 
Smart cybersecurity teams are harnessing the power of human intelligence so employees take the right actions.
Phishing Attack Bypasses Two-Factor Authentication
News  |  5/10/2018  | 
Hacker Kevin Mitnick demonstrates a phishing attack designed to abuse multi-factor authentication and take over targets' accounts.
17 Zero-Days Found & Fixed in OPC-UA Industrial Protocol Implementations
Quick Hits  |  5/10/2018  | 
Vulnerabilities in the framework used for secure data transfer in industrial systems were all fixed by March, says Kaspersky Lab.
Risky Business: Deconstructing Ray Ozzie's Encryption Backdoor
Commentary  |  5/10/2018  | 
With the addition of secure enclaves, secure boot, and related features of "Clear," the only ones that will be able to test this code are Apple, well-resourced nations, and vendors who sell jailbreaks.
As Personal Encryption Rises, So Do Backdoor Concerns
Quick Hits  |  5/10/2018  | 
Geopolitical changes drive personal encryption among security pros, who are increasingly worried about encryption backdoors.
Ready or Not: Transport Layer Security 1.3 Is Coming
Commentary  |  5/10/2018  | 
Better encryption could mean weaker security if you're not careful.
Email Security Tools Try to Keep Up with Threats
News  |  5/9/2018  | 
Email has long been a prime vector for cyberattacks, and hackers are only getting sneakier. Can email platforms and security tools keep up?
Script Kiddies, Criminals Hacking Video Streams for Fun & Profit
Quick Hits  |  5/9/2018  | 
Video streams are getting hijacked for 'prestige,' DDoS, and financial gain, a new report found.
Phishing Threats Move to Mobile Devices
News  |  5/9/2018  | 
Mobile devices are emerging as a primary gateway for phishing attacks aimed at stealing data.
Compliance Complexity: The (Avoidable) Risks of Not Playing by the Rules
Commentary  |  5/9/2018  | 
Achieving compliance is a challenging process, but with the right systems and customized data management policy, your organization can stay ahead of the next data breach -- and the regulators.
FBI: Reported Internet Crimes Topped $1.4 Billion Last Year
News  |  5/9/2018  | 
Business email compromise (BEC) campaigns outnumbered ransomware cases.
8.7B Identity Records on Surface, Deep, Dark Webs in 2017
Quick Hits  |  5/8/2018  | 
The 4iQ Identity Breach Report shows a 182% increase in raw identity records discovered by its team between 2016 and 2017.
Microsoft's Patch Tuesday Fixes Two CVEs Under Active Attack
News  |  5/8/2018  | 
This month's updates addressed vulnerabilities in Windows, Office, Edge, Internet Explorer, .Net Framework, Exchange Server, and other services.
APT Attacks on Mobile Rapidly Emerging
News  |  5/8/2018  | 
Mobile devices are becoming a 'primary' enterprise target for attackers.
10 Lessons From an IoT Demo Lab
Slideshows  |  5/7/2018  | 
The Demo Lab at InteropITX 2018 was all about IoT and the traffic - legitimate and malicious - it adds to an enterprise network.
Why DDoS Just Won't Die
News  |  5/7/2018  | 
Distributed denial-of-service attacks are getting bigger, badder, and 'blended.' What you can (and can't) do about that.
Trial Begins for Latvian Man Accused of Malware Operation
Quick Hits  |  5/7/2018  | 
Ruslans Bondars has been accused of running a malware service that had been linked to cyberattacks on US businesses.
US Extradites Romanian Hackers Charged with Vishing, Smishing
Quick Hits  |  5/7/2018  | 
Suspects fraudulently obtained more than $18 million through fraud by voice and SMS.
Defending Against an Automated Attack Chain: Are You Ready?
Commentary  |  5/7/2018  | 
Recent threats like AutoSploit bring malware-as-a-service to a whole new level. Here are four ways to be prepared.
RSA CTO: 'Modernization Can Breed Malice'
News  |  5/3/2018  | 
Zulfikar Ramzan predicted the future of cybersecurity, drivers shaping it, and how enterprise IT should react in his InteropITX 2018 keynote.
Hackers Leverage GDPR to Target Airbnb Customers
Quick Hits  |  5/3/2018  | 
Fraudsters are taking advantage of new EU privacy laws to demand personal information from Airbnb users.
Encryption is Necessary, Tools and Tips Make It Easier
News  |  5/3/2018  | 
In the InteropITX conference, a speaker provided tips, tools, and incentives for moving to pervasive encryption in the enterprise.
6 Enterprise Password Managers That Lighten the Load for Security
Slideshows  |  5/3/2018  | 
EPMs offer the familiar password wallet with more substantial administrative management and multiple deployment models.
GDPR Requirements Prompt New Approach to Protecting Data in Motion
Commentary  |  5/3/2018  | 
The EU's General Data Protection Regulation means that organizations must look at new ways to keep data secure as it moves.
Ransomware Attacks Jumped 400% Worldwide in 2017
Quick Hits  |  5/2/2018  | 
WannaCry led the pack all year, new F-Secure report says.
Spring Clean Your Security Systems: 6 Places to Start
Commentary  |  5/2/2018  | 
The sun is shining and you have an extra kick in your step. Why not use that newfound energy to take care of those bothersome security tasks you've put off all winter?
Breaches Drive Consumer Stress over Cybersecurity
News  |  5/2/2018  | 
As major data breaches make headlines, consumers are increasingly worried about cyberattacks, password management, and data security.
LoJack Attack Finds False C2 Servers
News  |  5/1/2018  | 
A new attack uses compromised LoJack endpoint software to take root on enterprise networks.
Page 1 / 2   >   >>


Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
Don't Roll the Dice When Prioritizing Vulnerability Fixes
Ericka Chickowski, Contributing Writer, Dark Reading,  5/15/2018
Why Enterprises Can't Ignore Third-Party IoT-Related Risks
Charlie Miller, Senior Vice President, The Santa Fe Group,  5/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Security through obscurity"
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11232
PUBLISHED: 2018-05-18
The etm_setup_aux function in drivers/hwtracing/coresight/coresight-etm-perf.c in the Linux kernel before 4.10.2 allows attackers to cause a denial of service (panic) because a parameter is incorrectly used as a local variable.
CVE-2017-15855
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, the camera application triggers "user-memory-access" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in u...
CVE-2018-3567
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing the HTT_T2H_MSG_TYPE_PEER_MAP or HTT_T2H_MSG_TYPE_PEER_UNMAP messages.
CVE-2018-3568
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, in __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur.
CVE-2018-5827
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing an extscan hotlist event.