Dark Reading | Security | Protect The Business

Network Computing Dark Reading

Advertise

About Us

Join us live at

7 Hot Cybersecurity Trends to Be Highlighted at Black Hat

Back to Basics with Log Management, SIEMs & MSSPs

10 Ways to Keep a Rogue RasPi From Wrecking Your Network

To Pay or Not To Pay? That Is the (Ransomware) Question

Top Stories

7 Hot Cybersecurity Trends to Be ...

Back to Basics with Log Management, SIEMs ...

10 Ways to Keep a Rogue RasPi From ...

Name That Toon: Beat the Heat

To Pay or Not To Pay? That Is the ...

News & Commentary

US Mayors Commit to Just Saying No to Ransomware

News

The group of more than 1,400 top elected municipal officials takes the admirable, recommended stance against paying ransoms. However, can towns and cities secure their information technology infrastructure to withstand attacks?

By Robert Lemos Contributing Writer, 7/16/2019

0 comments | Read | Post a Comment

Symantec Builds Out Cloud Portfolio to Enforce 'Zero Trust'

Quick Hits

New additions to its Integrated Cyber Defense Platform aim to give businesses greater control over access to cloud resources and applications.

By Dark Reading Staff , 7/16/2019

0 comments | Read | Post a Comment

Is 2019 the Year of the CISO?

Terry Ray, Chief Technology Officer, Imperva

Commentary

The case for bringing the CISO to the C-suite's risk and business-strategy table.

By Terry Ray Chief Technology Officer, Imperva, 7/16/2019

0 comments | Read | Post a Comment

Flaws in Telegram & WhatsApp on Android Put Data at Risk

Curtis Franklin Jr., Senior Editor at Dark Reading

News

App settings combined with Android behavior can put data integrity at risk for WhatsApp and Telegram users.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 7/15/2019

1 Comment | Read | Post a Comment

Latest Comment: tonny123, very nice

Meet DoppelPaymer, BitPaymer's Ransomware Lookalike

Kelly Sheridan, Staff Editor, Dark Reading

News

New ransomware variant DoppelPaymer was leveraged in campaigns against the City of Edcouch, Texas, and the Chilean Ministry of Agriculture.

By Kelly Sheridan Staff Editor, Dark Reading, 7/15/2019

0 comments | Read | Post a Comment

FTC Reportedly Ready to Sock Facebook with Record $5 Billion Fine

Quick Hits

The fine, for the social media giant's role in the Cambridge Analytica scandal, would be the largest ever against a tech company.

By Dark Reading Staff , 7/15/2019

1 Comment | Read | Post a Comment

Latest Comment: tdsan, I do think that facebook will fight this because this is unprecedented. Per...

Software Developers Face Secure Coding Challenges

News

Seven in ten developers are expected to write secure code, but less than half receive feedback on security, a survey finds.

By Robert Lemos Contributing Writer, 7/15/2019

0 comments | Read | Post a Comment

18% of Enterprises Holding Back on Windows 10 Upgrade

Quick Hits

Microsoft will officially end support for Windows 7 on January 14, 2020. Many large businesses aren't ready.

By Dark Reading Staff , 7/15/2019

0 comments | Read | Post a Comment

Is Machine Learning the Future of Cloud-Native Security?

Pawan Shankar, Senior Security Product Marketing Manager at Sysdig

Commentary

The nature of containers and microservices makes them harder to protect. Machine learning might be the answer going forward.

By Pawan Shankar Senior Security Product Marketing Manager at Sysdig, 7/15/2019

0 comments | Read | Post a Comment

Where Businesses Waste Endpoint Security Budgets

Too many systems, failure to test tools, and fear of replacement drive endpoint complexity and render products less effective.

By Kelly Sheridan Staff Editor, Dark Reading, 7/15/2019

3 comments | Read | Post a Comment

Latest Comment: Lyngiten, This new term is really popular today because of circumstances

German Schools Ban Office 365, Cite Privacy Concerns

Quick Hits

The ruling follows years of debate over whether German schools and institutions should use Microsoft tools and services.

By Dark Reading Staff , 7/12/2019

1 Comment | Read | Post a Comment

Latest Comment: tdsan, I think it is a simple fix: - Disable Windows Telemetry - Disable Office...

Competing Priorities Mean Security Risks for Small Businesses

Quick Hits

Small business IT professionals are trying to balance multiple priorities and finding that the balance often leaves the company with serious security risks.

By Dark Reading Staff , 7/12/2019

2 comments | Read | Post a Comment

Latest Comment: REISEN1955, True - small business cannot afford a large CSirt department or a full time...

A Lawyer’s Guide to Cyber Insurance: 4 Basic Tips

Beth Burgin Waller, Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLC

Commentary

The time to read the fine print in your cybersecurity insurance policy is before you sign on the dotted line.

By Beth Burgin Waller Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLC, 7/12/2019

3 comments | Read | Post a Comment

Latest Comment: REISEN1955, Point taken and it would be wise for insurance companies to provide these services...

Data Center Changes Push Cyber Risk to Network's Edge

News

Changes in fundamental enterprise architectures coupled with shifts in human resources mean that companies are considering new risks to their infrastructure.

By Curtis Franklin Jr. Senior Editor at Dark Reading, 7/11/2019

1 Comment | Read | Post a Comment

Latest Comment: tdsan, Concerns about whether these more intelligent systems might become an attack...

APT Groups Make Quadruple What They Spend on Attack Tools

News

Some advanced persistent threat actors can spend north of $1 million on attacks, but the return on that investment can be huge.

By Jai Vijayan Contributing Writer, 7/11/2019

0 comments | Read | Post a Comment

How to Catch a Phish: Where Employee Awareness Falls Short

News

Advanced phishing techniques and poor user behaviors that exacerbate the threat of successful attacks.

By Kelly Sheridan Staff Editor, Dark Reading, 7/11/2019

0 comments | Read | Post a Comment

Software Engineer Charged for Taking Stolen Trade Secrets to China

Quick Hits

Xudong Yao reportedly stole proprietary information from his employer and brought it to China, where he is believed to currently reside.

By Dark Reading Staff , 7/11/2019

1 Comment | Read | Post a Comment

Latest Comment: tdsan, He left the US, then came back. The organization did not know that 3000 files...

Most Organizations Lack Cyber Resilience

Marc Wilczek, Digital Strategist & CIO Advisor

Commentary

Despite increasing threats, many organizations continue to run with only token cybersecurity and resilience.

By Marc Wilczek Digital Strategist & CIO Advisor, 7/11/2019

0 comments | Read | Post a Comment

Monroe College Hit with Ransomware Attack

Quick Hits

All campuses are affected, with attackers demanding $2 million in Bitcoin in exchange for decryption keys.

By Dark Reading Staff , 7/11/2019

0 comments | Read | Post a Comment

Summer: A Time for Vacations & Cyberattacks?

News

About a third of cybersecurity professionals believe that their companies see more cyberattacks during the summer, but the survey data does not convince on the reasons for the perception of a summer bump.

By Robert Lemos Contributing Writer, 7/11/2019

1 Comment | Read | Post a Comment

Latest Comment: GiovanniV931, I think that cybercriminal perceive the key role that humans play in breach...

More Stories

Current Conversations

Posted by tdsan

I do think that facebook will fight this because this is unprecedented. Per the article, Google was fined 12 million but 5 billion is way over the limit. What they could do, is to allocate that money to improve their security...

In reply to: This is excessive
Post Your Own Reply

Posted by tdsan

That's a problem, because customers don't care if it was the company's supplier that lost the data, not the company itself.. —Lyngiten Interesting comment, let me play devil's advocate; if a cloud vendor worked with...

In reply to: Re: attack
Post Your Own Reply

Posted by Joe Stanganelli

"Jim, stop pretending you're drowning in tickets."

In reply to: js02
Post Your Own Reply

Posted by Joe Stanganelli

"Hey! Don't Task.Run on the pool!"

In reply to: js01
Post Your Own Reply

Posted by tdsan

From my understanding, most organizations are part of this GDPR group? Health care agencies have experienced a number of hacks where they have lost more PII data than any organizational group. If this aspect is one of...

In reply to: Are Hospitals part of GDPR?
Post Your Own Reply

Posted by iOtta

2 years after this article is written and we are still no further ahead. Facebook has just been fined $5Billion dollars and the stock went up in price. One months revenue! It is cheaper to pay the fine than to actually...

In reply to: 2 years later!
Post Your Own Reply

Posted by REISEN1955

Point taken and it would be wise for insurance companies to provide these services and also make sure their suggestions ARE being carriesd out !!! Periodic review would be mandatory.

In reply to: Re: Monetary protection only
Post Your Own Reply

Posted by mcavanaugh1

No, not all Cyber Insurance policies are limited to monetary protection. Many carriers providing standalone Cyber Insurance policies provide Pre-breach Risk Management services including policies & procedure templates,...

In reply to: Re: Monetary protection only
Post Your Own Reply

Posted by Lyngiten

Only 18 percent of companies says they knew if those vendors were, in turn, sharing that information with other suppliers. That's a problem, because customers don't care if it was the company's supplier that lost the data,...

In reply to: attack
Post Your Own Reply

Posted by Lyngiten

The combination of Chronicle's analytics services and Google Cloud's big-data expertise seems likely to position the new Chronicle as a competitor to Splunk, LogRhythm, ArcSight, and companies with similar analytics offe...

In reply to: Chronicle
Post Your Own Reply

Posted by Lyngiten

This new term is really popular today because of circumstances

In reply to: Buisness waste
Post Your Own Reply

Posted by Lyngiten

This new term is really popular today because of circumstances

In reply to: Buisness waste
Post Your Own Reply

More Conversations

Products & Releases

Dragos Appoints CrowdStrike Cofounder and CTO Dmitri Alperovitch to Board of Directors

YL Ventures Closes Fourth Fund with $120M of Committed Capital

Digital Shadows Raises $10M Strategic Investment Round Led by National Australia Bank Ventures

Internet Isolation Vendor Menlo Security Raises $75 Million in Series D Funding

Sandia Researchers Uncover Personalized Medicine Software Vulnerability

Kaspersky Helps Eliminate Critical Vulnerabilities in Smart Home Controller

Global Cyber Alliance And Center For Internet Security Launch Free Cybersecurity Toolkit for States And Local Election Offices

Expel Announces $40 Million in Series C Funding

More Products & Releases

PR Newswire

sponsored by



The latest on the number of attacks, types of attacks, and threats to enterprises' most critical IT infrastructure.

GDPR: The Good, the Bad, and the Uncertain

One year post-GDPR implementation it's time to ask the tough question of whether companies are celebrating or cursing these consumer privacy mandates.

My Company Is Looking at WAFs to Help Secure Traffic. Where Do We Start?

Frank Taylor: Better Processes Lead to Tighter Security

Live Events

Webinars

Come to Black Hat USA for the latest hardware hacks

Black Hat Trainings - August 3-6

Work Styles Are Evolving, Are Your IT Teams Ready?

More Informa Tech Live Events

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: "Jim, stop pretending you're drowning in tickets."

Cartoon Archive

White Papers

Security 101

7 Reasons You Need Security at the Edge

Solve the Robo-Calling Plague

TrickBot/Gozi Malware Case Study: Online Processing

4 Ways Developers can Deliver Better Software Faster

More White Papers

Current Issue

Building and Managing an IT Security Operations Program

As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.

Download This Issue!

Back Issues | Must Reads

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-1575
PUBLISHED: 2019-07-16

Information disclosure in PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2 and earlier may allow for an authenticated user with read-only privileges to extract the API key of the device and/or the username/password from the XML API (in PAN-OS) and p...

CVE-2019-1576
PUBLISHED: 2019-07-16

Command injection in PAN-0S 9.0.2 and earlier may allow an authenticated attacker to gain access to a remote shell in PAN-OS, and potentially run with the escalated user?s permissions.

CVE-2018-19629
PUBLISHED: 2019-07-16

A Denial of Service vulnerability in the ImageNow Server service in Hyland Perceptive Content Server before 7.1.5 allows an attacker to crash the service via a TCP connection.

CVE-2019-10100
PUBLISHED: 2019-07-16

Quake3e < 5ed740d is affected by: Buffer Overflow. The impact is: Possible code execution and denial of service. The component is: Argument string creation.

CVE-2019-10100
PUBLISHED: 2019-07-16

UPX 3.95 is affected by: Integer Overflow. The impact is: attacker can cause a denial of service. The component is: src/p_lx_elf.cpp PackLinuxElf32::PackLinuxElf32help1() Line 262. The attack vector is: the victim must open a specially crafted ELF file.

Reports

The State of IT Operations and Cybersecurity Operations

Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Here’s some insight on what's working – and what isn't – in the data center.

Download Now!

How Enterprises Are Developing Secure Applications

0 comments

The State of Cyber Security Incident Response

0 comments

How Enterprises Are Attacking the Cybersecurity Problem

0 comments

More Reports

Flash Poll

All Polls

Video