Dark Reading | Security | Protect The Business

Network Computing Dark Reading

Advertise

About Us

COVID-19: Latest Security News & Commentary

The Wild, Wild West(world) of Cybersecurity

8 Infosec Page-Turners for Days Spent Indoors

Dark Reading Cybersecurity Crossword Puzzle

State of Cybersecurity Incident Response

Top Stories

COVID-19: Latest Security News & Commentary

The Wild, Wild West(world) of Cybersecurity

8 Infosec Page-Turners for Days Spent Indoors

Dark Reading Cybersecurity Crossword Puzzle

State of Cybersecurity Incident Response

News & Commentary

BEC, Domain Jacking Help Criminals Disrupt Cash Transfers

Shane Shook, Venture Consultant at Forgepoint Capital

Commentary

The two hacking methods occur independently but are being used in concert to steal funds that are part of online payments and transactions.

By Shane Shook Venture Consultant at Forgepoint Capital, 4/8/2020

0 comments | Read | Post a Comment

Accenture Buys Revolutionary Security in Third Acquisition of 2020

Quick Hits

The deal is intended to strengthen Accenture's critical infrastructure protection capabilities and address more complex IT and OT challenges.

By Dark Reading Staff , 4/8/2020

0 comments | Read | Post a Comment

Why Threat Hunting with XDR Matters

Commentary

Extended detection response technology assumes a breach across all your endpoints, networks, SaaS applications, cloud infrastructure, and any network-addressable resource.

By Morey Haber CTO and CISO, BeyondTrust, 4/8/2020

0 comments | Read | Post a Comment

Feline Secure?

When there's a will, there's a way.

By Beyond the Edge Dark Reading, 4/8/2020

0 comments | Read | Post a Comment

Privacy & Digital-Rights Experts Worry Contact-Tracing Apps Lack Limits

News

Mobile-phone-based tracking of people can help fight pandemics, but privacy and security researchers stress that it needs to be done right.

By Robert Lemos Contributing Writer, 4/7/2020

0 comments | Read | Post a Comment

Chinese APT Groups Targeted Enterprise Linux Systems in Decade-Long Data Theft Campaign

News

Organizations across multiple industries compromised in a systematic effort to steal IP and other sensitive business data, BlackBerry says.

By Jai Vijayan Contributing Writer, 4/7/2020

0 comments | Read | Post a Comment

Cybercriminals Hide Malware & Phishing Sites Under SSL Certificates

Kelly Sheridan, Staff Editor, Dark Reading

News

More than half of the top 1 million websites use HTTPS, researchers report, but not all encrypted traffic is safe.

By Kelly Sheridan Staff Editor, Dark Reading, 4/7/2020

0 comments | Read | Post a Comment

The Edge Names 'Holy Cow' Cartoon Caption Winners

What can cows possibly have to do with cybersecurity?

By Edge Editors Dark Reading, 4/7/2020

0 comments | Read | Post a Comment

How Do I Make Sure My Work-From-Home Users Install Updates?

Most enterprise endpoint solutions will support policies to enforce recommended updates.

By Kurtis Minder, CEO of GroupSense: For corporate assets, most enterprise endpoint solutions will support policies to enforce the recommended updates for those machines. , 4/7/2020

0 comments | Read | Post a Comment

Mature DevOps Teams Are Secure DevOps Teams

Quick Hits

New research shows the relationship between mature DevOps processes, secure applications, and happy developers.

By Dark Reading Staff , 4/7/2020

0 comments | Read | Post a Comment

The Coronavirus & Cybersecurity: 3 Areas of Exploitation

Robert R. Ackerman Jr., Founder & Managing Director, Allegis Capital

Commentary

Criminal, political, and strategic factors are combining to create a perfect storm of cyber infections that target the global supply chain.

By Robert R. Ackerman Jr. Founder & Managing Director, Allegis Capital, 4/7/2020

1 Comment | Read | Post a Comment

Latest Comment: Enrico Fontan, I agree with the Strategic Exploitation perspective. The increasing demand...

71% of Security Pros See Threats Jump Since COVID-19 Outbreak

Quick Hits

Phishing is the top threat, followed by websites offering false information about the pandemic, malware, and ransomware attacks.

By Dark Reading Staff , 4/7/2020

0 comments | Read | Post a Comment

Using Application Telemetry to Reveal Insider & Evasive Threats

Commentary

Data from application processes and other systems leave a trail of threat crumbs that can be used to detect and shut down attacks.

By Andy Hawkins Field CTO, 4/7/2020

0 comments | Read | Post a Comment

COVID-19: Latest Security News & Commentary

News

Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.

By Dark Reading Staff , 4/7/2020

5 comments | Read | Post a Comment

Latest Comment: 192.168.1.1, ⚠ Coronavirus Updates by CountryCoronovirus live updates from offical...

9 Security Podcasts Worth Tuning In To

Recommendations for podcasts discussing news, trends, guidance, and stories across the cybersecurity industry.

By Kelly Sheridan Staff Editor, Dark Reading, 4/7/2020

0 comments | Read | Post a Comment

More Attackers Have Begun Using Zero-Day Exploits

News

Vendors of offensive cyber tools have made it easy for any threat group with the right funds to leverage unpatched bugs, FireEye says.

By Jai Vijayan Contributing Writer, 4/6/2020

0 comments | Read | Post a Comment

Misconfigured Containers Again Targeted by Cryptominer Malware

News

An attack group is searching for insecure containers exposing the Docker API and then installing a program that attempts to mine cryptocurrency. It's not the first time.

By Robert Lemos Contributing Writer, 4/6/2020

0 comments | Read | Post a Comment

Microsoft: Emotet Attack Shut Down an Entire Business Network

News

The infection started with a phishing email and spread throughout the organization, overheating all machines and flooding its Internet connection.

By Kelly Sheridan Staff Editor, Dark Reading, 4/6/2020

0 comments | Read | Post a Comment

FBI Warns of BEC Dangers

Quick Hits

A new PSA warns of attacks launched against users of two popular cloud-based email systems.

By Dark Reading Staff , 4/6/2020

0 comments | Read | Post a Comment

Mozilla Patches Two Critical Zero-Days in Firefox

Quick Hits

The latest release of Firefox brings fixes for two Critical vulnerabilities already seen exploited in the wild.

By Dark Reading Staff , 4/6/2020

0 comments | Read | Post a Comment

More Stories

Current Conversations

Posted by 192.168.1.1

⚠ Coronavirus Updates by CountryCoronovirus live updates from offical and unoffical sources.⚠ Coronavirus Forecasts by CountryCoronovirus forecasts by country. What wil be after 1 day 1 week or 1 month ?

In reply to: Coronavirus
Post Your Own Reply

Posted by bina

There's one in every office.

In reply to: Office Zoom Meeting
Post Your Own Reply

Posted by grandprir

This site has commenting guidelines and comments are reviewed by moderators before they are fully published to the web site. Due to comment spam on our site, we have changed our comment system to block all...

In reply to: Re: A Bit Confusing, Indeed...
Post Your Own Reply

Posted by Enrico Fontan

I agree with the Strategic Exploitation perspective. The increasing demand for Home-Office activities will increase the phishing risks for employees not trained for this new setup. In such a scenario, this may lead to...

In reply to: Strategic exploitation
Post Your Own Reply

Posted by AntonioMochilas

We should take care about what we said to our employeers or chiefs

In reply to: Totally agree
Post Your Own Reply

Posted by Tempest2004

Jack has improvised after being told he had to stop saying "devil is in the details" during every meetting.

In reply to: Devil
Post Your Own Reply

Posted by zirkonyum

It's good to pray, but now we just have to believe in science

In reply to: Re: Effective Grouping
Post Your Own Reply

Posted by techilife99

You might have come across the Netflix error code m7111-5059 or m7111-1331-5059. This also has a message with it: "You seem to be using an unblocker or proxy. Please turn off any of these services and try again." Netflix...

In reply to: Re: FredLuis
Post Your Own Reply

Posted by alexbaker

Thanks for these intenet security precautions. Yes, in today's time it is very important to be educated in terms of protecting your internet assets technically. But for the things like wife connection with coffee machines,...

In reply to: cyber security
Post Your Own Reply

Posted by reformasbilbao

Here, in Bilbao We are reaching the peak, but until June we will probably not go outside

In reply to: The virus
Post Your Own Reply

Posted by RSR555

{Hey Mikey, did you invite the new CISO?}

In reply to: The Devil you know?
Post Your Own Reply

Posted by andymuz

This is a really useful article on hacking and the dangers online. I have recently come across a site that has lots of VPN Reviews https://www.comparemyvpn.com as well as the latest deals offers and VPN advice.

In reply to: re: FBI Arrests NYPD Detective On Hacking Charges
Post Your Own Reply

More Conversations

Products & Releases

RangeForce and One Distribution Bolster Cybersecurity Training in UK and Ireland with SaaS-based Cyber Skills Platform

Theta Lake Offers Three Free Months of AI-based Safety and Compliance for Zoom Customers

RiskSense Introduces Full Spectrum Risk-Based Vulnerability Management

Axonius Announces $58 Million in New Funding

Jon Lovitz Joins NINJIO as Lead Voice Actor and Recurring Character

KnowBe4 Report Finds 37.9% of Untrained End Users Will Fail a Phishing Test

Link11 Offers Free DDoS Protection to Public Sector Organizations

(ISC)² Announces CEO Succession Plan

More Products & Releases

PR Newswire

Security Now Joins Dark Reading

Find out more about the combination of two of the industry's leading cybersecurity news sites.

How Do I Make Sure My Work-From-Home Users Install Updates?

Most enterprise endpoint solutions will support policies to enforce recommended updates.

5 Soothing Security Products We Wish Existed

Maybe security alert fatigue wouldn't be so bad if the alerts themselves delivered less stress and more aromatherapy.

This Is Not Your Father's Ransomware

Ransomware operators are aiming for bigger targets and hitting below the belt. With doxing and extortion threats added to the mix, ransomware is evolving into something even more sinister.

Webinars

How to Effectively Analyze Security Data

Cloud Security 101

Building a Strategy for Detection and Response

Webinar Archives

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

White Papers

NERC Updates May Force Utility Companies into Better Cybersecurity

eSentire Annual Threat Intelligence Report: 2019 Perspectives and 2020 Predictions

One Phish, Two Phish, Three Phish, Fraud Phish

Increase Cyber Defense Effectiveness through Simulation-Based On-Demand Learning

Why Endpoints are the Secret to Better Employee Experience

More White Papers

Current Issue

6 Emerging Cyber Threats That Enterprises Face in 2020

This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!

Download This Issue!

Back Issues | Must Reads

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-21038
PUBLISHED: 2020-04-08

An issue was discovered on Samsung mobile devices with N(7.x) software. The Secure Folder app's startup logic allows authentication bypass. The Samsung ID is SVE-2018-11628 (December 2018).

CVE-2018-21039
PUBLISHED: 2020-04-08

An issue was discovered on Samsung mobile devices with N(7.0) software. With the Location permission for the compass feature in Quick Tools (aka QuickTools), an attacker can bypass the lockscreen. The Samsung ID is SVE-2018-12053 (December 2018).

CVE-2018-21040
PUBLISHED: 2020-04-08

An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (Exynos 9810 chipsets) software. There is a race condition with a resultant use-after-free in the g2d driver. The Samsung ID is SVE-2018-12959 (December 2018).

CVE-2018-21041
PUBLISHED: 2020-04-08

An issue was discovered on Samsung mobile devices with O(8.x) software. Access to Gallery in the Secure Folder can occur without authentication. The Samsung ID is SVE-2018-13057 (December 2018).

CVE-2020-11000
PUBLISHED: 2020-04-08

GreenBrowser before version 1.2 has a vulnerability where apps that rely on URL Parsing to verify that a given URL is pointing to a trust server may be susceptible to many different ways to get URL parsing and verification wrong, which allows an attacker to circumvent the access control. This proble...

Reports

State of Cybersecurity Incident Response

Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.

Download Now!

How Enterprises Are Developing and Maintaining Secure Applications

0 comments

How Enterprises are Attacking the Cybersecurity Problem

0 comments

How Data Breaches affect the Enterprise

0 comments

More Reports

Flash Poll

All Polls

Video