Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

8 Cybersecurity Themes to Expect at Black Hat USA 2020
11 Security Tools to Expect at the Black Hat USA 2020 Arsenal Virtual Event
Vulnerable Invisible Salamanders and You: A Tale of Encryption Weakness
Q&A: How Systemic Racism Weakens Cybersecurity
COVID-19: Latest Security News & Commentary
News & Commentary
Microsoft Teams Vulnerable to Patch Workaround, Researchers Report
Kelly Sheridan, Staff Editor, Dark ReadingNews
Attackers could work around an earlier patch and use Microsoft Teams Updater to download binaries and payloads.
By Kelly Sheridan Staff Editor, Dark Reading, 8/5/2020
Comment0 comments  |  Read  |  Post a Comment
Cybersecurity Budget Rose in 2019, Uncertainty Prevails in 2020
Robert Lemos, Contributing WriterNews
Budgets rise as IT complexity continued to challenge companies, with identity and access management technology an increasingly common focus.
By Robert Lemos Contributing Writer, 8/5/2020
Comment0 comments  |  Read  |  Post a Comment
Microsoft Paid $13.7M in Bug Bounty Rewards in 2019-2020
Dark Reading Staff, Quick Hits
The 2019-2020 program year awarded 327 security researchers through 15 bounty programs, with a largest reward of $200,000.
By Dark Reading Staff , 8/5/2020
Comment0 comments  |  Read  |  Post a Comment
Why Confidential Computing Is a Game Changer
Vinton G. Cerf, VP & Chief Internet Evangelist, GoogleCommentary
Confidential Computing is a transformational technology that should be part of every enterprise cloud deployment. It's time to start unlocking the possibilities together.
By Vinton G. Cerf VP & Chief Internet Evangelist, Google, 8/5/2020
Comment0 comments  |  Read  |  Post a Comment
DDoS Attacks Doubled in Q2 Compared with Prior Quarter
Jai Vijayan, Contributing WriterNews
Most attacks were small, but the big ones got bigger than ever, Cloudflare says.
By Jai Vijayan Contributing Writer, 8/5/2020
Comment0 comments  |  Read  |  Post a Comment
Less Than Half of Security Pros Can Identify Their Organization's Level of Risk
Steve Zurier, Contributing WriterNews
Just 51% work with the business side of the house on risk reduction objectives, new study shows.
By Steve Zurier Contributing Writer, 8/5/2020
Comment0 comments  |  Read  |  Post a Comment
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Coalfire's Gary De Mercurio and Justin Wynn share the details of their physical penetration-testing engagement gone wrong, as well as recommendations for protecting all red teamers.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/5/2020
Comment2 comments  |  Read  |  Post a Comment
How Ransomware Threats Are Evolving & How to Spot Them
Kelly Sheridan, Staff Editor, Dark ReadingNews
A series of new reports explains how ransomware attackers are changing techniques and how organizations can spot stealthy criminals.
By Kelly Sheridan Staff Editor, Dark Reading, 8/4/2020
Comment0 comments  |  Read  |  Post a Comment
New Spin on a Longtime DNS Intel Tool
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Domain Name Service database service Farsight Security, the brainchild of DNS expert Paul Vixie, celebrates 10 years with new modern features.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/4/2020
Comment0 comments  |  Read  |  Post a Comment
6 Dangerous Defaults Attackers Love (and You Should Know)
Curtis Franklin Jr., Senior Editor at Dark Reading
Default configurations can be massive vulnerabilities. Here are a half dozen to check on for your network.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/4/2020
Comment0 comments  |  Read  |  Post a Comment
Retooling the SOC for a Post-COVID World
Nilesh Dherange, CTO at GuruculCommentary
Residual work-from-home policies will require changes to security policies, procedures, and technologies.
By Nilesh Dherange CTO at Gurucul, 8/4/2020
Comment0 comments  |  Read  |  Post a Comment
Google & Amazon Replace Apple as Phishers' Favorite Brands
Dark Reading Staff, Quick Hits
Google and Amazon were the most imitated brands in the second quarter, knocking out Apple.
By Dark Reading Staff , 8/4/2020
Comment0 comments  |  Read  |  Post a Comment
Securing IoT as a Remote Workforce Strategy
Karen Walsh, Privacy & Compliance ExpertCommentary
Digital transformation with Internet of Things devices offers organizations a way forward in the era of COVID-19. Optimizing this approach for the future will need to start with security.
By Karen Walsh Privacy & Compliance Expert, 8/4/2020
Comment0 comments  |  Read  |  Post a Comment
11 Hot Startups to Watch at Black Hat USA
Kelly Sheridan, Staff Editor, Dark Reading
A sneak peek at the up-and-coming organizations to check out on the Black Hat USA virtual show floor.
By Kelly Sheridan Staff Editor, Dark Reading, 8/3/2020
Comment0 comments  |  Read  |  Post a Comment
FBI Warns on New E-Commerce Fraud
Dark Reading Staff, News
A wave of new, fraudulent websites has popped up to take advantage of the rise in online shopping during the coronavirus pandemic.
By Dark Reading Staff , 8/3/2020
Comment0 comments  |  Read  |  Post a Comment
DHS Urges 'Highest Priority' Attention on Old Chinese Malware Threat
Jai Vijayan, Contributing WriterNews
"Taidoor" is a remote access tool that has been used in numerous cyber espionage campaigns since at least 2008.
By Jai Vijayan Contributing Writer, 8/3/2020
Comment0 comments  |  Read  |  Post a Comment
New 'Nanodegree' Program Provides Hands-On Cybersecurity Training
Nicole Ferraro, Contributing WriterNews
Emerging streamlined curriculum programs aim to help narrow the skills gap.
By Nicole Ferraro Contributing Writer, 8/3/2020
Comment1 Comment  |  Read  |  Post a Comment
Why Data Ethics Is a Growing CISO Priority
Joan Goodchild, Contributing Writer
With data collection growing, and increased concern about how it is handled, a synergy between security and data teams will be essential.
By Joan Goodchild Contributing Writer, 8/3/2020
Comment1 Comment  |  Read  |  Post a Comment
Omdia Cybersecurity Accelerator Analysts to Take Part in Black Hat USA 2020
Eric Parizo, Senior Analyst, OmdiaCommentary
Analysts will participate in the Black Hat Briefings, taking place Aug. 4-6, discussing cybersecurity research, offering exclusive video presentations, and meeting with vendors and attendees.
By Eric Parizo Senior Analyst, Omdia, 8/3/2020
Comment0 comments  |  Read  |  Post a Comment
Travel Management Firm CWT Pays $4.5M to Ransomware Attackers
Dark Reading Staff, Quick Hits
Attackers claimed to steal two terabytes of files including financial reports, security files, and employees' personal data.
By Dark Reading Staff , 8/3/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by nuritakartika
Current Conversations yes agree for you
In reply to: Re: Effective Grouping
Post Your Own Reply
More Conversations
PR Newswire
Security Now Joins Dark Reading

Find out more about the combination of two of the industry's leading cybersecurity news sites.

Default configurations can be massive vulnerabilities. Here are a half dozen to check on for your network.
With data collection growing, and increased concern about how it is handled, a synergy between security and data teams will be essential.
Figuring out which cybersecurity job you want -- or are qualified for -- can be difficult when words have no consistent meaning in the industry.
Register for Dark Reading Newsletters
Cartoon Contest
White Papers
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-17364
PUBLISHED: 2020-08-05
USVN (aka User-friendly SVN) before 1.0.9 allows XSS via SVN logs.
CVE-2020-4481
PUBLISHED: 2020-08-05
IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 181848.
CVE-2020-5608
PUBLISHED: 2020-08-05
CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to bypass authentication and send altered c...
CVE-2020-5609
PUBLISHED: 2020-08-05
Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to cre...
CVE-2020-8607
PUBLISHED: 2020-08-05
An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentia...
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Flash Poll
Video
Slideshows
Twitter Feed