Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
2019 Pwnie Award Winners (And Those Who Wish They Weren't)
7 Online Safety Tips for College Students
8 Head-Turning Ransomware Attacks to Hit City Governments
Contest: Name That Toon
Moving on Up: Ready for Your Apps to Live in the Cloud?
News & Commentary
CISOs Struggle with Diminishing Tools to Protect Assets from Growing Threats
Dark Reading Staff, Quick Hits
Most CISOs see the risk of cyberattacks growing and feel they're falling behind in their ability to fight back, a new survey finds.
By Dark Reading Staff , 8/20/2019
Comment1 Comment  |  Read  |  Post a Comment
Apple Misstep Leaves iPhones Open to Jailbreak
Jai Vijayan, Contributing WriterNews
Newest version of iOS contains a critical bug that the company had previously already patched.
By Jai Vijayan Contributing Writer, 8/20/2019
Comment0 comments  |  Read  |  Post a Comment
Cyberthreats Against Financial Services Up 56%
Dark Reading Staff, Quick Hits
Financial institutions interacting with customers online must prepare for a broader, more sophisticated variety of threats.
By Dark Reading Staff , 8/20/2019
Comment0 comments  |  Read  |  Post a Comment
Who Gets Privileged Access & How to Enforce It
Tim Keeler, Founder and CEO, RemediantCommentary
Let's begin by re-evaluating IT infrastructures to determine who has access to what, why, and when.
By Tim Keeler Founder and CEO, Remediant, 8/20/2019
Comment0 comments  |  Read  |  Post a Comment
Visa Adds New Fraud Disruption Measures
Steve Zurier, Contributing WriterNews
Payment card giant creates a 'cyber fraud system' to thwart transaction abuse.
By Steve Zurier Contributing Writer, 8/20/2019
Comment0 comments  |  Read  |  Post a Comment
5 Ways to Improve the Patching Process
Kacy Zurkus, Contributing Writer
So many software vulnerabilities, so little time. But failure to patch them can have serious consequences. Here's help for overwhelmed security teams.
By Kacy Zurkus Contributing Writer, 8/20/2019
Comment1 Comment  |  Read  |  Post a Comment
What Americans Think About Ransomware
Dark Reading Staff, Quick Hits
New Harris Poll survey says most will weigh candidates' cybersecurity positions.
By Dark Reading Staff , 8/19/2019
Comment0 comments  |  Read  |  Post a Comment
Instagram Added to Facebook Data-Abuse Bounty Program
Jai Vijayan, Contributing WriterNews
Social media giant also launches invitation-only bug bounty program for 'Checkout on Instagram'.
By Jai Vijayan Contributing Writer, 8/19/2019
Comment0 comments  |  Read  |  Post a Comment
Towns Across Texas Hit in Coordinated Ransomware Attack
Robert Lemos, Contributing WriterNews
The state government and cybersecurity groups have mobilized to respond to a mass ransomware attack that simultaneously hit 22 different towns statewide.
By Robert Lemos Contributing Writer, 8/19/2019
Comment0 comments  |  Read  |  Post a Comment
VxWorks TCP/IP Stack Vulnerability Poses Major Manufacturing Risk
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A new analysis shows the scale of risk posed by networking vulnerabilities in a popular embedded real-time operating system.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/19/2019
Comment0 comments  |  Read  |  Post a Comment
US Chamber of Commerce, FICO Report National Risk Score of 688
Dark Reading Staff, Quick Hits
While the score was up for large businesses and down for small firms, the report urges all to prioritize third-party risk management.
By Dark Reading Staff , 8/19/2019
Comment0 comments  |  Read  |  Post a Comment
Tough Love: Debunking Myths about DevOps & Security
Jeff Williams, CTO, Contrast SecurityCommentary
It's time to move past trivial 'shift left' conceptions of DevSecOps and take a hard look at how security work actually gets accomplished.
By Jeff Williams CTO, Contrast Security, 8/19/2019
Comment1 Comment  |  Read  |  Post a Comment
Modern Technology, Modern Mistakes
Kacy Zurkus, Contributing Writer
As employees grow more comfortable using new technologies, they could inadvertently be putting their enterprises at risk. And that leaves security teams having to defend an ever-expanding attack surface.
By Kacy Zurkus Contributing Writer, 8/19/2019
Comment0 comments  |  Read  |  Post a Comment
Compliance Training? What Compliance Training?
Beyond the Edge, Dark Reading
Employees can run ... but they can't hide. Or can they?
By Beyond the Edge Dark Reading, 8/19/2019
Comment0 comments  |  Read  |  Post a Comment
Google Analyzes Pilfered Password Reuse
Dark Reading Staff, Quick Hits
Password Checkup data shows some users still reuse their exposed passwords.
By Dark Reading Staff , 8/16/2019
Comment1 Comment  |  Read  |  Post a Comment
Project Zero Turns 5: How Google's Zero-Day Hunt Has Grown
Kelly Sheridan, Staff Editor, Dark ReadingNews
At Black Hat USA, Project Zero's team lead shared details of projects it has accomplished and its influence on the security community.
By Kelly Sheridan Staff Editor, Dark Reading, 8/16/2019
Comment1 Comment  |  Read  |  Post a Comment
European Central Bank Website Hit by Malware Attack
Dark Reading Staff, Quick Hits
The website was infected with malware that stole information on subscribers to a bank newsletter.
By Dark Reading Staff , 8/16/2019
Comment1 Comment  |  Read  |  Post a Comment
Beat the Heat: Dark Reading Caption Contest Winners
Marilyn Cohodas, Managing Editor, Dark ReadingCommentary
Phishing, token codes, training, MFA, polluted data entry, and whales. And the winners are ...
By Marilyn Cohodas Managing Editor, Dark Reading, 8/16/2019
Comment0 comments  |  Read  |  Post a Comment
Behind the Scenes at ICS Village
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
ICS Village co-founder Bryson Bort reveals plans for research-dedicated events that team independent researchers, critical infrastructure owners, and government specialists.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/16/2019
Comment0 comments  |  Read  |  Post a Comment
More Than 20 Data Breaches Reported Per Day in First Half of 2019
Jai Vijayan, Contributing WriterNews
But incidents involving SSNs, addresses, birth dates were smaller than in previous years.
By Jai Vijayan Contributing Writer, 8/15/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Products & Releases
Morphisec Announces 2019 Women in Cybersecurity Scholarship Winners
OwnBackup Appoints Adrian Kunzle as Head of Product & Strategy
ZeroFOX Launches Election Protection Package
Global Cyber Alliance Launches Cybersecurity Development Platform for Internet of Things (IoT) Devices
Deloitte and Splunk Provide Automated Security Monitoring and Response Capabilities to Organizations Worldwide
Women’s Society of Cyberjutsu Crowns First Wicked6 Cyber Games Champion
Canon & PrinterLogic Integration Allows for Serverless Printing with Security Features
Microsoft, Imprivata Launch Cloud Access Security Tool for Healthcare
More Products & Releases
PR Newswire
sponsored by

The latest on the number of attacks, types of attacks, and threats to enterprises' most critical IT infrastructure.
So many software vulnerabilities, so little time. But failure to patch them can have serious consequences. Here's help for overwhelmed security teams.
As employees grow more comfortable using new technologies, they could inadvertently be putting their enterprises at risk. And that leaves security teams having to defend an ever-expanding attack surface.
Employees can run ... but they can't hide. Or can they?
Register for Dark Reading Newsletters
Cartoon Contest
White Papers
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5034
PUBLISHED: 2019-08-20
An exploitable information disclosure vulnerability exists in the Weave Legacy Pairing functionality of Nest Cam IQ Indoor version 4620002. A set of specially crafted weave packets can cause an out of bounds read, resulting in information disclosure. An attacker can send packets to trigger this vuln...
CVE-2019-5035
PUBLISHED: 2019-08-20
An exploitable information disclosure vulnerability exists in the Weave PASE pairing functionality of the Nest Cam IQ Indoor, version 4620002. A set of specially crafted weave packets can brute force a pairing code, resulting in greater Weave access and potentially full device control. An attacker c...
CVE-2019-5036
PUBLISHED: 2019-08-20
An exploitable denial-of-service vulnerability exists in the Weave error reporting functionality of the Nest Cam IQ Indoor, version 4620002. A specially crafted weave packets can cause an arbitrary Weave Exchange Session to close, resulting in a denial of service. An attacker can send a specially cr...
CVE-2019-8103
PUBLISHED: 2019-08-20
Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation ...
CVE-2019-8104
PUBLISHED: 2019-08-20
Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation ...
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Here’s some insight on what's working – and what isn't – in the data center.
Flash Poll
Video
Slideshows
Twitter Feed