Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
RSAC Sets Finalists for Innovation Sandbox
5 Measures to Harden Election Technology
9 Things Application Security Champions Need to Succeed
AppSec Concerns Drove 61% of Businesses to Change Applications
Assessing Cybersecurity Risk in Today's Enterprise
News & Commentary
Martin and Dorothie Hellman on Love, Crypto & Saving the World
Sara Peters, Senior Editor at Dark Reading
Martin Hellman, co-creator of the Diffie-Hellman key exchange, and his wife of 53 years, Dorothie, talk about the current state of cryptography and what making peace at home taught them about making peace on Earth.
By Sara Peters Senior Editor at Dark Reading, 2/15/2020
Comment0 comments  |  Read  |  Post a Comment
Phishing Campaign Targets Mobile Banking Users
Jai Vijayan, Contributing WriterNews
Consumers in dozens of countries were targeted, Lookout says.
By Jai Vijayan Contributing Writer, 2/14/2020
Comment0 comments  |  Read  |  Post a Comment
Palm Beach Elections Office Hit with Ransomware Pre-2016 Election
Dark Reading Staff, Quick Hits
Palm Beach County's elections supervisor does not believe the attack is linked to Russian hacking attempts targeting Florida.
By Dark Reading Staff , 2/14/2020
Comment0 comments  |  Read  |  Post a Comment
Ovum to Expand Cybersecurity Research Under New Omdia Group
Dark Reading Staff, News
Informa Tech combines Ovum, Heavy Reading, Tractica, and IHS Markit research.
By Dark Reading Staff , 2/14/2020
Comment0 comments  |  Read  |  Post a Comment
DHS Warns of Cyber Heartbreak
Dark Reading Staff, Quick Hits
Fraudulent dating and relationship apps and websites raise the risks for those seeking online romance on Valentine's Day.
By Dark Reading Staff , 2/14/2020
Comment0 comments  |  Read  |  Post a Comment
The 5 Love Languages of Cybersecurity
Fredrick Commentary
When it comes to building buy-in from the business, all cybersecurity needs is love -- especially when it comes to communication.
By Fredrick "Flee" Lee Chief Security Officer, Gusto, 2/14/2020
Comment0 comments  |  Read  |  Post a Comment
Coronavirus Raises New Business Continuity, Phishing Challenges for InfoSec
Sara Peters, Senior Editor at Dark Reading
What happens when understaffed security teams at home and abroad are sequestered in physical quarantine zones?
By Sara Peters Senior Editor at Dark Reading, 2/13/2020
Comment0 comments  |  Read  |  Post a Comment
DDoS Attacks Nearly Double Between Q4 2018 and Q4 2019
Kelly Sheridan, Staff Editor, Dark ReadingNews
Peer-to-peer botnets, TCP reflection attacks, and increased activity on Sundays are three DDoS attack trends from last quarter.
By Kelly Sheridan Staff Editor, Dark Reading, 2/13/2020
Comment0 comments  |  Read  |  Post a Comment
Architectural Analysis IDs 78 Specific Risks in Machine-Learning Systems
Jai Vijayan, Contributing WriterNews
The new threat model hones in on ML security at the design state.
By Jai Vijayan Contributing Writer, 2/13/2020
Comment1 Comment  |  Read  |  Post a Comment
Babel of IoT Authentication Poses Security Challenges
Robert Lemos, Contributing WriterNews
With more than 80 different schemes for authenticating devices either proposed or implemented, best practices and reference architectures are sorely needed, experts say.
By Robert Lemos Contributing Writer, 2/13/2020
Comment0 comments  |  Read  |  Post a Comment
Huawei Charged with RICO Violations in Federal Court
Dark Reading Staff, Quick Hits
A new set of indictments adds conspiracy to violate RICO statutes to a list of existing charges against the Chinese telecommunications giant.
By Dark Reading Staff , 2/13/2020
Comment0 comments  |  Read  |  Post a Comment
7 Tax Season Security Tips
Steve Zurier, Contributing Writer
Security pros need be on high alert from now until Tax Day on April 15. Here are seven ways to help keep your company safe.
By Steve Zurier Contributing Writer, 2/13/2020
Comment0 comments  |  Read  |  Post a Comment
Small Business Security: 5 Tips on How and Where to Start
Mike Puglia, Chief Strategy Officer at KaseyaCommentary
There is no one-size-fits-all strategy for security, but a robust plan and the implementation of new technologies will help you and your IT team sleep better.
By Mike Puglia Chief Strategy Officer at Kaseya, 2/13/2020
Comment3 comments  |  Read  |  Post a Comment
Apps Remain Favorite Mobile Attack Vector
Dark Reading Staff, Quick Hits
Mobile apps are used in nearly 80% of attacks targeting mobile devices, followed by network and operating system attacks.
By Dark Reading Staff , 2/13/2020
Comment0 comments  |  Read  |  Post a Comment
Forget Hacks... Ransomware, Phishing Are Election Year's Real Threats
Tod Beardsley, Director of Research, Rapid7Commentary
As we gear up for the voting season, let's put aside any links between foreign interference and voting machine security and focus on the actual risks threatening election security.
By Tod Beardsley Director of Research, Rapid7, 2/13/2020
Comment0 comments  |  Read  |  Post a Comment
Third-Party Breaches — and the Number of Records Exposed — Increased Sharply in 2019
Jai Vijayan, Contributing WriterNews
Each breach exposed an average of 13 million records, Risk Based Security found.
By Jai Vijayan Contributing Writer, 2/12/2020
Comment0 comments  |  Read  |  Post a Comment
Avast Under Investigation by Czech Privacy Agency
Dark Reading Staff, Quick Hits
The software security maker is suspected of selling data about more than 100 million users to companies including Google, Microsoft, and Home Depot.
By Dark Reading Staff , 2/12/2020
Comment0 comments  |  Read  |  Post a Comment
FBI: Business Email Compromise Cost Businesses $1.7B in 2019
Kelly Sheridan, Staff Editor, Dark ReadingNews
BEC attacks comprised nearly half of cybercrime losses last year, which totaled $3.5 billion overall as Internet-enabled crimes ramped up.
By Kelly Sheridan Staff Editor, Dark Reading, 2/12/2020
Comment0 comments  |  Read  |  Post a Comment
Stop Defending Everything
Kevin Kurzawa, Senior Information Security AuditorCommentary
Instead, try prioritizing with the aid of a thorough asset inventory.
By Kevin Kurzawa Senior Information Security Auditor, 2/12/2020
Comment3 comments  |  Read  |  Post a Comment
5G Adoption Should Change How Organizations Approach Security
Dark Reading Staff, News
With 5G adoption, businesses will be able to power more IoT devices and perform tasks more quickly, but there will be security ramifications.
By Special to Dark Reading: Karen D. Schwartz, Data Center Knowledge , 2/12/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Products & Releases
Spirent Expands CyberFlood Data Breach Assessment Solution
A10 Networks Unveils Thunder Threat Protection System (TPS)
Farsight Security to Debut Real-Time Security Data Innovations at RSA Conference
Tufin SecureCloud Enables Companies to Secure Hybrid Cloud Environments Without Compromising Business Speed or Agility
Offensive Security Enhances Flagship Penetration Testing with Kali Linux Training Course
Nok Nok Labs Introduces Strong Authentication for IoT Devices -- Standalone and Connected to Cloud Services
One out of Every Five Companies Failed to Fix Vulnerability in the Citrix Software, Making the Internal Network Breachable within a Minute
Netskope Attracts $340 Million in Additional Investment Led by Sequoia Capital Global Equities
More Products & Releases
PR Newswire
edge
Martin and Dorothie Hellman on Love, Crypto & Saving the World
Martin Hellman, co-creator of the Diffie-Hellman key exchange, and his wife of 53 years, Dorothie, talk about the current state of cryptography and what making peace at home taught them about making peace on Earth.
Coronavirus Raises New Business Continuity, Phishing Challenges for InfoSec
What happens when understaffed security teams at home and abroad are sequestered in physical quarantine zones?
Chaos & Order: The Keys to Quantum-Proof Encryption
The implications of chaos form the basis of a new approach to encryption that promises quantum-proof perfect secrecy. But first, your current crypto needs some tidying up.
Register for Dark Reading Newsletters
Cartoon Contest
White Papers
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8996
PUBLISHED: 2020-02-16
AnyShare Cloud 6.0.9 allows authenticated directory traversal to read files, as demonstrated by the interface/downloadwithpath/downloadfile/?filepath=/etc/passwd URI.
CVE-2020-8997
PUBLISHED: 2020-02-16
Abbott FreeStyle Libre 14-day before February 2020 and FreeStyle Libre 2 before February 2020 allow remote attackers to enable write access via a specific NFC unlock command.
CVE-2020-7050
PUBLISHED: 2020-02-15
Codologic Codoforum through 4.8.4 allows a DOM-based XSS. While creating a new topic as a normal user, it is possible to add a poll that is automatically loaded in the DOM once the thread/topic is opened. Because session cookies lack the HttpOnly flag, it is possible to steal authentication cookies ...
CVE-2019-13965
PUBLISHED: 2020-02-14
Because of a lack of sanitization around error messages, multiple Reflective XSS issues exist in iTop through 2.6.0 via the param_file parameter to webservices/export.php, webservices/cron.php, or env-production/itop-backup/backup.php. By default, any XSS sent to the administrator can be transformed...
CVE-2019-13966
PUBLISHED: 2020-02-14
In iTop through 2.6.0, an XSS payload can be delivered in certain fields (such as icon) of the XML file used to build the dashboard. This is similar to CVE-2015-6544 (which is only about the dashboard title).
How Enterprises Are Developing and Maintaining Secure Applications
How Enterprises Are Developing and Maintaining Secure Applications
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
Flash Poll
Video
Slideshows
Twitter Feed