Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Advanced Threats posted in May 2017
Rethinking Vulnerabilities: Network Infrastructure as a Software System
Commentary  |  5/31/2017  | 
Increasing complexity is putting networks at risk. It's time to shift our security approach and take some lessons from software development.
Securing IoT Devices Requires a Change in Thinking
Commentary  |  5/30/2017  | 
There's no magic bullet for IoT security, but there are ways to help detect and mitigate problems.
Elections, Deceptions & Political Breaches
Commentary  |  5/26/2017  | 
Political hacks have many lessons for the business world.
Staying a Step Ahead of Internet Attacks
Commentary  |  5/23/2017  | 
There's no getting around the fact that targeted attacks, such as spearphishing, will happen. But you can figure out the type of attack to expect next.
All Generations, All Risks, All Contained: A How-To Guide
Commentary  |  5/18/2017  | 
Organizations must have a security plan that considers all of their employees.
WannaCry: Ransomware Catastrophe or Failure?
Commentary  |  5/18/2017  | 
Using Bitcoin payments as a measure, the WannaCry attack is not nearly as profitable as the headlines suggest. But you should still patch your Windows systems and educate users.
Why We Need a Data-Driven Cybersecurity Market
Commentary  |  5/17/2017  | 
NIST should bring together industry to create a standard set of metrics and develop better ways to share information.
New Threat Research Shows Vietnam a Rising Force in Cyberespionage
News  |  5/16/2017  | 
FireEye report on APT32 puts evidence together of a group attacking private and public targets for the sake of Vietnamese state interests.
The Wide-Ranging Impact of New York's Cybersecurity Regulations
Commentary  |  5/16/2017  | 
New York's toughest regulations yet are now in effect. Here's what that means for your company.
8 Notorious Russian Hackers Arrested in the Past 8 Years
Slideshows  |  5/12/2017  | 
Lesson learned by Russian cybercriminals: Don't go on vacation, it's bad for your freedom to scam.
What Developers Don't Know About Security Can Hurt You
Commentary  |  5/11/2017  | 
Developers won't start writing secure code just because you tell them it's part of their job. You need to give them the right training, support, and tools to instill a security mindset.
Your IoT Baby Isn't as Beautiful as You Think It Is
Commentary  |  5/10/2017  | 
Both development and evaluation teams have been ignoring security problems in Internet-connected devices for too long. That must stop.
Why Cyber Attacks Will Continue until Prevention Becomes a Priority
Commentary  |  5/8/2017  | 
Organizations must rethink their security measures. Focus on training, getting rid of old tech, and overcoming apathy.
How to Integrate Threat Intel & DevOps
Commentary  |  5/4/2017  | 
Automating intelligence can help your organization in myriad ways.
7 Steps to Fight Ransomware
Commentary  |  5/3/2017  | 
Perpetrators are shifting to more specific targets. This means companies must strengthen their defenses, and these strategies can help.
What's in a Name? Breaking Down Attribution
Commentary  |  5/2/2017  | 
Here's what you really need to know about adversaries.
The Cyber-Committed CEO & Board
Commentary  |  5/1/2017  | 
Here is what CISOs need to communicate to upper management about the business risks of mismanaging cybersecurity.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The Promise and Reality of Cloud Security
Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises address the associated security risks. This report - a compilation of cutting-edge Black Hat research, in-depth Omdia analysis, and comprehensive Dark Reading reporting - explores how cloud security is rapidly evolving.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-0519
PUBLISHED: 2023-01-26
Cross-site Scripting (XSS) - Stored in GitHub repository modoboa/modoboa prior to 2.0.4.
CVE-2023-0493
PUBLISHED: 2023-01-26
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.7.5.
CVE-2022-46967
PUBLISHED: 2023-01-26
An access control issue in Revenue Collection System v1.0 allows unauthenticated attackers to view the contents of /admin/DBbackup/ directory.
CVE-2022-46966
PUBLISHED: 2023-01-26
Revenue Collection System v1.0 was discovered to contain a SQL injection vulnerability at step1.php.
CVE-2023-0455
PUBLISHED: 2023-01-26
Unrestricted Upload of File with Dangerous Type in GitHub repository unilogies/bumsys prior to v1.0.3-beta.