Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
COVID-19: Latest Security News & Commentary
The Wild, Wild West(world) of Cybersecurity
8 Infosec Page-Turners for Days Spent Indoors
Dark Reading Cybersecurity Crossword Puzzle
State of Cybersecurity Incident Response
News & Commentary
Zscaler to Buy Cloudneeti
Dark Reading Staff, Quick Hits
The security service provider adds cloud security "posture" management with the deal.
By Dark Reading Staff , 4/9/2020
Comment0 comments  |  Read  |  Post a Comment
Emails Impersonating Trump, White House Seek to Exploit Pandemic Fears
Jai Vijayan, Contributing WriterNews
The phishing campaign is only the latest among many related to COVID-19, INKY says.
By Jai Vijayan Contributing Writer, 4/9/2020
Comment0 comments  |  Read  |  Post a Comment
Zoom, Microsoft & NTT Data Leaders Share Work-from-Home Security Tips
Kelly Sheridan, Staff Editor, Dark ReadingQuick Hits
Tech leaders encourage organizations to maintain security awareness training and offer advice on how to protect their information.
By Kelly Sheridan Staff Editor, Dark Reading, 4/9/2020
Comment0 comments  |  Read  |  Post a Comment
No STEM, No Problem: How to Close the Security Workforce Gap
Nick Tausek, Security Research Engineer, SwimlaneCommentary
Those who work well with others, learn quickly, and possess a proactive mindset toward the work can make great employees, even if their backgrounds aren't rooted in cybersecurity.
By Nick Tausek Security Research Engineer, Swimlane, 4/9/2020
Comment0 comments  |  Read  |  Post a Comment
Schneier on Hacking Society
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
How the hacker mindset and skill set could play a role in improving and securing societal systems, according to renowned security technologist Bruce Schneier.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 4/9/2020
Comment0 comments  |  Read  |  Post a Comment
Medical Devices on the IoT Put Lives at Risk
Dmitry Raidman, CEO & Co-Founder, CybeatsCommentary
Device security must become as important a product design feature as safety and efficacy.
By Dmitry Raidman CEO & Co-Founder, Cybeats, 4/9/2020
Comment0 comments  |  Read  |  Post a Comment
Keeping Vigilant for BEC Amid COVID-19 Chaos
Ericka Chickowski, Contributing WriterNews
FBI and security experts warn that attackers are particularly targeting cloud-based email systems at the moment.
By Ericka Chickowski Contributing Writer, 4/8/2020
Comment0 comments  |  Read  |  Post a Comment
After Adopting COVID-19 Lures, Sophisticated Groups Target Remote Workers
Robert Lemos, Contributing WriterNews
While coronavirus-themed emails and files have been used as a lure for weeks, attackers now are searching for ways to actively target VPNs and remote workers to take advantage of weaker security.
By Robert Lemos Contributing Writer, 4/8/2020
Comment0 comments  |  Read  |  Post a Comment
Researchers Fool Biometric Scanners with 3D-Printed Fingerprints
Kelly Sheridan, Staff Editor, Dark ReadingNews
Tests on the fingerprint scanners of Apple, Microsoft, and Samsung devices reveal it's possible to bypass authentication with a cheap 3D printer.
By Kelly Sheridan Staff Editor, Dark Reading, 4/8/2020
Comment1 Comment  |  Read  |  Post a Comment
Microsoft Releases COVID-19 Security Guidance
Dark Reading Staff, Quick Hits
Information includes tips on how to keep IT systems infection-free.
By Dark Reading Staff , 4/8/2020
Comment0 comments  |  Read  |  Post a Comment
'Unkillable' Android Malware App Continues to Infect Devices Worldwide
Jai Vijayan, Contributing WriterNews
The xHelper Trojan has compromised over 55,000 devices so far, Kaspersky says.
By Jai Vijayan Contributing Writer, 4/8/2020
Comment1 Comment  |  Read  |  Post a Comment
BEC, Domain Jacking Help Criminals Disrupt Cash Transfers
Shane Shook, Venture Consultant at Forgepoint CapitalCommentary
The two hacking methods occur independently but are being used in concert to steal funds that are part of online payments and transactions.
By Shane Shook Venture Consultant at Forgepoint Capital, 4/8/2020
Comment0 comments  |  Read  |  Post a Comment
Accenture Buys Revolutionary Security in Third Acquisition of 2020
Dark Reading Staff, Quick Hits
The deal is intended to strengthen Accenture's critical infrastructure protection capabilities and address more complex IT and OT challenges.
By Dark Reading Staff , 4/8/2020
Comment0 comments  |  Read  |  Post a Comment
Why Threat Hunting with XDR Matters
Morey Haber, CTO and CISO, BeyondTrustCommentary
Extended detection response technology assumes a breach across all your endpoints, networks, SaaS applications, cloud infrastructure, and any network-addressable resource.
By Morey Haber CTO and CISO, BeyondTrust, 4/8/2020
Comment0 comments  |  Read  |  Post a Comment
Feline Secure?
Beyond the Edge, Dark Reading
When there's a will, there's a way.
By Beyond the Edge Dark Reading, 4/8/2020
Comment0 comments  |  Read  |  Post a Comment
Privacy & Digital-Rights Experts Worry Contact-Tracing Apps Lack Limits
Robert Lemos, Contributing WriterNews
Mobile-phone-based tracking of people can help fight pandemics, but privacy and security researchers stress that it needs to be done right.
By Robert Lemos Contributing Writer, 4/7/2020
Comment0 comments  |  Read  |  Post a Comment
Chinese APT Groups Targeted Enterprise Linux Systems in Decade-Long Data Theft Campaign
Jai Vijayan, Contributing WriterNews
Organizations across multiple industries compromised in a systematic effort to steal IP and other sensitive business data, BlackBerry says.
By Jai Vijayan Contributing Writer, 4/7/2020
Comment0 comments  |  Read  |  Post a Comment
Cybercriminals Hide Malware & Phishing Sites Under SSL Certificates
Kelly Sheridan, Staff Editor, Dark ReadingNews
More than half of the top 1 million websites use HTTPS, researchers report, but not all encrypted traffic is safe.
By Kelly Sheridan Staff Editor, Dark Reading, 4/7/2020
Comment0 comments  |  Read  |  Post a Comment
The Edge Names 'Holy Cow' Cartoon Caption Winners
Edge Editors, Dark Reading
What can cows possibly have to do with cybersecurity?
By Edge Editors Dark Reading, 4/7/2020
Comment0 comments  |  Read  |  Post a Comment
How Do I Make Sure My Work-From-Home Users Install Updates?
Kurtis Minder, CEO GroupSense
Most enterprise endpoint solutions will support policies to enforce recommended updates.
By Kurtis Minder, CEO of GroupSense: For corporate assets, most enterprise endpoint solutions will support policies to enforce the recommended updates for those machines. , 4/7/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by jenkins8661
Current Conversations Digitized COVID-19 Prevention
In reply to: Caption
Post Your Own Reply
Posted by MagneticPortal
Current Conversations The dead do not laugh...
In reply to: Caption suggestion
Post Your Own Reply
More Conversations
Products & Releases
RangeForce and One Distribution Bolster Cybersecurity Training in UK and Ireland with SaaS-based Cyber Skills Platform
Theta Lake Offers Three Free Months of AI-based Safety and Compliance for Zoom Customers
RiskSense Introduces Full Spectrum Risk-Based Vulnerability Management
Axonius Announces $58 Million in New Funding
Jon Lovitz Joins NINJIO as Lead Voice Actor and Recurring Character
KnowBe4 Report Finds 37.9% of Untrained End Users Will Fail a Phishing Test
Link11 Offers Free DDoS Protection to Public Sector Organizations
(ISC)² Announces CEO Succession Plan
More Products & Releases
PR Newswire
Security Now Joins Dark Reading

Find out more about the combination of two of the industry's leading cybersecurity news sites.

edge
How Do I Make Sure My Work-From-Home Users Install Updates?
Most enterprise endpoint solutions will support policies to enforce recommended updates.
5 Soothing Security Products We Wish Existed
Maybe security alert fatigue wouldn't be so bad if the alerts themselves delivered less stress and more aromatherapy.
This Is Not Your Father's Ransomware
Ransomware operators are aiming for bigger targets and hitting below the belt. With doxing and extortion threats added to the mix, ransomware is evolving into something even more sinister.
Register for Dark Reading Newsletters
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
White Papers
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-1633
PUBLISHED: 2020-04-09
Due to a new NDP proxy feature for EVPN leaf nodes introduced in Junos OS 17.4, crafted NDPv6 packets could transit a Junos device configured as a Broadband Network Gateway (BNG) and reach the EVPN leaf node, causing a stale MAC address entry. This could cause legitimate traffic to be discarded, le...
CVE-2020-8834
PUBLISHED: 2020-04-09
KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc__tm, leading to a stack corruption. Because of this, an attacker with the ability run code in kernel space of a guest VM can cause the host kernel to...
CVE-2020-11668
PUBLISHED: 2020-04-09
In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.
CVE-2020-8961
PUBLISHED: 2020-04-09
An issue was discovered in Avira Free-Antivirus before 15.0.2004.1825. The Self-Protection feature does not prohibit a write operation from an external process. Thus, code injection can be used to turn off this feature. After that, one can construct an event that will modify a file at a specific loc...
CVE-2020-7922
PUBLISHED: 2020-04-09
X.509 certificates generated by the MongoDB Enterprise Kubernetes Operator may allow an attacker with access to the Kubernetes cluster improper access to MongoDB instances. Customers who do not use X.509 authentication, and those who do not use the Operator to generate their X.509 certificates are u...
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Flash Poll
Video
Slideshows
Twitter Feed