Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content tagged with Perimeter
Page 1 / 2   >   >>
8 Ways Ransomware Operators Target Your Network
Slideshows  |  2/22/2021  | 
Security researchers explore how criminals are expanding their arsenals with new, more subtle, and more effective ransomware attack techniques.
Microsoft Azure Front Door Gets a Security Upgrade
News  |  2/18/2021  | 
New SKUs in Standard and Premium preview beef up the security of the content delivery network platform.
Hiding in Plain Sight: What the SolarWinds Attack Revealed About Efficacy
Commentary  |  2/18/2021  | 
Multilayered infiltration involved custom malicious tooling, backdoors, and cloaked code, far beyond the skills of script kiddies.
Enterprise Windows Threats Drop as Mac Attacks Rise: Report
News  |  2/17/2021  | 
An analysis of 2020 malware activity indicates businesses should be worried about internal hack tools, ransomware, and spyware in the year ahead.
Strata Identity Raises $11M in Series A Round
Quick Hits  |  2/16/2021  | 
The series A round of funding, led by Menlo Ventures, will help Strata scale its distributed identity technology.
How to Submit a Column to Dark Reading
Commentary  |  2/15/2021  | 
Have a new idea, a lesson learned, or a call to action for your fellow cybersecurity professionals? Here's how to submit your Commentary pieces to Dark Reading.
SASE Surge: Why the Market Is Poised to Grow
News  |  2/10/2021  | 
Analysts who anticipate the SASE market will expand by more than a factor of five before 2025 explain reasons behind the surge.
SentinelOne Buys Data Analytics Company Scalyr
Quick Hits  |  2/9/2021  | 
Cloud-based big data platform boosts extended detection and response (XDR) offering.
Cartoon Caption Winner: Insider Threat
Commentary  |  2/8/2021  | 
And the winner of Dark Reading's January cartoon caption contest is ...
SolarWinds Attackers Spent Months in Corporate Email System: Report
Quick Hits  |  2/3/2021  | 
SolarWinds' CEO says evidence indicates attackers lurked in the company's Office 365 email system for months ahead of the attack.
Agent Tesla Upgrades with New Delivery & Evasion Tactics
News  |  2/2/2021  | 
A new version of the remote access Trojan targets Microsoft Anti-Malware Software Interface to bypass endpoint detection.
Average Ransom Payments Declined Last Quarter
News  |  2/2/2021  | 
More victims appear to be realizing that paying a ransom doesn't guarantee stolen data will be purged.
Strengthening Zero-Trust Architecture
Commentary  |  2/1/2021  | 
Organizations that want to stay ahead of cybercriminals will find that going beyond user trust and device trust is critical for outwitting their adversaries.
Digital Identity Is the New Security Control Plane
Commentary  |  1/28/2021  | 
Simplifying the management of security systems helps provide consistent protection for the new normal.
Security's Inevitable Shift to the Edge
Commentary  |  1/27/2021  | 
As the edge becomes the place for DDoS mitigation, Web app security, and other controls, SASE is the management platform to handle them all.
Mainframe Security Automation Is Not a Luxury
Commentary  |  1/26/2021  | 
As cyber threats grow, even the most securable platform is vulnerable and requires adaptive autonomous protection.
SonicWall Is Latest Security Vendor to Disclose Cyberattack
News  |  1/25/2021  | 
The network security firm is investigating a coordinated campaign in which attackers exploited vulnerabilities in SonicWall's products.
Vulnerabilities in Popular DNS Software Allow Poisoning
News  |  1/19/2021  | 
Seven flaws in DNSMasq have limited impact, but in combination they could be chained to create a multistaged attack.
Huntress Acquires EDR Technology From Level Effect
Quick Hits  |  1/13/2021  | 
Huntress seeks to improve its detection and response capabilities with a more comprehensive view of endpoint security.
The Data-Centric Path to Zero Trust
Commentary  |  1/13/2021  | 
Data is an organization's most valuable asset, so a data-centric approach would provide the best value for organizations, now and in the future.
COVID-19's Acceleration of Cloud Migration & Identity-Centric Security
Commentary  |  1/4/2021  | 
Here are some tips for updating access control methods that accommodate new remote working norms without sacrificing security.
Microsoft Ups Security of Azure AD, Identity
News  |  12/22/2020  | 
A roundup of Microsoft's recent security news and updates that focus on protecting identity.
Law Enforcement Disrupts VPN Services Enabling Cybercrime
Quick Hits  |  12/22/2020  | 
The United States and international partners shut down three bulletproof hosting services used to facilitate criminal activity.
FBI Warns of DoppelPaymer Attacks on Critical Infrastructure
Quick Hits  |  12/18/2020  | 
The operators behind DoppelPaymer have begun calling victims to pressure them into paying ransom, officials say.
Rising to the Challenge: Perspectives from Security Leaders on 2020 and Beyond
News  |  12/17/2020  | 
For those who work in the security industry 2020 has been a particularly challenging year. Chris Price talks to five industry leaders from different perspectives in the sector about how they coped with COVID and asks them to look forward to 2021.
VPNs, MFA & the Realities of Remote Work
Commentary  |  12/17/2020  | 
The work-from-home-era is accelerating cloud-native service adoption.
The Line Between Physical Security & Cybersecurity Blurs as World Gets More Digital
Commentary  |  12/10/2020  | 
Security teams are being challenged by the connected nature of IP devices, and preventing them from being compromised by cybercriminals has become an essential part of keeping people and property safe.
Former Microsoft Cloud Security Leads Unveil New Startup
Quick Hits  |  12/9/2020  | 
Wiz has raised $100 million since its January launch and plans to help businesses with visibility into cloud security threats.
Fortinet Purchases Panopta
Quick Hits  |  12/8/2020  | 
The acquisition is intended to improve the visibility and automated response capabilities of Fortinet's Security Fabri.
Microsoft Cloud Security Exec Talks New Tech, WFH, Gamification
News  |  12/4/2020  | 
Gunter Ollmann explains the benefits of CSPM technology, how IT security teams have evolved, and how the pandemic has shaped security.
Cybersecurity in the Biden Administration: Experts Weigh In
News  |  12/2/2020  | 
Security pros and former government employees share their expectations and concerns for the new administration and their hope for a "return to normal."
Ivanti Acquires MobileIron & Pulse Secure
Quick Hits  |  12/1/2020  | 
The company plans to use these acquisitions to strengthen and secure IT connections across remote devices and infrastructure.
Do You Know Who's Lurking in Your Cloud Environment?
News  |  11/25/2020  | 
A security researcher explains the dangers of poor visibility in the cloud and a new strategy to evaluate IAM exposure in Google Cloud Platform.
Cloud Security Startup Lightspin Emerges From Stealth
News  |  11/24/2020  | 
The startup, founded by former white-hat hackers, has secured a $4 million seed round to close security gaps in cloud environments.
New Proposed DNS Security Features Released
News  |  11/19/2020  | 
Verisign's R&D team has developed new ways to authenticate and optimize DNS traffic on the client side of the domain-name resolution process.
Out With the Old Perimeter, in With the New Perimeters
Commentary  |  11/18/2020  | 
A confluence of trends and events has exploded the whole idea of "the perimeter." Now there are many perimeters, and businesses must adjust accordingly.
Breakdown of a Break-in: A Manufacturer's Ransomware Response
News  |  11/16/2020  | 
The analysis of an industrial ransomware attack reveals common tactics and proactive steps that businesses can take to avoid similar incidents.
Global Pandemic Fuels Cyber-Threat Workload for National Cyber Security Centre, Shows Annual Review
News  |  11/16/2020  | 
From securing the Nightingale hospitals to tackling threats to vaccine research and production, a large part of the National Cyber Security Centre's (NCSC) recent work in the UK has been related to the coronavirus pandemic, as Ron Alalouff discovered when reporting on its Annual Review.
A Call for Change in Physical Security
Commentary  |  11/16/2020  | 
We're at an inflection point. The threats we face are dynamic, emerging, and global. Are you ready?
The Sameness of Every Day: How to Change Up Audit Fatigue
Commentary  |  11/13/2020  | 
And with more data compliance laws on the way, audit fatigue could be a real challenge for infosec professionals.
7 Cool Cyberattack and Audit Tools to be Highlighted at Black Hat Europe
Slideshows  |  11/12/2020  | 
Platforms, open source tools, and other toolkits for penetration testers and other security practitioners will be showcased at this week's virtual event.
Security Hiring Plans Remain Constant Despite Pandemic
News  |  11/11/2020  | 
Although we saw workforce gains this year, 56% of businesses surveyed report staff shortages are putting their organization at risk.
3 Tips For Successfully Running Tech Outside the IT Department
Commentary  |  11/11/2020  | 
When marketing opts for "extra-departmental IT," coordination and communication are required to keep things secured.
Barracuda to Acquire Fyde for Zero-Trust Capabilities
Quick Hits  |  11/11/2020  | 
Plans call for expanding the Barracuda CloudGen SASE platform.
Cloud Usage, Biometrics Surge As Remote Work Grows Permanent
News  |  11/10/2020  | 
A new report reveals organizations are increasing their adoption of biometric authentication and disallowing SMS as a login method.
Overlooked Security Risks of the M&A Rebound
Commentary  |  11/10/2020  | 
Successful technology integration, post-merger, is tricky in any market, and never more so than with today's remote work environments and distributed IT infrastructure.
Preventing and Mitigating DDoS Attacks: It's Elementary
Commentary  |  11/9/2020  | 
Following a spate of cyberattacks nationwide, school IT teams need to act now to ensure their security solution makes the grade.
CSA Moves to Redefine Cloud-Based Intelligence
Commentary  |  11/4/2020  | 
The new paradigm seeks to understand, integrate, and automate data workflows, and better yet, doesn't require significant investment or more personnel.
Neustar Agrees to Buy Verisign's Public DNS Service
Quick Hits  |  11/3/2020  | 
The address space for Verisign Public DNS will be incorporated into Neustar's UltraDNS Public service following the acquisition.
Oracle Issues Out-of-Band Update for Remote-Access Vulnerability
Quick Hits  |  11/3/2020  | 
The exploit could give an attacker complete control of vulnerable WebLogic servers.
Page 1 / 2   >   >>


News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-12702
PUBLISHED: 2021-02-24
Weak encryption in the Quick Pairing mode in the eWeLink mobile application (Android application V4.9.2 and earlier, iOS application V4.9.1 and earlier) allows physically proximate attackers to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during the...
CVE-2021-20660
PUBLISHED: 2021-02-24
Cross-site scripting vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to inject an arbitrary script via unspecified vectors.
CVE-2021-20661
PUBLISHED: 2021-02-24
Directory traversal vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows authenticated attackers to delete arbitrary files and/or directories on the server via unspecified vectors.
CVE-2021-20662
PUBLISHED: 2021-02-24
Missing authentication for critical function in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to alter the setting information without the access privileges via unspecified vectors.
CVE-2021-20656
PUBLISHED: 2021-02-24
Exposure of information through directory listing in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain the information inside the system, such as directories and/or file configurations via unspecified vectors.