Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
How to Decipher InfoSec Job Titles' Mysteries
8 Cybersecurity Themes to Expect at Black Hat USA 2020
11 Security Tools to Expect at the Black Hat USA 2020 Arsenal Virtual Event
Q&A: How Systemic Racism Weakens Cybersecurity
COVID-19: Latest Security News & Commentary
News & Commentary
Research Casts Doubt on Value of Threat Intel Feeds
Robert Lemos, Contributing WriterNews
Two commercial threat intelligence services and four open source feeds rarely provide the same information, raising questions about how security teams should gauge their utility.
By Robert Lemos Contributing Writer, 8/14/2020
Comment0 comments  |  Read  |  Post a Comment
IcedID Shows Obfuscation Sophistication in New Campaign
Dark Reading Staff, Quick Hits
The malware's developers have turned to dynamic link libraries (DLLs) to hide their work.
By Dark Reading Staff , 8/14/2020
Comment0 comments  |  Read  |  Post a Comment
DHS CISA Warns of Phishing Emails Rigged with KONNI Malware
Dark Reading Staff, Quick Hits
Konni is a remote administration tool cyberattackers use to steal files, capture keystrokes, take screenshots, and execute malicious code.
By Dark Reading Staff , 8/14/2020
Comment0 comments  |  Read  |  Post a Comment
7 Ways to Keep Your Remote Workforce Safe
Steve Zurier, Contributing Writer
These tips will help you chart a course for a security strategy that just may become part of the normal way organizations will function over the next several years.
By Steve Zurier Contributing Writer, 8/14/2020
Comment1 Comment  |  Read  |  Post a Comment
WFH Summer 2020 Caption Contest Winners
Marilyn Cohodas, Managing Editor, Dark ReadingCommentary
Clever wordplay on sandcastles, sandboxes, zero trust. and granular controls. And the winners are ...
By Marilyn Cohodas Managing Editor, Dark Reading, 8/14/2020
Comment0 comments  |  Read  |  Post a Comment
COVID-19: Latest Security News & Commentary
Dark Reading Staff, News
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
By Dark Reading Staff , 8/14/2020
Comment19 comments  |  Read  |  Post a Comment
CISA Warns of Phishing Campaign with Loan-Relief Lure
Dark Reading Staff, Quick Hits
Phishing emails and fake website promise help with the Small Business Administration's program that aids those affected by COVID-19.
By Dark Reading Staff , 8/13/2020
Comment0 comments  |  Read  |  Post a Comment
Healthcare Industry Sees Respite From Attacks in First Half of 2020
Robert Lemos, Contributing WriterNews
Breach disclosures are down, and reported ransomware attacks have also plummeted. Good news -- or a calm before the storm?
By Robert Lemos Contributing Writer, 8/13/2020
Comment1 Comment  |  Read  |  Post a Comment
Business Email Compromise Attacks Involving MFA Bypass Increase
Jai Vijayan, Contributing WriterNews
Adversaries are using legacy email clients to access and take over accounts protected with strong authentication, Abnormal Security says.
By Jai Vijayan Contributing Writer, 8/13/2020
Comment0 comments  |  Read  |  Post a Comment
RedCurl APT Group Hacks Global Companies for Corporate Espionage
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers analyze a presumably Russian-speaking APT group that has been stealing corporate data since 2018.
By Kelly Sheridan Staff Editor, Dark Reading, 8/13/2020
Comment0 comments  |  Read  |  Post a Comment
The Race to Hack a Satellite at DEF CON
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Eight teams competed to win cash, bragging rights, and the chance to control a satellite in space.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/13/2020
Comment0 comments  |  Read  |  Post a Comment
Boeing's DEF CON Debut a Sign of the Times
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
In the wake of a stalemate between the airplane manufacturer and a security researcher over vulns found in its 787 aircraft's network, Boeing says it's ready to "embrace" the hacker community.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/13/2020
Comment0 comments  |  Read  |  Post a Comment
Secure Development Takes a (Remote) Village
Guy Podjarny, CEO & Cofounder, SnykCommentary
The shift to work from home isn't just about giving your Dev team the physical tools they need.
By Guy Podjarny CEO & Cofounder, Snyk, 8/13/2020
Comment0 comments  |  Read  |  Post a Comment
NSA & FBI Disclose New Russian Cyberespionage Malware
Dark Reading Staff, Quick Hits
APT 28, aka Fancy Bear, is deploying the Drovorub malware designed for Linux systems as part of cyber-espionage operations.
By Dark Reading Staff , 8/13/2020
Comment0 comments  |  Read  |  Post a Comment
Black Hat USA 2020 Shines Spotlight on the Mental Challenges of Cybersecurity
Eric Parizo, Senior Analyst, OmdiaCommentary
Infosec practitioners face a variety of mental struggles in areas such as awareness training, problem solving, or general mental health. Several sessions at Black Hat USA 2020 highlighted these challenges and how to overcome them.
By Eric Parizo Senior Analyst, Omdia, 8/13/2020
Comment0 comments  |  Read  |  Post a Comment
Security Jobs With a Future -- And Ones on the Way Out
Joan Goodchild, Contributing Writer
Some titles are hot, while others are not, amid rapidly shifting business priorities.
By Joan Goodchild Contributing Writer, 8/13/2020
Comment0 comments  |  Read  |  Post a Comment
With iOS's Privacy Nutrition Label, Apple Upstages Regulators
Heather Federman, VP of Privacy & Policy at BigIDCommentary
New iOS privacy features require developers to disclose what data they're collecting, how they're using it, and with whom they share it.
By Heather Federman VP of Privacy & Policy at BigID, 8/13/2020
Comment0 comments  |  Read  |  Post a Comment
Adaptive Shield Emerges From Stealth
Jai Vijayan, Contributing WriterNews
Israeli startup joins growing number of vendors offering platform for detecting and mitigating common configuration errors in cloud environments.
By Jai Vijayan Contributing Writer, 8/13/2020
Comment0 comments  |  Read  |  Post a Comment
Emotet Return Brings New Tactics & Evasion Techniques
Kelly Sheridan, Staff Editor, Dark ReadingNews
Security researchers tracking Emotet report its reemergence brings new tricks, including new evasion techniques to bypass security tools.
By Kelly Sheridan Staff Editor, Dark Reading, 8/13/2020
Comment0 comments  |  Read  |  Post a Comment
FireEye Announces New Bug-Bounty Program
Dark Reading Staff, Quick Hits
The program, administered by Bugcrowd, will pay bounties of up to $2,500 per vulnerability.
By Dark Reading Staff , 8/12/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Products & Releases
Osterman Research Finds Cyber Crisis Preparation Failing to Adapt to Modern Threats
Forescout Technologies Announces New Capabilities and Platform Updates
Perimeter 81 Raises $40 Million in Series B Funding Led by Insight Partners
Mimecast Redefines Phish Testing and Training with SAFE Phish
Censys Raises $15.5 Million; Announces New Scan Engine That Sees 44% More of the Internet
RangeForce Raises $16 Million to Help Enterprises Build Highly Skilled Cybersecurity Teams
Calyptix Security Releases AccessEnforcer 5.0 Beta
Exabeam Announces New Use Case Licensing and Content Library to Simplify SIEM Adoption, Enable Increased Visibility
More Products & Releases
PR Newswire
Security Now Joins Dark Reading

Find out more about the combination of two of the industry's leading cybersecurity news sites.

Security Jobs With a Future -- And Ones on the Way Out
Some titles are hot, while others are not, amid rapidly shifting business priorities.
Name That Toon: 'Rise' and Shine
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
Zero-Trust Security 101
What are the tenets and fundamental spirit of zero-trust architecture -- without the marketing speak?
Register for Dark Reading Newsletters
Cartoon
White Papers
Current Issue
7 New Cybersecurity Vulnerabilities That Could Put Your Enterprise at Risk
In this Dark Reading Tech Digest, we look at the ways security researchers and ethical hackers find critical vulnerabilities and offer insights into how you can fix them before attackers can exploit them.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-17475
PUBLISHED: 2020-08-14
Lack of authentication in the network relays used in MEGVII Koala 2.9.1-c3s allows attackers to grant physical access to anyone by sending packet data to UDP port 5000.
CVE-2020-0255
PUBLISHED: 2020-08-14
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-10751. Reason: This candidate is a duplicate of CVE-2020-10751. Notes: All CVE users should reference CVE-2020-10751 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidenta...
CVE-2020-14353
PUBLISHED: 2020-08-14
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-18270. Reason: This candidate is a duplicate of CVE-2017-18270. Notes: All CVE users should reference CVE-2017-18270 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidenta...
CVE-2020-17464
PUBLISHED: 2020-08-14
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2020-17473
PUBLISHED: 2020-08-14
Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to obtain a long-lasting token by impersonating the server.
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Flash Poll
Video
Slideshows
Twitter Feed