Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
10 iOS Security Tips to Lock Down Your iPhone
Is Zero Trust the Best Answer to the COVID-19 Lockdown?
Election Security in the Age of Social Distancing
7 Ways Parents Can Better Protect Their Online-Gamer Offspring
COVID-19: Latest Security News & Commentary
News & Commentary
Digital Distancing with Microsegmentation
Trevor Pott, Product Marketing Director at Juniper NetworksCommentary
Physical distancing has blunted a virus's impact; the same idea can be applied to computers and networks to minimize breaches, attacks, and infections.
By Trevor Pott Product Marketing Director at Juniper Networks, 5/29/2020
Comment0 comments  |  Read  |  Post a Comment
All Links Are Safe ... Right?
Beyond the Edge, Dark Reading
Today is a perfect day for a security breach.
By Beyond the Edge Dark Reading, 5/29/2020
Comment0 comments  |  Read  |  Post a Comment
Zscaler Buys Edge Networks
Dark Reading Staff, Quick Hits
The acquisition is Zscaler's second major buy this quarter.
By Dark Reading Staff , 5/29/2020
Comment0 comments  |  Read  |  Post a Comment
A Rogues' Gallery of MacOS Malware
Curtis Franklin Jr., Senior Editor at Dark Reading
MacOS isn't immune from malware. Being prepared means understanding the nature of the worst threats a security team is likely to see attacking Macs in the enterprise.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/28/2020
Comment0 comments  |  Read  |  Post a Comment
GitHub Supply Chain Attack Uses Octopus Scanner Malware
Kelly Sheridan, Staff Editor, Dark ReadingNews
Octopus Scanner is a new malware used to compromise 26 open source projects in a massive GitHub supply chain attack.
By Kelly Sheridan Staff Editor, Dark Reading, 5/28/2020
Comment0 comments  |  Read  |  Post a Comment
Researchers ID Hacktivist Who Defaced Nearly 5,000 Websites
Jai Vijayan, Contributing WriterNews
Opsec mistakes lead a Check Point researcher to an individual in Brazil who was behind a longtime hacking campaign.
By Jai Vijayan Contributing Writer, 5/28/2020
Comment0 comments  |  Read  |  Post a Comment
Valak Malware Retasked to Steal Data from US, German Firms
Robert Lemos, Contributing WriterNews
Once considered a loader for other malware, Valak regularly conducts reconnaissance and steals information and credentials, new analysis shows.
By Robert Lemos Contributing Writer, 5/28/2020
Comment0 comments  |  Read  |  Post a Comment
NSA Warns Russia's 'Sandworm' Group Is Targeting Email Servers
Dark Reading Staff, Quick Hits
The Russian military group has been exploiting a flaw in the Exim mail transfer agent since last August, the NSA reports.
By Dark Reading Staff , 5/28/2020
Comment0 comments  |  Read  |  Post a Comment
3 SMB Cybersecurity Myths Debunked
Marc Wilczek, Digital Strategist & COO of Link11Commentary
Small and midsize businesses are better at cyber resilience than you might think.
By Marc Wilczek Digital Strategist & COO of Link11, 5/28/2020
Comment0 comments  |  Read  |  Post a Comment
Vulnerability Disclosures Drop in Q1 for First Time in a Decade
Robert Lemos, Contributing WriterNews
Even with more security issues published on Patch Tuesdays, the total number of software flaws dropped for the first three months of 2020, according to one tally.
By Robert Lemos Contributing Writer, 5/28/2020
Comment0 comments  |  Read  |  Post a Comment
Google, Microsoft Brands Impersonated the Most in Form-Based Attacks
Steve Zurier, Contributing WriterNews
Attackers are preying on users' inclination to click on familiar-looking websites, but instead trick them into sharing usernames and passwords.
By Steve Zurier Contributing Writer, 5/28/2020
Comment0 comments  |  Read  |  Post a Comment
Data Loss Spikes Under COVID-19 Lockdowns
Seth Rosenblatt, Contributing WriterNews
Two new reports suggest a massive gap between how organizations have prepared their cybersecurity defenses and the reality of their efficacy.
By Seth Rosenblatt Contributing Writer, 5/28/2020
Comment0 comments  |  Read  |  Post a Comment
How Elite Protectors Operationalize Security Protection
Maurice Uenuma & A.T. Smith, Vice President, Federal & Enterprise, Tripwire / Independent Cybersecurity ConsultantCommentary
There is no silver bullet for cybersecurity. It takes the right people, with the right mindset, applying the right elements of good security from the data center to the SOC.
By By Maurice Uenuma, VP, Federal & Enterprise, Tripwire, former Special Ops Marine, and A.T. Smith, Former Deputy Director of the U.S. Secret Service , 5/28/2020
Comment0 comments  |  Read  |  Post a Comment
COVID-19: Latest Security News & Commentary
Dark Reading Staff, News
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
By Dark Reading Staff , 5/28/2020
Comment11 comments  |  Read  |  Post a Comment
Netwalker Ransomware Tools Reveal Attacker Tactics and Techniques
Jai Vijayan, Contributing WriterNews
Malware and related files show that ransomware operators don't need a cutting-edge arsenal to be effective.
By Jai Vijayan Contributing Writer, 5/27/2020
Comment0 comments  |  Read  |  Post a Comment
Stay-at-Home Orders Coincide With Massive DNS Surge
Robert Lemos, Contributing WriterNews
A variety of sites saw as much as seven times the number of domain requests in late March and early April, suggesting attackers attempted massive denial-of-service attacks.
By Robert Lemos Contributing Writer, 5/27/2020
Comment1 Comment  |  Read  |  Post a Comment
Cloud Security Architect Proves Hardest Infosec Role to Fill
Dark Reading Staff, Quick Hits
Nearly 70% of businesses struggle to recruit, hire, and retain cybersecurity talent, and many link security incidents to lack of skills.
By Dark Reading Staff , 5/27/2020
Comment2 comments  |  Read  |  Post a Comment
Security 101: SQL Injection
Curtis Franklin Jr., Senior Editor at Dark Reading
A carefully crafted attack can convince a database to reveal all its secrets. Understanding the basics of what the attack looks like and how to protect against it can go a long way toward limiting the threat.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/27/2020
Comment0 comments  |  Read  |  Post a Comment
HackerOne Bounties Hit $100M Milestone
Dark Reading Staff, Quick Hits
The bug-hunting platform has now paid more than $100 million in bounties since October 2013.
By Dark Reading Staff , 5/27/2020
Comment0 comments  |  Read  |  Post a Comment
Standing Privilege: The Attacker's Advantage
Tim Keeler, Founder and CEO, RemediantCommentary
The credential is a commodity and will continue to be breached. As a result, focus and spending must shift toward the access that the credentials provide.
By Tim Keeler Founder and CEO, Remediant, 5/27/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by robeena
Current Conversations thanks for shering     
In reply to: thanks
Post Your Own Reply
Posted by horeakaii
Current Conversations I guess so.  
In reply to: Re: Unhardening
Post Your Own Reply
Posted by EdWelsh
Current Conversations Very interesting)
In reply to: Great!
Post Your Own Reply
More Conversations
Products & Releases
Intrusion Inc. Appoints Jack Blount as President and Chief Executive Officer
Synack's $52 Million Investment Fuels Future of Remote Security Testing from World's Elite Hackers
RiskIQ Creates Complimentary COVID-19 Internet Intelligence Gateway to Fight Pandemic of Cybercrime
RackTop BrickStor SP Secure NAS data security platform now resold by Hewlett Packard Enterprise
New Research Indicates 84% of Businesses Will Likely Increase Work-from-Home Capacity Beyond Pandemic Despite Security Concerns
Smarsh Acquires Entreda, Leader in Cybersecurity Risk & Compliance Software for Wealth Management Industry
FireEye Endpoint Security: Introducing Innovation Architecture for Rapid Deployment of Advanced Capabilities
Avanan Introduces Cloud-based Security for Citrix ShareFile
More Products & Releases
PR Newswire
Security Now Joins Dark Reading

Find out more about the combination of two of the industry's leading cybersecurity news sites.

edge
Security 101: SQL Injection
A carefully crafted attack can convince a database to reveal all its secrets. Understanding the basics of what the attack looks like and how to protect against it can go a long way toward limiting the threat.
How to Pay a Ransom: A Step-By-Step Guide for Something You'd Never Do
Even prior to the COVID-19 pandemic, ransomware attacks were on the rise and becoming more expensive. Now your, um, friend's organization has fallen victim and is going to pay. Here's how they should handle it.
5 Tips for Fighting Credential Stuffing Attacks
With stolen credentials an easy find online, what are some measures to put in place to keep hackers from breaking into secure accounts?
Register for Dark Reading Newsletters
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Someone needs to talk to Simon about showering after riding to work!
White Papers
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5572
PUBLISHED: 2020-05-29
Android App 'Mailwise for Android' 1.0.0 to 1.0.1 allows an attacker to obtain credential information registered in the product via unspecified vectors.
CVE-2020-5573
PUBLISHED: 2020-05-29
Android App 'kintone mobile for Android' 1.0.0 to 2.5 allows an attacker to obtain credential information registered in the product via unspecified vectors.
CVE-2020-13693
PUBLISHED: 2020-05-29
An unauthenticated privilege-escalation issue exists in the bbPress plugin before 2.6.5 for WordPress when New User Registration is enabled.
CVE-2020-13173
PUBLISHED: 2020-05-28
Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphics Agent for Windows versions 19.11.1 and earlier creates an insecure named pipe, which allows an attacker to intercept sensitive information or possibly elevate privileges via pre-installing...
CVE-2019-6342
PUBLISHED: 2020-05-28
An access bypass vulnerability exists when the experimental Workspaces module in Drupal 8 core is enabled. This can be mitigated by disabling the Workspaces module. It does not affect any release other than Drupal 8.7.4.
Flash Poll
Video
Slideshows
Twitter Feed