Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
6 Tips for Getting the Most From Nessus
7 IoT Tips for Home Users
Profile of the Post-Pandemic CISO
Name That Toon: Tough Times, Tough Measures
COVID-19: Latest Security News & Commentary
News & Commentary
Google Cloud Unveils 'Confidential VMs' to Protect Data in Use
Kelly Sheridan, Staff Editor, Dark ReadingNews
Confidential Virtual Machines, now in beta, will let Google Cloud customers keep data encrypted while it's in use.
By Kelly Sheridan Staff Editor, Dark Reading, 7/14/2020
Comment0 comments  |  Read  |  Post a Comment
Critical Vulnerability Hits SAP Enterprise Applications
Dark Reading Staff, Quick Hits
RECON could allow an unauthenticated attacker to take control of SAP enterprise applications through the web interface.
By Dark Reading Staff , 7/14/2020
Comment0 comments  |  Read  |  Post a Comment
New Mirai Variant Surfaces With Exploits for 9 Vulnerabilities Products
Jai Vijayan, Contributing WriterNews
Impacted products include routers, IP cameras, DVRs, and smart TVs.
By Jai Vijayan Contributing Writer, 7/14/2020
Comment0 comments  |  Read  |  Post a Comment
Crypto-Primer: Encryption Basics Every Security Pro Should Know
Jan Youngren, Cybersecurity Expert, VPNpro.comCommentary
With so many choices for encrypting data and communication, it's important to know the pros and cons of different techniques.
By Jan Youngren Cybersecurity Expert, VPNpro.com, 7/14/2020
Comment0 comments  |  Read  |  Post a Comment
99% of Websites at Risk of Attack Via JavaScript Plug-ins
Steve Zurier, Contributing WriterNews
The average website includes content from 32 different third-party JavaScript programs, new study finds.
By Steve Zurier Contributing Writer, 7/14/2020
Comment0 comments  |  Read  |  Post a Comment
COVID-19: Latest Security News & Commentary
Dark Reading Staff, News
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
By Dark Reading Staff , 7/14/2020
Comment13 comments  |  Read  |  Post a Comment
Zero-Trust Efforts Rise with the Tide of Remote Working
Robert Lemos, Contributing WriterNews
With employees likely to continue to spend much, if not all, of their time working from home, companies are focusing more on technologies to boost the security of their now-distributed workplace.
By Robert Lemos Contributing Writer, 7/13/2020
Comment0 comments  |  Read  |  Post a Comment
A Paramedic's Lessons for Cybersecurity Pros
Kelly Sheridan, Staff Editor, Dark ReadingNews
A paramedic turned cybersecurity expert shares his experiences in both fields, highlights their similarities, and explains how they can learn from each other.
By Kelly Sheridan Staff Editor, Dark Reading, 7/13/2020
Comment0 comments  |  Read  |  Post a Comment
Lost in Translation: Serious Flaws Found in ICS Protocol Gateways
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
These oft-forgotten devices contain serious vulnerabilities that allow attackers to hack OT systems remotely, researchers will reveal at Black Hat USA next month.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/13/2020
Comment0 comments  |  Read  |  Post a Comment
Russian Hacker Convicted for Social Network Hacks
Dark Reading Staff, Quick Hits
The Russian national was convicted of hacking into accounts at LinkedIn, Dropbox, and Formspring.
By Dark Reading Staff , 7/13/2020
Comment0 comments  |  Read  |  Post a Comment
Experts Predict Rise of Data Theft in Ransomware Attacks
Dark Reading Staff, Quick Hits
The most attractive targets for data theft are businesses perceived as most likely to pay to prevent exposure of their information.
By Dark Reading Staff , 7/13/2020
Comment0 comments  |  Read  |  Post a Comment
Decoding the Verizon DBIR Report: An Insider's Look Beyond the Headlines
Chad Loeven, President of VMRay Inc.Commentary
To truly understand cybersecurity trends, we must look beyond the headlines and ask more of the data. What you learn might surprise you.
By Chad Loeven President of VMRay Inc., 7/13/2020
Comment0 comments  |  Read  |  Post a Comment
Mobile App Fraud Jumped in Q1 as Attackers Pivot from Browsers
Jai Vijayan, Contributing WriterNews
RSA data reveals a continued shift away from browser-based fraud as attackers target mobile apps.
By Jai Vijayan Contributing Writer, 7/10/2020
Comment0 comments  |  Read  |  Post a Comment
Biden Campaign Hires 2 Top Cybersecurity Executives
Dark Reading Staff, Quick Hits
The campaign has filled the positions of CISO and CTO in the runup to the 2020 presidential election.
By Dark Reading Staff , 7/10/2020
Comment0 comments  |  Read  |  Post a Comment
Zoom Patches Zero-Day Vulnerability in Windows 7
Dark Reading Staff, Quick Hits
The flaw also affects older versions of the operating system, even if they're fully patched.
By Dark Reading Staff , 7/10/2020
Comment0 comments  |  Read  |  Post a Comment
As Offices Reopen, Hardware from Home Threatens Security
Joan Goodchild, Contributing Writer
Devices out of sight for the past several months could spell trouble when employees bring them back to work.
By Joan Goodchild Contributing Writer, 7/10/2020
Comment0 comments  |  Read  |  Post a Comment
4 Security Tips as the July 15 Tax-Day Extension Draws Near
Shane Buckley, President & Chief Operating Officer, GigamonCommentary
We're continuing to see cybercriminals take advantage of COVID-19, and the extension of Tax Day will be the next technique used in their sophisticated method of attacks.
By Shane Buckley President & Chief Operating Officer, Gigamon, 7/10/2020
Comment0 comments  |  Read  |  Post a Comment
Using Adversarial Machine Learning, Researchers Look to Foil Facial Recognition
Robert Lemos, Contributing WriterNews
For privacy-seeking users, good news: Computer scientists are finding more ways to thwart facial and image recognition. But there's also bad news: Gains will likely be short-lived.
By Robert Lemos Contributing Writer, 7/9/2020
Comment0 comments  |  Read  |  Post a Comment
Huge DDoS Attack Launched Against Cloudflare in Late June
Dark Reading Staff, Quick Hits
The 754 million packets-per-second peak was part of a four-day attack involving more than 316,000 sending addresses.
By Dark Reading Staff , 7/9/2020
Comment0 comments  |  Read  |  Post a Comment
Up Close with Evilnum, the APT Group Behind the Malware
Kelly Sheridan, Staff Editor, Dark ReadingNews
The group behind Evilnum malware, which continues to target financial institutions, appears to be testing new techniques.
By Kelly Sheridan Staff Editor, Dark Reading, 7/9/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by Aperiam
Current Conversations thank you
In reply to: thanks
Post Your Own Reply
Posted by stonde
Current Conversations Thank you.
In reply to: Interesting article
Post Your Own Reply
More Conversations
Products & Releases
RunSafe Security Announces Partnership with JFrog
Growing Security Alerts Driving Demand for Cloud SIEM Solutions in the SOC
Axio Announces Partnership with Archer
Beyond Identity Joins FIDO Alliance
Thoma Bravo Completes Exostar Acquisition
As Cyberattacks Soar, US State and Local Government Entities Struggle to Keep Up
Cloud Security Alliance Publishes New Paper, The Six Pillars of DevSecOps: Automation
Xage Security Introduces Universal Multi-Factor Authentication for Industrial Operations
More Products & Releases
PR Newswire
Security Now Joins Dark Reading

Find out more about the combination of two of the industry's leading cybersecurity news sites.

edge
As Offices Reopen, Hardware from Home Threatens Security
Devices out of sight for the past several months could spell trouble when employees bring them back to work.
Name That Toon: Tough Times, Tough Measures
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
Cybersecurity's Lament: There Are No Cooks in Space
Cybersecurity staff are on edge for the same reason that there are no cooks on the ISS: Organizations are carefully watching expenses for jobs that don't require dedicated team members.
Register for Dark Reading Newsletters
Cartoon
White Papers
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-6287
PUBLISHED: 2020-07-14
SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create a...
CVE-2020-6289
PUBLISHED: 2020-07-14
SAP Disclosure Management, version 10.1, had insufficient protection against Cross-Site Request Forgery, which could be used to trick user in to browsing malicious site.
CVE-2020-6290
PUBLISHED: 2020-07-14
SAP Disclosure Management, version 10.1, is vulnerable to Session Fixation attacks wherein the attacker tricks the user into using a specific session ID.
CVE-2020-6291
PUBLISHED: 2020-07-14
SAP Disclosure Management, version 10.1, session mechanism does not have expiration data set therefore allows unlimited access after authenticating once, leading to Insufficient Session Expiration
CVE-2020-6292
PUBLISHED: 2020-07-14
Logout mechanism in SAP Disclosure Management, version 10.1, does not invalidate one of the session cookies, leading to Insufficient Session Expiration.
The Threat from the Internet—and What Your Organization Can Do About It
The Threat from the Internet—and What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Flash Poll
Video
Slideshows
Twitter Feed