Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
Cybercriminal's Black Market Pricing Guide
6 Questions to Ask Once You've Learned of a Breach
Poll Results: Maybe Not Burned Out, But Definitely 'Well Done'
Name That Toon: SOC Puppets
Security Leaders Share Tips for Boardroom Chats
News & Commentary
Crowdsourced Security & the Gig Economy
Alex Haynes, Chief Information Security Officer, CDLCommentary
Crowdsourced platforms have redefined both pentesting and the cybersecurity gig economy. Just not in a good way.
By Alex Haynes Chief Information Security Officer, CDL, 9/19/2019
Comment0 comments  |  Read  |  Post a Comment
The 20 Worst Metrics in Cybersecurity
Ericka Chickowski, Contributing Writer
Security leaders are increasingly making their case through metrics, as well they should — as long as they're not one of these.
By Ericka Chickowski Contributing Writer, 9/19/2019
Comment1 Comment  |  Read  |  Post a Comment
Saudi IT Providers Hit in Cyber Espionage Operation
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Symantec identifies new 'Tortoiseshell' nation-state group as the attackers.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 9/18/2019
Comment0 comments  |  Read  |  Post a Comment
WannaCry Detections At An All-Time High
Jai Vijayan, Contributing WriterNews
More than 12,000 variants of the infamous malware are targeting systems that are still open to the EternalBlue exploit - but the potential danger is low, Sophos warns.
By Jai Vijayan Contributing Writer, 9/18/2019
Comment0 comments  |  Read  |  Post a Comment
How Cybercriminals Exploit Simple Human Mistakes
Kelly Sheridan, Staff Editor, Dark ReadingNews
A new report explores how attackers identify psychological vulnerabilities to effectively manipulate targets.
By Kelly Sheridan Staff Editor, Dark Reading, 9/18/2019
Comment0 comments  |  Read  |  Post a Comment
The Top 'Human Hacks' to Watch For Now
Joan Goodchild, Contributing Writer
Social engineering is as old as mankind. But its techniques have evolved with time. Here are the latest tricks criminals are using to dupe end users.
By Joan Goodchild Contributing Writer, 9/18/2019
Comment0 comments  |  Read  |  Post a Comment
GitHub Becomes CVE Numbering Authority, Acquires Semmle
Dark Reading Staff, Quick Hits
Latest moves will make it much more likely that vulnerabilities in open source projects will be found and reported, GitHub says.
By Dark Reading Staff , 9/18/2019
Comment0 comments  |  Read  |  Post a Comment
DevSecOps: Recreating Cybersecurity Culture
Steve Martino, Senior Vice President, Chief Information Security Officer, CiscoCommentary
Bringing developers and security teams together guided by a common goal requires some risk-taking. With patience and confidence, it will pay off. Here's how.
By Steve Martino Senior Vice President, Chief Information Security Officer, Cisco, 9/18/2019
Comment0 comments  |  Read  |  Post a Comment
New Security Startup Emerges from Stealth Mode
Dark Reading Staff, Quick Hits
GK8 creates proprietary platform for securing blockchain transactions, no Internet needed.
By Dark Reading Staff , 9/18/2019
Comment0 comments  |  Read  |  Post a Comment
One Arrested in Ecuador's Mega Data Leak
Dark Reading Staff, Quick Hits
Officials arrest a leader of consulting firm Novaestrat, which owned an unprotected server that exposed 20.8 million personal records.
By Dark Reading Staff , 9/18/2019
Comment0 comments  |  Read  |  Post a Comment
Cryptominer Attacks Ramp Up, Focus on Persistence
Robert Lemos, Contributing WriterNews
The latest attacks, such as Skidmap and Smominru, add capabilities to allow them to persist longer on Windows and Linux systems, surviving initial attempts at eliminating them.
By Robert Lemos Contributing Writer, 9/18/2019
Comment0 comments  |  Read  |  Post a Comment
24.3M Unsecured Health Records Expose Patient Data, Images
Dark Reading Staff, Quick Hits
Several hundred servers storing medical data are connected to the Internet without any protection for sensitive information and images.
By Dark Reading Staff , 9/18/2019
Comment0 comments  |  Read  |  Post a Comment
A Virus Walks Into a Bar ...
Beyond the Edge, Dark Reading
Laughter is, well, contagious. Jokes begin in earnest at the one-minute mark.
By Beyond the Edge Dark Reading, 9/18/2019
Comment0 comments  |  Read  |  Post a Comment
How Ransomware Criminals Turn Friends into Enemies
Chester Wisniewski, Principal Research Scientist, SophosCommentary
Managed service providers are the latest pawns in ransomware's game of chess.
By Chester Wisniewski Principal Research Scientist, Sophos, 9/18/2019
Comment0 comments  |  Read  |  Post a Comment
Poll Results: Maybe Not Burned Out, But Definitely 'Well Done'
Sara Peters, Senior Editor at Dark Reading
Staff shortages and increasingly challenging jobs are turning up the heat on security pros, readers say.
By Sara Peters Senior Editor at Dark Reading, 9/17/2019
Comment0 comments  |  Read  |  Post a Comment
MITRE Releases 2019 List of Top 25 Software Weaknesses
Kelly Sheridan, Staff Editor, Dark ReadingNews
The list includes the most frequent and critical weaknesses that can lead to serious software vulnerabilities.
By Kelly Sheridan Staff Editor, Dark Reading, 9/17/2019
Comment0 comments  |  Read  |  Post a Comment
Snowden Sued by US Government Over His New Book
Dark Reading Staff, Quick Hits
Civil suit argues the former CIA employee and NSA contractor violated his nondisclosure agreements with the two intel agencies.
By Dark Reading Staff , 9/17/2019
Comment0 comments  |  Read  |  Post a Comment
Five Common Cloud Configuration Mistakes
Peter Smith, Founder & Chief Executive Officer, Edgewise NetworksCommentary
It's a joint responsibility to keep data safe in the cloud. Here's what cloud customers must do to keep their end of the bargain.
By Peter Smith Founder & Chief Executive Officer, Edgewise Networks, 9/17/2019
Comment0 comments  |  Read  |  Post a Comment
Cybercriminal's Black Market Pricing Guide
Ericka Chickowski, Contributing Writer
Common prices criminals pay one other for products and services that fuel the cybercriminal ecosystem.
By Ericka Chickowski Contributing Writer, 9/17/2019
Comment0 comments  |  Read  |  Post a Comment
15K Private Webcams Could Let Attackers View Homes, Businesses
Dark Reading Staff, Quick Hits
Webcams could be potentially accessed and manipulated by anyone with an Internet connection, researchers say.
By Dark Reading Staff , 9/17/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Products & Releases
ThreatConnect Partners with RSA® To Bring New SOAR Solution to Market
Business Leaders Have Less Than One Day Each Year to Focus on Cyberrisk: Marsh, Microsoft
KnowBe4 to Offer $10,000 Women in Cybersecurity Scholarship, Summer 2020 Internship
New IRONSCALES Research Finds Microsoft ATP Takes Up to 250 Days to Create Phishing Attack Signatures
Lacework Closes $42M Financing Round & Adds Cloud Security Leader Andy Byron as President
CISA Launches First Annual President's Cup Cybersecurity Competition
Nexusguard research reveals 1,000% increase in DNS amplification attacks
Stanford Launches Foundations of Information Security Course
More Products & Releases
PR Newswire
edge
edge
The 20 Worst Metrics in Cybersecurity
Security leaders are increasingly making their case through metrics, as well they should -- as long as they're not one of these.
The Top 'Human Hacks' to Watch For Now
Social engineering is as old as mankind. But its techniques have evolved with time. Here are the latest tricks criminals are using to dupe end users.
Any Advice for Assessing Third-Party Risk?
Here are five tips about what not to do when assessing the cyber-risk introduced by a third-party supplier.
Register for Dark Reading Newsletters
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: I don't think legal is taking our concerns about identity theft seriously.
White Papers
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-15943
PUBLISHED: 2019-09-19
vphysics.dll in Counter-Strike: Global Offensive before 1.37.1.1 allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a memset call.
CVE-2019-16413
PUBLISHED: 2019-09-19
An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect i_size_write() properly, which causes an i_size_read() infinite loop and denial of service on SMP systems.
CVE-2019-3738
PUBLISHED: 2019-09-18
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Improper Verification of Cryptographic Signature vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce two parties into computing the same predictable shared key.
CVE-2019-3739
PUBLISHED: 2019-09-18
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover ECDSA keys.
CVE-2019-3740
PUBLISHED: 2019-09-18
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover DSA keys.
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Here’s some insight on what's working – and what isn't – in the data center.
Flash Poll
Video
Slideshows
Twitter Feed