Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
RSAC Sets Finalists for Innovation Sandbox
5 Measures to Harden Election Technology
9 Things Application Security Champions Need to Succeed
AppSec Concerns Drove 61% of Businesses to Change Applications
Assessing Cybersecurity Risk in Today's Enterprise
News & Commentary
Cyber Fitness Takes More Than a Gym Membership & a Crash Diet
Ryan Weeks, Chief Information Security Officer at DattoCommentary
Make cybersecurity your top priority, moving away from addressing individual problems with Band-Aids and toward attaining a long-term cyber-fitness plan.
By Ryan Weeks Chief Information Security Officer at Datto, 2/18/2020
Comment0 comments  |  Read  |  Post a Comment
1.7M Nedbank Customers Affected via Third-Party Breach
Dark Reading Staff, Quick Hits
A vulnerability in the network of marketing contractor Computer Facilities led to a breach at the South African bank.
By Dark Reading Staff , 2/18/2020
Comment0 comments  |  Read  |  Post a Comment
Firmware Weaknesses Can Turn Computer Subsystems into Trojans
Robert Lemos, Contributing WriterNews
Network cards, video cameras, and graphics adapters are a few of the subsystems whose lack of security could allow attackers to turn them into spy implants.
By Robert Lemos Contributing Writer, 2/18/2020
Comment0 comments  |  Read  |  Post a Comment
The Road(s) to Riches
Beyond the Edge, Dark Reading
You could be making millions in just two years!
By Beyond the Edge Dark Reading, 2/18/2020
Comment0 comments  |  Read  |  Post a Comment
Staircase to the Cloud: Dark Reading Caption Contest Winners
Marilyn Cohodas, Managing Editor, Dark ReadingCommentary
A humorous nod to the lack of gender equity in cybersecurity hiring was our judges' unanimous choice. And the winners are ...
By Marilyn Cohodas Managing Editor, Dark Reading, 2/18/2020
Comment0 comments  |  Read  |  Post a Comment
8 Things Users Do That Make Security Pros Miserable
Curtis Franklin Jr., Senior Editor at Dark Reading
When a user interacts with an enterprise system, the result can be productivity or disaster. Here are eight opportunities for the disaster side to win out over the productive.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 2/18/2020
Comment0 comments  |  Read  |  Post a Comment
Martin and Dorothie Hellman on Love, Crypto & Saving the World
Sara Peters, Senior Editor at Dark Reading
Martin Hellman, co-creator of the Diffie-Hellman key exchange, and his wife of 53 years, Dorothie, talk about the current state of cryptography and what making peace at home taught them about making peace on Earth.
By Sara Peters Senior Editor at Dark Reading, 2/15/2020
Comment0 comments  |  Read  |  Post a Comment
Phishing Campaign Targets Mobile Banking Users
Jai Vijayan, Contributing WriterNews
Consumers in dozens of countries were targeted, Lookout says.
By Jai Vijayan Contributing Writer, 2/14/2020
Comment0 comments  |  Read  |  Post a Comment
Palm Beach Elections Office Hit with Ransomware Pre-2016 Election
Dark Reading Staff, Quick Hits
Palm Beach County's elections supervisor does not believe the attack is linked to Russian hacking attempts targeting Florida.
By Dark Reading Staff , 2/14/2020
Comment0 comments  |  Read  |  Post a Comment
Ovum to Expand Cybersecurity Research Under New Omdia Group
Dark Reading Staff, News
Informa Tech combines Ovum, Heavy Reading, Tractica, and IHS Markit research.
By Dark Reading Staff , 2/14/2020
Comment0 comments  |  Read  |  Post a Comment
DHS Warns of Cyber Heartbreak
Dark Reading Staff, Quick Hits
Fraudulent dating and relationship apps and websites raise the risks for those seeking online romance on Valentine's Day.
By Dark Reading Staff , 2/14/2020
Comment0 comments  |  Read  |  Post a Comment
The 5 Love Languages of Cybersecurity
Fredrick Commentary
When it comes to building buy-in from the business, all cybersecurity needs is love -- especially when it comes to communication.
By Fredrick "Flee" Lee Chief Security Officer, Gusto, 2/14/2020
Comment0 comments  |  Read  |  Post a Comment
Coronavirus Raises New Business Continuity, Phishing Challenges for InfoSec
Sara Peters, Senior Editor at Dark Reading
What happens when understaffed security teams at home and abroad are sequestered in physical quarantine zones?
By Sara Peters Senior Editor at Dark Reading, 2/13/2020
Comment0 comments  |  Read  |  Post a Comment
DDoS Attacks Nearly Double Between Q4 2018 and Q4 2019
Kelly Sheridan, Staff Editor, Dark ReadingNews
Peer-to-peer botnets, TCP reflection attacks, and increased activity on Sundays are three DDoS attack trends from last quarter.
By Kelly Sheridan Staff Editor, Dark Reading, 2/13/2020
Comment0 comments  |  Read  |  Post a Comment
Architectural Analysis IDs 78 Specific Risks in Machine-Learning Systems
Jai Vijayan, Contributing WriterNews
The new threat model hones in on ML security at the design state.
By Jai Vijayan Contributing Writer, 2/13/2020
Comment1 Comment  |  Read  |  Post a Comment
Babel of IoT Authentication Poses Security Challenges
Robert Lemos, Contributing WriterNews
With more than 80 different schemes for authenticating devices either proposed or implemented, best practices and reference architectures are sorely needed, experts say.
By Robert Lemos Contributing Writer, 2/13/2020
Comment0 comments  |  Read  |  Post a Comment
Huawei Charged with RICO Violations in Federal Court
Dark Reading Staff, Quick Hits
A new set of indictments adds conspiracy to violate RICO statutes to a list of existing charges against the Chinese telecommunications giant.
By Dark Reading Staff , 2/13/2020
Comment0 comments  |  Read  |  Post a Comment
7 Tax Season Security Tips
Steve Zurier, Contributing Writer
Security pros need be on high alert from now until Tax Day on April 15. Here are seven ways to help keep your company safe.
By Steve Zurier Contributing Writer, 2/13/2020
Comment0 comments  |  Read  |  Post a Comment
Small Business Security: 5 Tips on How and Where to Start
Mike Puglia, Chief Strategy Officer at KaseyaCommentary
There is no one-size-fits-all strategy for security, but a robust plan and the implementation of new technologies will help you and your IT team sleep better.
By Mike Puglia Chief Strategy Officer at Kaseya, 2/13/2020
Comment3 comments  |  Read  |  Post a Comment
Apps Remain Favorite Mobile Attack Vector
Dark Reading Staff, Quick Hits
Mobile apps are used in nearly 80% of attacks targeting mobile devices, followed by network and operating system attacks.
By Dark Reading Staff , 2/13/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by Matt Middleton-Leal Netwrix
Current Conversations Many thanks!
In reply to: Re: reading
Post Your Own Reply
More Conversations
Products & Releases
Huntress Secures $18M Investment Led By ForgePoint Capital
Praetorian Closes $10M Series A to Help Enterprises Navigate Future Cybersecurity Risks
Nok Nok Labs Welcomes Apple to the FIDO Alliance; Reports Record Growth
Spirent Expands CyberFlood Data Breach Assessment Solution
A10 Networks Unveils Thunder Threat Protection System (TPS)
Farsight Security to Debut Real-Time Security Data Innovations at RSA Conference
Tufin SecureCloud Enables Companies to Secure Hybrid Cloud Environments Without Compromising Business Speed or Agility
Offensive Security Enhances Flagship Penetration Testing with Kali Linux Training Course
More Products & Releases
PR Newswire
edge
8 Things Users Do That Make Security Pros Miserable
When a user interacts with an enterprise system, the result can be productivity or disaster. Here are eight opportunities for the disaster side to win out over the productive.
Martin and Dorothie Hellman on Love, Crypto & Saving the World
Martin Hellman, co-creator of the Diffie-Hellman key exchange, and his wife of 53 years, Dorothie, talk about the current state of cryptography and what making peace at home taught them about making peace on Earth.
Coronavirus Raises New Business Continuity, Phishing Challenges for InfoSec
What happens when understaffed security teams at home and abroad are sequestered in physical quarantine zones?
Register for Dark Reading Newsletters
Cartoon
White Papers
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5613
PUBLISHED: 2020-02-18
In FreeBSD 12.0-RELEASE before 12.0-RELEASE-p13, a missing check in the ipsec packet processor allows reinjection of an old packet to be accepted by the ipsec endpoint. Depending on the higher-level protocol in use over ipsec, this could allow an action to be repeated.
CVE-2020-7450
PUBLISHED: 2020-02-18
In FreeBSD 12.1-STABLE before r357213, 12.1-RELEASE before 12.1-RELEASE-p2, 12.0-RELEASE before 12.0-RELEASE-p13, 11.3-STABLE before r357214, and 11.3-RELEASE before 11.3-RELEASE-p6, URL handling in libfetch with URLs containing username and/or password components is vulnerable to a heap buffer over...
CVE-2019-10792
PUBLISHED: 2020-02-18
bodymen before 1.1.1 is vulnerable to Prototype Pollution. The handler function could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.
CVE-2019-10793
PUBLISHED: 2020-02-18
dot-object before 2.1.3 is vulnerable to Prototype Pollution. The set function could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.
CVE-2019-10794
PUBLISHED: 2020-02-18
All versions of component-flatten are vulnerable to Prototype Pollution. The a function could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.
How Enterprises Are Developing and Maintaining Secure Applications
How Enterprises Are Developing and Maintaining Secure Applications
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
Flash Poll
Video
Slideshows
Twitter Feed