Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
6 Security Scams Set to Sweep This Summer
GDPR's First-Year Impact By the Numbers
What 3 Powerful GoT Women Teach Us about Cybersecurity
7 Container Components That Increase a Network's Security
The State of IT Operations and Cybersecurity Operations
News & Commentary
As Cloud Adoption Grows, DLP Remains Key Challenge
Kelly Sheridan, Staff Editor, Dark ReadingNews
As businesses use the cloud to fuel growth, many fail to enforce data loss prevention or control how people share data.
By Kelly Sheridan Staff Editor, Dark Reading, 6/18/2019
Comment0 comments  |  Read  |  Post a Comment
Advertising Alliance Plans Protocols to Reduce Dangerous Content
Dark Reading Staff, Quick Hits
The Global Alliance for Responsible Media will seek ways to clamp down on dangerous and fake content.
By Dark Reading Staff , 6/18/2019
Comment0 comments  |  Read  |  Post a Comment
The Evolution of Identity
Kathleen Peters, SVP & Head of Fraud & Identity, ExperianCommentary
How data and technology can help businesses make the right fraud decisions, protect people's identities, and create an improved customer experience.
By Kathleen Peters SVP & Head of Fraud & Identity, Experian, 6/18/2019
Comment0 comments  |  Read  |  Post a Comment
Google Targets Deceptive Sites with New Chrome Tools
Dark Reading Staff, Quick Hits
A new extension and browser alert aim to help users report deceptive sites and prevent them from encountering fraud.
By Dark Reading Staff , 6/18/2019
Comment0 comments  |  Read  |  Post a Comment
Can Your Patching Strategy Keep Up with the Demands of Open Source?
Tim Mackey, Principal Security Strategist, CyRC, at SynopsysCommentary
It's time to reassess your open source management policies and processes.
By Tim Mackey Principal Security Strategist, CyRC, at Synopsys, 6/18/2019
Comment2 comments  |  Read  |  Post a Comment
How Fraudulent Domains 'Hide in Plain Sight'
Kelly Sheridan, Staff Editor, Dark ReadingNews
Cybercriminals use new types of top-level domains, topical keywords, and targeted emails to trick victims into clicking malicious links.
By Kelly Sheridan Staff Editor, Dark Reading, 6/18/2019
Comment1 Comment  |  Read  |  Post a Comment
DHS Tests Remote Exploit for BlueKeep RDP Vulnerability
Jai Vijayan, Contributing WriterNews
Agency urges organizations with vulnerable systems to apply mitigations immediately.
By Jai Vijayan Contributing Writer, 6/17/2019
Comment0 comments  |  Read  |  Post a Comment
Power Outage Hits Millions in South America
Dark Reading Staff, Quick Hits
The outage, which is not (so far) seen as the result of a cyberattack, still had a significant impact on network and server availability.
By Dark Reading Staff , 6/17/2019
Comment0 comments  |  Read  |  Post a Comment
New Decryptor Unlocks Latest Versions of Gandcrab
Dark Reading Staff, Quick Hits
The decryptor neutralizes GandCrab versions 5.0 through 5.2 and lets victims unlock their files for free.
By Dark Reading Staff , 6/17/2019
Comment0 comments  |  Read  |  Post a Comment
Utilities, Nations Need Better Plan Against Critical Infrastructure Attackers
Robert Lemos, Contributing WriterNews
The attackers behind the Triton, or Xenotime, intrusions into critical infrastructure (CI) safety systems are testing their skills against electric power companies. Options for defense are still limited, however.
By Robert Lemos Contributing Writer, 6/17/2019
Comment0 comments  |  Read  |  Post a Comment
The Life-Changing Magic of Tidying Up the Cloud
Kaus Phaltankar, CEO and Co-Founder at CaveonixCommentary
Most companies' cloud security operations would benefit significantly from clean-up, alignment, and organization.
By Kaus Phaltankar CEO and Co-Founder at Caveonix, 6/17/2019
Comment0 comments  |  Read  |  Post a Comment
10 Notable Security Acquisitions of 2019 (So Far)
Kelly Sheridan, Staff Editor, Dark Reading
In a year when security companies have been snapped up left and right, these deals stand out from the chaos.
By Kelly Sheridan Staff Editor, Dark Reading, 6/15/2019
Comment1 Comment  |  Read  |  Post a Comment
Common Hacker Tool Hit with Hackable Vulnerability
Dark Reading Staff, Quick Hits
A researcher has found a significant exploit in one of the most frequently used text editors.
By Dark Reading Staff , 6/14/2019
Comment1 Comment  |  Read  |  Post a Comment
Better Cybersecurity Research Requires More Data Sharing
Robert Lemos, Contributing WriterNews
Researchers at the Workshop on the Economics of Information Security highlight the cost savings of sharing cybersecurity data and push for greater access to information on breaches, attacks, and incidents.
By Robert Lemos Contributing Writer, 6/14/2019
Comment0 comments  |  Read  |  Post a Comment
Sensory Overload: Filtering Out Cybersecurity's Noise
Joshua Goldfarb, Independent ConsultantCommentary
No organization can prioritize and mitigate hundreds of risks effectively. The secret lies in carefully filtering out the risks, policies, and processes that waste precious time and resources.
By Joshua Goldfarb Independent Consultant, 6/14/2019
Comment0 comments  |  Read  |  Post a Comment
Triton Attackers Seen Scanning US Power Grid Networks
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
The development follows speculation and concern among security experts that the attack group would expand its scope to the power grid.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 6/14/2019
Comment0 comments  |  Read  |  Post a Comment
DNS Firewalls Could Prevent Billions in Losses to Cybercrime
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
New analysis shows widespread DNS protection could save organizations as much as $200 billion in losses every year.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/13/2019
Comment4 comments  |  Read  |  Post a Comment
Cyberattack Hits Aircraft Parts Manufacturer
Dark Reading Staff, Quick Hits
Belgium's Asco has shut down manufacturing around the world, including the US, in response to a major cybersecurity event, but what happened isn't clear.
By Dark Reading Staff , 6/13/2019
Comment0 comments  |  Read  |  Post a Comment
Congress Gives 'Hack Back' Legislation Another Try
Dark Reading Staff, Quick Hits
Officials reintroduce a bill that would let businesses monitor attacker behavior and target intruders on corporate networks.
By Dark Reading Staff , 6/13/2019
Comment1 Comment  |  Read  |  Post a Comment
The CISO's Drive to Consolidation
Nik Whitfield, Computer Scientist & Security Technology EntrepreneurCommentary
Cutting back on the number of security tools you're using can save money and leave you safer. Here's how to get started.
By Nik Whitfield Computer Scientist & Security Technology Entrepreneur, 6/13/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by DavidRandolph
Current Conversations IDK.  Must be TLS 1.3.
In reply to: caption
Post Your Own Reply
More Conversations
Products & Releases
New to Tanium Protect: Windows and macOS Encryption Management at Scale
Farsight Security® and ThreatSTOP Partner to Introduce ThreatSTOP NOD to Prevent Phishing and Other Risks Associated with New Domains
1 in 5 Americans Avoid Sporting Events, Concerts Due to Physical & Cybersecurity Concerns
400 CEOs Say Cybersecurity Is Greatest Threat to Growth: Report
Kaspersky: Company unveils new branding and visual identity
‘Cyber Ireland’ announced by IDA Ireland and Cork Institute of Technology
FS-ISAC Survey: Nearly 75 Percent of Financial Institutions’ CISOs Plan to Ask for an Increase in Cybersecurity Investment
2019 State of Enterprise Secure Access Report
More Products & Releases
PR Newswire
7 Truths About BEC Scams
Ericka Chickowski, Contributing Writer,  6/13/2019
DNS Firewalls Could Prevent Billions in Losses to Cybercrime
Curtis Franklin Jr., Senior Editor at Dark Reading,  6/13/2019
Can Your Patching Strategy Keep Up with the Demands of Open Source?
Tim Mackey, Principal Security Strategist, CyRC, at Synopsys,  6/18/2019
Register for Dark Reading Newsletters
Cartoon
Latest Comment: IDK.  Must be TLS 1.3.
White Papers
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-3896
PUBLISHED: 2019-06-19
A double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service (DoS).
CVE-2019-3954
PUBLISHED: 2019-06-19
Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.0 allows a remote, unauthenticated attacker to execute arbitrary code by sending a crafted IOCTL 81024 RPC call.
CVE-2019-10085
PUBLISHED: 2019-06-19
In Apache Allura prior to 1.11.0, a vulnerability exists for stored XSS on the user dropdown selector when creating or editing tickets. The XSS executes when a user engages with that dropdown on that page.
CVE-2019-11038
PUBLISHED: 2019-06-19
When using gdImageCreateFromXbm() function of gd extension in versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been ...
CVE-2019-11039
PUBLISHED: 2019-06-19
Function iconv_mime_decode_headers() in versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash.
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Here’s some insight on what's working – and what isn't – in the data center.
Flash Poll
Video
Slideshows
Twitter Feed