Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

News & Commentary
Clearview AI Customers Exposed in Data Breach
Dark Reading Staff, Quick Hits
Customers for the controversial facial recognition company were detailed in a log file leaked to news organizations.
By Dark Reading Staff , 2/27/2020
Comment0 comments  |  Read  |  Post a Comment
Government Employees Unprepared for Ransomware
Dark Reading Staff, Quick Hits
Data shows 73% are concerned about municipal ransomware threats but only 38% are trained on preventing these attacks.
By Dark Reading Staff , 2/27/2020
Comment1 Comment  |  Read  |  Post a Comment
Latest Security News from RSAC 2020
Dark Reading Staff, News
Check out Dark Reading's updated, exclusive coverage of the news and security themes that are dominating RSA Conference 2020 in San Francisco.
By Dark Reading Staff , 2/27/2020
Comment0 comments  |  Read  |  Post a Comment
How We Enabled Ransomware to Become a Multibillion-Dollar Industry
Srinivas Mukkamala, Co-founder & CEO, RiskSenseCommentary
As an industry, we must move beyond one-dimensional approaches to assessing ransomware exposures. Asking these four questions will help.
By Srinivas Mukkamala Co-founder & CEO, RiskSense, 2/27/2020
Comment1 Comment  |  Read  |  Post a Comment
Commonsense Security: Leveraging Dialogue & Collaboration for Better Decisions
Dr. Zvi Guterman, CEO, CloudShareCommentary
Sometimes, good old-fashioned tools can help an enterprise create a cost-effective risk management strategy.
By Dr. Zvi Guterman CEO, CloudShare, 2/26/2020
Comment0 comments  |  Read  |  Post a Comment
5 Ways to Up Your Threat Management Game
Wayne Reynolds, Advisory CISO, Kudelski SecurityCommentary
Good security programs start with a mindset that it's not about the tools, it's what you do with them. Here's how to get out of a reactive fire-drill mode with vulnerability management.
By Wayne Reynolds Advisory CISO, Kudelski Security, 2/26/2020
Comment5 comments  |  Read  |  Post a Comment
Emotet Resurfaces to Drive 145% of Threats in Q4 2019
Kelly Sheridan, Staff Editor, Dark ReadingNews
Analysis of 92 billion rejected emails reveals a range of simple and complex attack techniques for the last quarter of 2019.
By Kelly Sheridan Staff Editor, Dark Reading, 2/26/2020
Comment0 comments  |  Read  |  Post a Comment
Ensure Your Cloud Security Is as Modern as Your Business
Nicolas (Nico) Fischbach, Global CTO at ForcepointCommentary
Take a comprehensive approach to better protect your organization. Security hygiene is a must, but also look at your risk posture through a data protection lens.
By Nicolas (Nico) Fischbach Global CTO at Forcepoint, 2/25/2020
Comment0 comments  |  Read  |  Post a Comment
Cybersecurity Industry: It's Time to Stop the Victim Blame Game
Jessica Smith, Senior Vice President,  The Crypsis GroupCommentary
There are far more ways to be helpful than adding to the noise of what a company probably did wrong.
By Jessica Smith Senior Vice President, The Crypsis Group, 2/25/2020
Comment5 comments  |  Read  |  Post a Comment
Solving the Cloud Data Security Conundrum
Faiyaz Shahpurwala, Chief Product and Strategy Officer for FortanixCommentary
Trusting the cloud involves a change in mindset. You must be ready to use runtime encryption in the cloud.
By Faiyaz Shahpurwala Chief Product and Strategy Officer for Fortanix, 2/24/2020
Comment0 comments  |  Read  |  Post a Comment
7 Tips to Improve Your Employees' Mobile Security
Kelly Sheridan, Staff Editor, Dark Reading
Security experts discuss the threats putting mobile devices at risk and how businesses can better defend against them.
By Kelly Sheridan Staff Editor, Dark Reading, 2/24/2020
Comment0 comments  |  Read  |  Post a Comment
Emotet Malware Rears Its Ugly Head Again
Dark Reading Staff, News
A resurgence in Emotet malware may make it one of the most pervasive security threats of 2020.
By Special to Dark Reading: Brien Posey, ITPro Today , 2/21/2020
Comment0 comments  |  Read  |  Post a Comment
California Man Arrested for Politically Motivated DDoS
Dark Reading Staff, Quick Hits
The distributed denial-of-service attacks took a congressional candidate's website offline for a total of 21 hours during the campaign for office.
By Dark Reading Staff , 2/21/2020
Comment7 comments  |  Read  |  Post a Comment
NRC Health Ransomware Attack Prompts Patient Data Concerns
Dark Reading Staff, Quick Hits
The organization, which sells patient administration tools to hospitals, could not confirm whether patient data was accessed.
By Dark Reading Staff , 2/21/2020
Comment0 comments  |  Read  |  Post a Comment
Olympics Could Face Disruption from Regional Powers
Robert Lemos, Contributing WriterNews
Destructive attacks and disinformation will likely target the Summer Olympics in Tokyo, two groups of threat experts say.
By Robert Lemos Contributing Writer, 2/21/2020
Comment1 Comment  |  Read  |  Post a Comment
Security Now Merges With Dark Reading
Tim Wilson, Editor in Chief, Dark Reading, News
Readers of Security Now will join the Dark Reading community, gaining access to a wide range of cybersecurity content.
By Tim Wilson, Editor in Chief, Dark Reading , 2/21/2020
Comment0 comments  |  Read  |  Post a Comment
Ransomware Damage Hit $11.5B in 2019
Dark Reading Staff, Quick Hits
A new report shows the scale of ransomware's harm and the growth of that damage year-over-year -- an average of $141,000 per incident.
By Dark Reading Staff , 2/20/2020
Comment1 Comment  |  Read  |  Post a Comment
Personal Info of 10.6M MGM Resort Guests Leaked Online
Dark Reading Staff, Quick Hits
Data published on a hacking forum includes phone numbers and email addresses of travelers ranging from everyday tourists to celebrities and tech CEOs.
By Dark Reading Staff , 2/20/2020
Comment0 comments  |  Read  |  Post a Comment
Firms Improve Threat Detection but Face Increasingly Disruptive Attacks
Robert Lemos, Contributing WriterNews
In addition, more third parties are discovering the attacks rather than the companies themselves.
By Robert Lemos Contributing Writer, 2/20/2020
Comment1 Comment  |  Read  |  Post a Comment
Researchers Fool Smart Car Camera with a 2-Inch Piece of Electrical Tape
Jai Vijayan, Contributing WriterNews
McAfee researchers say they were able to get a Tesla to autonomously accelerate by tricking its camera platform into misreading a speed-limit sign.
By Jai Vijayan Contributing Writer, 2/19/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Cybersecurity Industry: It's Time to Stop the Victim Blame Game
Jessica Smith, Senior Vice President, The Crypsis Group,  2/25/2020
Google Adds More Security Features Via Chronicle Division
Robert Lemos, Contributing Writer,  2/25/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
How Enterprises Are Developing and Maintaining Secure Applications
How Enterprises Are Developing and Maintaining Secure Applications
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-9431
PUBLISHED: 2020-02-27
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.
CVE-2020-9432
PUBLISHED: 2020-02-27
openssl_x509_check_host in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values.
CVE-2020-9433
PUBLISHED: 2020-02-27
openssl_x509_check_email in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values.
CVE-2020-9434
PUBLISHED: 2020-02-27
openssl_x509_check_ip_asc in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values.
CVE-2020-6383
PUBLISHED: 2020-02-27
Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.