Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Careers and People
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
Fighting Fileless Malware, Part 3: Mitigations
Chinese-Affiliated APT31 Cloned & Used NSA Hacking Tool
Augmenting SMB Defense Strategies With MITRE ATT&CK: A Primer
How to Submit a Column to Dark Reading
News & Commentary
New Jailbreak Tool Works on Most iPhones
Dark Reading Staff, Quick Hits
The Unc0ver team has released a tool that works on iOS 11 and later, and exploits a vulnerability that was recently under attack.
By Dark Reading Staff , 3/1/2021
Comment0 comments  |  Read  |  Post a Comment
Universal Health Services Suffered $67 Million Loss Due to Ransomware Attack
Dark Reading Staff, Quick Hits
Earnings report points to diversion of care during incident for financial loss.
By Dark Reading Staff , 3/1/2021
Comment0 comments  |  Read  |  Post a Comment
MSP Provider Builds Red Team as Attackers Target Industry
Robert Lemos, Contributing WriterNews
NinjaRMM, which provides tools for managed service providers, aims to create a red team capability following years of attacks against MSPs.
By Robert Lemos Contributing Writer, 3/1/2021
Comment0 comments  |  Read  |  Post a Comment
Cybercrime 'Help Wanted': Job Hunting on the Dark Web
Joan Goodchild, Contributing Writer
How's your 'Probiv'? How about customer service? Here's how Dark Web forums connect cybercriminals looking for talent with those looking for work -- and which skills are hot right now.
By Joan Goodchild Contributing Writer, 3/1/2021
Comment0 comments  |  Read  |  Post a Comment
Building a Next-Generation SOC Starts With Holistic Operations
Moti Gindi, Corporate Vice President, Microsoft Defender Advanced Threat ProtectionCommentary
The proper template for a modernized SOC team is one that operates seamlessly across domains with a singular, end-to-end view.
By Moti Gindi Corporate Vice President, Microsoft Defender Advanced Threat Protection, 3/1/2021
Comment0 comments  |  Read  |  Post a Comment
NSA Releases Guidance on Zero-Trust Architecture
Dark Reading Staff, Quick Hits
A new document provides guidance for businesses planning to implement a zero-trust system management strategy.
By Dark Reading Staff , 2/26/2021
Comment0 comments  |  Read  |  Post a Comment
'Nerd' Humor
Edge Editors, Dark Reading
Some jokes never get old.
By Edge Editors Dark Reading, 2/26/2021
Comment0 comments  |  Read  |  Post a Comment
The Edge Pro Tip: Fasten Your Seatbelts
Edge Editors, Dark Reading
An unprecedented 2020 has shaken up security leaders' usual list of must-have technologies for 2021. Where do they plan to spend next?
By Edge Editors Dark Reading, 2/26/2021
Comment0 comments  |  Read  |  Post a Comment
Securing Super Bowl LV
Sara Peters, Senior Editor at Dark Reading
A peek at open XDR technology, and defense that held up better than the Kansas City Chiefs.
By Sara Peters Senior Editor at Dark Reading, 2/26/2021
Comment0 comments  |  Read  |  Post a Comment
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing WriterNews
While access to compromised systems has become an increasingly common service, some cybercriminals are going straight to the source: buying code bases and then updating the application with malicious code.
By Robert Lemos Contributing Writer, 2/26/2021
Comment0 comments  |  Read  |  Post a Comment
After a Year of Quantum Advances, the Time to Protect Is Now
Tim Hollebeek, Industry and Standards Technical Strategist at DigiCertCommentary
Innovations in quantum computing mean enterprise and manufacturing organizations need to start planning now to defend against new types of cybersecurity threats.
By Tim Hollebeek Industry and Standards Technical Strategist at DigiCert, 2/26/2021
Comment0 comments  |  Read  |  Post a Comment
Inside Strata's Plans to Solve the Cloud Identity Puzzle
Kelly Sheridan, Staff Editor, Dark ReadingNews
Strata Identity was founded to change businesses' approach to identity management as multicloud environments become the norm.
By Kelly Sheridan Staff Editor, Dark Reading, 2/25/2021
Comment0 comments  |  Read  |  Post a Comment
Microsoft Releases Free Tool for Hunting SolarWinds Malware
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Meanwhile, researchers at SecurityScorecard say the "fileless" malware loader in the attack - Teardrop - actually dates back to 2017.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/25/2021
Comment0 comments  |  Read  |  Post a Comment
North Korea's Lazarus Group Expands to Stealing Defense Secrets
Jai Vijayan, Contributing WriterNews
Several gigabytes of sensitive data stolen from one restricted network, with organizations in more than 12 countries impacted, Kaspersky says.
By Jai Vijayan Contributing Writer, 2/25/2021
Comment0 comments  |  Read  |  Post a Comment
Ransomware, Phishing Will Remain Primary Risks in 2021
Robert Lemos, Contributing WriterNews
Attackers have doubled down on ransomware and phishing -- with some tweaks -- while deepfakes and disinformation will become more major threats in the future, according to a trio of threat reports.
By Robert Lemos Contributing Writer, 2/25/2021
Comment0 comments  |  Read  |  Post a Comment
Thousands of VMware Servers Exposed to Critical RCE Bug
Dark Reading Staff, Quick Hits
Security experts report scanning activity targeting vulnerable vCenter servers after a researcher published proof-of-concept code.
By Dark Reading Staff , 2/25/2021
Comment0 comments  |  Read  |  Post a Comment
5 Key Steps Schools Can Take to Defend Against Cyber Threats
Chris Abbey, Manager, Incident Handling, at Red CanaryCommentary
Educational institutions have become prime targets, but there are things they can do to stay safer.
By Chris Abbey Manager, Incident Handling, at Red Canary, 2/25/2021
Comment0 comments  |  Read  |  Post a Comment
How to Avoid Falling Victim to a SolarWinds-Style Attack
Joseph Cortese, Penetration Testing Practice Lead at A-LIGNCommentary
A multilayered, zero-trust security posture provides a better chance of fending off sophisticated supply chain attackers before it's too late.
By Joseph Cortese Penetration Testing Practice Lead at A-LIGN, 2/25/2021
Comment0 comments  |  Read  |  Post a Comment
Cybercriminals Target QuickBooks Databases
Steve Zurier, Contributing WriterNews
Stolen financial files then get sold on the Dark Web, researchers say.
By Steve Zurier Contributing Writer, 2/24/2021
Comment0 comments  |  Read  |  Post a Comment
New APT Group Targets Airline Industry & Immigration
Jai Vijayan, Contributing WriterNews
LazyScript bears similarities to some Middle Eastern groups but appears to be a distinct operation of its own, Malwarebytes says.
By Jai Vijayan Contributing Writer, 2/24/2021
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by raudrera
Current Conversations Flintstones haha
In reply to: answer
Post Your Own Reply
More Conversations
Products & Releases
Sequitur Labs Expands EmSPARK Security Suite Deployment Options
Cynet Reviews the Top 6 Most Notable Cyber Attacks of 2020
Only 19% of Women in Tech Were Inspired to Join Profession by Female Role Model
PerimeterX Raises $57M in Growth Capital Funding to Fuel Expansion Into New Geographies & Verticals
Jamf Boosts macOS Security Capabilities With the Acquisition of Solutions Created by cmdSecurity
Armorblox Raises Series B Funding
Netskope Research Finds Majority of Malware Now Delivered via Cloud Apps
CISA Welcomes New Members to Leadership Team
More Products & Releases
PR Newswire
Security Now Joins Dark Reading

Find out more about the combination of two of the industry's leading cybersecurity news sites.

Cybercrime 'Help Wanted': Job Hunting on the Dark Web
How's your 'Probiv'? How about customer service? Here's how Dark Web forums connect cybercriminals looking for talent with those looking for work -- and which skills are hot right now.
Securing Super Bowl LV
A peek at open XDR technology, and defense that held up better than the Kansas City Chiefs.
Cartoon Caption Winner: Be Careful Who You Trust
And the winner of The Edge's February cartoon caption contest is ...
Register for Dark Reading Newsletters
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: "The truth behind Stonehenge...."
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27886
PUBLISHED: 2021-03-02
rakibtg Docker Dashboard before 2021-02-28 allows command injection in backend/utilities/terminal.js via shell metacharacters in the command parameter of an API request. NOTE: this is NOT a Docker, Inc. product.
CVE-2016-8153
PUBLISHED: 2021-03-02
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none.
CVE-2016-8154
PUBLISHED: 2021-03-02
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none.
CVE-2016-8155
PUBLISHED: 2021-03-02
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none.
CVE-2016-8156
PUBLISHED: 2021-03-02
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none.
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Flash Poll
Video
Slideshows
Twitter Feed