Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

7 SMB Security Tips That Will Keep Your Company Safe
8 Ways Businesses Unknowingly Help Hackers
7 Considerations Before Adopting Security Standards
Works of Art: Cybersecurity Inspires 6 Winning Ideas
Name That Toon: SOC Puppets
News & Commentary
Sodinokibi Ransomware: Where Attackers' Money Goes
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers following the ransomware variant uncover new data on how much its affiliates earn and where they spend it.
By Kelly Sheridan Staff Editor, Dark Reading, 10/15/2019
Comment0 comments  |  Read  |  Post a Comment
Targeted Ransomware Attacks Show No Signs of Abating
Jai Vijayan, Contributing WriterNews
Criminals are becoming more sophisticated and targeted in going after enterprise organizations, a new Q2/Q3 report finds.
By Jai Vijayan Contributing Writer, 10/15/2019
Comment0 comments  |  Read  |  Post a Comment
IoT Attacks Up Significantly in First Half of 2019
Dark Reading Staff, Quick Hits
New research shows attacks increased ninefold year-over-year, coming from more than a quarter-million unique IP addresses.
By Dark Reading Staff , 10/15/2019
Comment0 comments  |  Read  |  Post a Comment
More Breaches, Less Certainty Cause Dark Web Prices to Plateau
Robert Lemos, Contributing WriterNews
New research finds it's now less than $10 for full credit details on a consumer, $100 for a distributed denial-of-service attack, and $50 for access to a US bank account.
By Robert Lemos Contributing Writer, 10/15/2019
Comment0 comments  |  Read  |  Post a Comment
5 Steps to Protect Against Ransomware Attacks
AJ Nash, Director of Cyber Intelligence Strategy at AnomaliCommentary
Paying a ransom is strongly discouraged by experts. So, how do you protect your organization?
By AJ Nash Director of Cyber Intelligence Strategy at Anomali, 10/15/2019
Comment0 comments  |  Read  |  Post a Comment
Symantec Adds Endpoint Security Tool to Revamp Portfolio
Dark Reading Staff, Quick Hits
Symantec Endpoint Security aims to deliver protection, detection, threat hunting, and response in a single tool.
By Dark Reading Staff , 10/15/2019
Comment0 comments  |  Read  |  Post a Comment
14 Hot Cybersecurity Certifications Right Now
Joan Goodchild, Contributing Writer
In an industry where certifications can make or break a job candidacy, which ones have security pros been going after in 2019?
By Joan Goodchild Contributing Writer, 10/15/2019
Comment0 comments  |  Read  |  Post a Comment
Why Bricking Vulnerable IoT Devices Comes with Unintended Consequences
Marc Laliberte, Senior Security Analyst, WatchGuard TechnologiesCommentary
Infosec vigilantism can cause serious harm in the era of industrial IoT and connected medical devices.
By Marc Laliberte Senior Security Analyst, WatchGuard Technologies, 10/15/2019
Comment0 comments  |  Read  |  Post a Comment
Sophos for Sale: Thoma Bravo Offers $3.9B
Kelly Sheridan, Staff Editor, Dark ReadingNews
Sophos' board of directors plans to unanimously recommend the offer to the company's shareholders.
By Kelly Sheridan Staff Editor, Dark Reading, 10/14/2019
Comment0 comments  |  Read  |  Post a Comment
Cyber Theft, Humint Helped China Cut Corners on Passenger Jet
Jai Vijayan, Contributing WriterNews
Beijing likely saved a lot of time and billions of dollars by copying components for its C919 plane from others, a new report from CrowdStrike says.
By Jai Vijayan Contributing Writer, 10/14/2019
Comment0 comments  |  Read  |  Post a Comment
Pitney Bowes Hit by Ransomware
Dark Reading Staff, Quick Hits
The attack does not appear to have endangered customer data, but it has had an impact on orders for supplies and postage refills.
By Dark Reading Staff , 10/14/2019
Comment0 comments  |  Read  |  Post a Comment
Tamper Protection Arrives for Microsoft Defender ATP
Dark Reading Staff, Quick Hits
The feature, designed to block unauthorized changes to security features, is now generally available.
By Dark Reading Staff , 10/14/2019
Comment0 comments  |  Read  |  Post a Comment
When Using Cloud, Paranoia Can Pay Off
Robert Lemos, Contributing WriterNews
Journalists are increasingly concerned about what cloud providers may access or share with governments - and companies should worry as well.
By Robert Lemos Contributing Writer, 10/14/2019
Comment0 comments  |  Read  |  Post a Comment
The Connected Cybercrime Ecosystem & the Impact of the Capital One Breach
Kevin Gosschalk, CEO of Arkose LabsCommentary
A company's security battle is not between that company and a specific fraudster; rather, it's between the company and connected cybercriminal ecosystem.
By Kevin Gosschalk CEO of Arkose Labs, 10/14/2019
Comment0 comments  |  Read  |  Post a Comment
Click2Mail Suffers Data Breach
Dark Reading Staff, Quick Hits
Mail provider discovered customer data being used in spam messages.
By Dark Reading Staff , 10/11/2019
Comment0 comments  |  Read  |  Post a Comment
7 SMB Security Tips That Will Keep Your Company Safe
Steve Zurier, Contributing Writer
With National Cybersecurity Awareness Month as a backdrop, industry leaders weigh in on how SMBs can more effectively protect themselves from cyberattacks.
By Steve Zurier Contributing Writer, 10/11/2019
Comment1 Comment  |  Read  |  Post a Comment
FBI: Phishing Can Defeat Two-Factor Authentication
Dark Reading Staff, Quick Hits
A recent Privacy Industry Notification points to two new hacker tools that can turn a victim's browser into a credential-stealing zombie.
By Dark Reading Staff , 10/11/2019
Comment0 comments  |  Read  |  Post a Comment
A Murderers' Row of Poisoning Attacks
Curtis Franklin Jr., Senior Editor at Dark Reading
Poisoning can be used against network infrastructure and applications. Understanding how DNS cache poisoning, machine learning model poisoning, and other attacks work can help you prepare the proper antidote.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 10/11/2019
Comment0 comments  |  Read  |  Post a Comment
Creative Wi-Fi Passwords
Beyond the Edge, Dark Reading
Let's see a hacker figure out one of these.
By Beyond the Edge Dark Reading, 10/11/2019
Comment0 comments  |  Read  |  Post a Comment
Close the Gap Between Cyber-Risk and Business Risk
Brian Contos, CISO & VP of Techology Innovation at VerodinCommentary
Four steps outlining how security teams can better understand their company's cyber-risk and demonstrate to company leadership what's being done to mitigate the resulting business risk.
By By Brian Contos, CISO, Verodin , 10/11/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
edge
edge
In an industry where certifications can make or break a job candidacy, which ones have security pros been going after in 2019?
Some points to consider before you break open your wallet.
Poisoning can be used against network infrastructure and applications. Understanding how DNS cache poisoning, machine learning model poisoning, and other attacks work can help you prepare the proper antidote.
Register for Dark Reading Newsletters
Cartoon Contest
White Papers
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-17612
PUBLISHED: 2019-10-15
An issue was discovered in 74CMS v5.2.8. There is a SQL Injection generated by the _list method in the Common/Controller/BackendController.class.php file via the index.php?m=Admin&c=Ad&a=category sort parameter.
CVE-2019-17613
PUBLISHED: 2019-10-15
qibosoft 7 allows remote code execution because do/jf.php makes eval calls. The attacker can use the Point Introduction Management feature to supply PHP code to be evaluated. Alternatively, the attacker can access admin/index.php?lfj=jfadmin&action=addjf via CSRF, as demonstrated by a payload in...
CVE-2019-17395
PUBLISHED: 2019-10-15
In the Rapid Gator application 0.7.1 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.
CVE-2019-17602
PUBLISHED: 2019-10-15
An issue was discovered in Zoho ManageEngine OpManager before 12.4 build 124089. The OPMDeviceDetailsServlet servlet is prone to SQL injection. Depending on the configuration, this vulnerability could be exploited unauthenticated or authenticated.
CVE-2019-17394
PUBLISHED: 2019-10-15
In the Seesaw Parent and Family application 6.2.5 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Flash Poll
Video
Slideshows
Twitter Feed