Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
How to Decipher InfoSec Job Titles' Mysteries
8 Cybersecurity Themes to Expect at Black Hat USA 2020
11 Security Tools to Expect at the Black Hat USA 2020 Arsenal Virtual Event
Q&A: How Systemic Racism Weakens Cybersecurity
COVID-19: Latest Security News & Commentary
News & Commentary
Better Business Bureau Warns of New Visa Scam
Dark Reading Staff, Quick Hits
Visa limitations due to the novel coronavirus have given rise to a wave of scams aimed at visa-seekers.
By Dark Reading Staff , 8/10/2020
Comment0 comments  |  Read  |  Post a Comment
Can I Use the Same Security Tools on My IT and OT?
Edge Editors, Dark Reading
You can quit worrying about IT tools in the OT environment.
By Edge Editors Dark Reading, 8/10/2020
Comment0 comments  |  Read  |  Post a Comment
Lock-Pickers Face an Uncertain Future Online
Seth Rosenblatt, Contributing WriterNews
Teaching the hardware hacker the skill of picking locks is evolving because of the pandemic's lockdown.
By Seth Rosenblatt Contributing Writer, 8/10/2020
Comment1 Comment  |  Read  |  Post a Comment
Q2 DDoS Attacks Triple Year Over Year: Report
Dark Reading Staff, Quick Hits
Distributed denial-of-service attacks have stayed consistently high throughout 2020, a shift from normal attack trends that researchers attribute to COVID-19.
By Dark Reading Staff , 8/10/2020
Comment0 comments  |  Read  |  Post a Comment
Vulnerability Prioritization: Are You Getting It Right?
David Habusha, VP of Product, WhiteSourceCommentary
Developers must find a way to zero in on the security vulns that present the most risk and quickly address them without slowing down the pace of development.
By David Habusha VP of Product, WhiteSource, 8/10/2020
Comment0 comments  |  Read  |  Post a Comment
COVID-19: Latest Security News & Commentary
Dark Reading Staff, News
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
By Dark Reading Staff , 8/10/2020
Comment19 comments  |  Read  |  Post a Comment
Digital Clones Could Cause Problems for Identity Systems
Robert Lemos, Contributing WriterNews
Three fundamental technologies -- chatbots, audio fakes, and deepfake videos -- have improved to the point that creating digital, real-time clones of people is merely a matter of integrating the systems.
By Robert Lemos Contributing Writer, 8/8/2020
Comment0 comments  |  Read  |  Post a Comment
Reddit Attack Defaces Dozens of Channels
Dark Reading Staff, Quick Hits
The attack has defaced the channels with images and content supporting Donald Trump.
By Dark Reading Staff , 8/7/2020
Comment0 comments  |  Read  |  Post a Comment
Hacking the PLC via Its Engineering Software
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Researcher will demonstrate at DEF CON an emerging threat to industrial control networks.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/7/2020
Comment0 comments  |  Read  |  Post a Comment
400+ Qualcomm Chip Vulnerabilities Threaten Millions of Android Phones
Kelly Sheridan, Staff Editor, Dark ReadingNews
Security researchers found hundreds of pieces of vulnerable code in the Qualcomm Snapdragon chips powering Android phones.
By Kelly Sheridan Staff Editor, Dark Reading, 8/7/2020
Comment0 comments  |  Read  |  Post a Comment
Researcher Finds New Office Macro Attacks for MacOS
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Building successful macro attacks means getting past several layers of security, but a Black Hat speaker found a way through.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/7/2020
Comment2 comments  |  Read  |  Post a Comment
BEC Campaigns Target Financial Execs via Office 365
Dark Reading Staff, Quick Hits
A series of business email compromise campaigns has been targeting executives of more than 1,000 companies, most recently in the US and Canada.
By Dark Reading Staff , 8/7/2020
Comment0 comments  |  Read  |  Post a Comment
IoT Security During COVID-19: What We've Learned & Where We're Going
Aamir Lakhani, Cybersecurity Researcher and Practitioner for FortiGuard LabsCommentary
Vigilance and ongoing training combined with an integrated security framework are key aspects of a successful strategy in the fight against the latest crop of pandemic opportunists.
By Aamir Lakhani Cybersecurity Researcher and Practitioner for FortiGuard Labs, 8/7/2020
Comment0 comments  |  Read  |  Post a Comment
Getting to the Root: How Researchers Identify Zero-Days in the Wild
Kelly Sheridan, Staff Editor, Dark ReadingNews
Google Project Zero researcher Maddie Stone explains the importance of identifying flaws exploited in the wild and techniques used to do it.
By Kelly Sheridan Staff Editor, Dark Reading, 8/6/2020
Comment0 comments  |  Read  |  Post a Comment
Researchers Create New Framework to Evaluate User Security Awareness
Jai Vijayan, Contributing WriterNews
Approaches based on questionnaires and self-evaluation are not always a good indicator of how well a user can mitigate social engineering threats.
By Jai Vijayan Contributing Writer, 8/6/2020
Comment0 comments  |  Read  |  Post a Comment
A Mix of Optimism and Pessimism for Security of the 2020 Election
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
DHS CISA's Christopher Krebs and Georgetown University's Matt Blaze at Black Hat USA give the lowdown on where things stand and what still needs to happen to protect the integrity of November's election.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/6/2020
Comment0 comments  |  Read  |  Post a Comment
Dark Reading Video News Desk Returns to Black Hat
Sara Peters, Senior Editor at Dark ReadingNews
UPDATED: Coming to you prerecorded from in front of carefully arranged bookcases around the world ...!
By Sara Peters Senior Editor at Dark Reading, 8/6/2020
Comment0 comments  |  Read  |  Post a Comment
Where Dark Reading Goes Next
Dark Reading Staff, News
Dark Reading Editor-in-Chief gives a complete rundown of all the Dark Reading projects you might not even know about, his insight into the future of the security industry, and how we plan to cover it.
By Dark Reading Staff , 8/6/2020
Comment0 comments  |  Read  |  Post a Comment
On 'Invisible Salamanders' and Insecure Messages
Dark Reading Staff, News
Cornell researcher Paul Grubbs discusses how vulnerabilities found in Facebook Messenger encryption could mean trouble for your secure messages.
By Dark Reading Staff , 8/6/2020
Comment0 comments  |  Read  |  Post a Comment
Exploiting Google Cloud Platform With Ease
Dark Reading Staff, News
Security engineer Dylan Ayrey and Cruise senior infrastructure security engineer Allison Donovan describe fundamental weaknesses in GCP identity management that enable privilege escalation and lateral movement.
By Dark Reading Staff , 8/6/2020
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by dfwroofingpro
Current Conversations I agreed
In reply to: Blake Luby
Post Your Own Reply
More Conversations
Products & Releases
RangeForce Raises $16 Million to Help Enterprises Build Highly Skilled Cybersecurity Teams
Calyptix Security Releases AccessEnforcer 5.0 Beta
Exabeam Announces New Use Case Licensing and Content Library to Simplify SIEM Adoption, Enable Increased Visibility
DHS Awards $1 Million Phase 2 Contract to Waverley Labs to Deploy the Dynamic AccessID (TM) Network
Federal, State, Local, and Private-Sector Partners Conduct Nationwide Exercise to Test Election Day Plans
Tanium Report Reveals 85 Percent of Organizations Experienced More Cyberattacks Since the Start of the Pandemic
Offensive Security Acquires Open Source Security Training Project VulnHub
PAS Releases Modular OT Cybersecurity Solution
More Products & Releases
PR Newswire
Security Now Joins Dark Reading

Find out more about the combination of two of the industry's leading cybersecurity news sites.

Can I Use the Same Security Tools on My IT and OT?
You can quit worrying about IT tools in the OT environment.
6 Dangerous Defaults Attackers Love (and You Should Know)
Default configurations can be massive vulnerabilities. Here are a half dozen to check on for your network.
Poll: Endpoint Extravaganza
What shape do you expect remote endpoints to be in when they start winging their way back to the office?
Register for Dark Reading Newsletters
Cartoon Contest
White Papers
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-17478
PUBLISHED: 2020-08-10
ECDSA/EC/Point.pm in Crypt::Perl before 0.33 does not properly consider timing attacks against the EC point multiplication algorithm.
CVE-2020-15648
PUBLISHED: 2020-08-10
Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header. This vulnerability affects Thunderbird < 78 and Firefox < 78.0.2.
CVE-2020-15649
PUBLISHED: 2020-08-10
Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of the actually files picked. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR...
CVE-2020-15650
PUBLISHED: 2020-08-10
Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile). *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Fir...
CVE-2020-15651
PUBLISHED: 2020-08-10
A unicode RTL order character in the downloaded file name can be used to change the file's name during the download UI flow to change the file extension. This vulnerability affects Firefox for iOS < 28.
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Flash Poll
Video
Slideshows
Twitter Feed