Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
7 Recent Wins Against Cybercrime
What You Need to Know About Zero Trust Security
The State of Cyber Security Incident Response
7 Signs of the Rising Threat of Magecart Attacks in 2019
Name That Toon: End User Lockdown
News & Commentary
First American Financial Corp. Left Mortgage Data Exposed on Website
Dark Reading Staff, Quick Hits
Real estate title firm reportedly has closed a hole in its website that had left hundreds of millions of real estate tile insurance files accessible without authentication, according to KrebsOnSecurity.
By Dark Reading Staff , 5/24/2019
Comment0 comments  |  Read  |  Post a Comment
Mist Computing Startup Distributes Security AI to the Network Edge
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
MistNet, founded by former Juniper employees, moves AI processing to the network edge to build distributed detection and analysis models for security.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/24/2019
Comment0 comments  |  Read  |  Post a Comment
NSS Labs Admits Its Test of CrowdStrike Falcon Was 'Inaccurate'
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
CrowdStrike, NSS Labs reach confidential settlement over 2017 endpoint product testing dispute.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/24/2019
Comment0 comments  |  Read  |  Post a Comment
How Security Vendors Can Address the Cybersecurity Talent Shortage
Rob Rashotte, VP of Global Training and Technical Field Enablement at FortinetCommentary
The talent gap is too large for any one sector, and cybersecurity vendors have a big role to play in helping to close it.
By Rob Rashotte VP of Global Training and Technical Field Enablement at Fortinet, 5/24/2019
Comment4 comments  |  Read  |  Post a Comment
7 Recent Wins Against Cybercrime
Jai Vijayan, Contributing Writer
The increasing number of successful law enforcement actions and prosecutions suggest that cybercriminals have plenty of reason to be looking over their shoulders.
By Jai Vijayan Contributing Writer, 5/24/2019
Comment0 comments  |  Read  |  Post a Comment
Researcher Publishes Four Zero-Day Exploits in Three Days
Robert Lemos, Contributing WriterNews
The exploits for local privilege escalation vulnerabilities in Windows could be integrated into malware before Microsoft gets a chance to fix the issues.
By Robert Lemos Contributing Writer, 5/23/2019
Comment0 comments  |  Read  |  Post a Comment
To Manage Security Risk, Manage Data First
Kelly Sheridan, Staff Editor, Dark ReadingNews
At Interop 2019, IT and security experts urged attendees to focus on data asset management as a means of mitigating risk.
By Kelly Sheridan Staff Editor, Dark Reading, 5/23/2019
Comment0 comments  |  Read  |  Post a Comment
Moody's Outlook Downgrade of Equifax: A Wake-up Call to Boards
Ericka Chickowski, Contributing WriterNews
The move provides another spark to light a fire under CISOs to improve how they measure and communicate security risks to the board, security experts say.
By Ericka Chickowski Contributing Writer, 5/23/2019
Comment0 comments  |  Read  |  Post a Comment
FEC Gives Green Light for Free Cybersecurity Help in Federal Elections
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Official opinion issued by the Federal Election Commission to nonprofit Defending Digital Campaigns is good news for free and reduced-cost security offerings to political candidates and committees.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/23/2019
Comment0 comments  |  Read  |  Post a Comment
Mobile Exploit Fingerprints Devices with Sensor Calibration Data
Dark Reading Staff, Quick Hits
Data from routines intended to calibrate motion sensors can identify individual iOS and Android devices in a newly released exploit.
By Dark Reading Staff , 5/23/2019
Comment0 comments  |  Read  |  Post a Comment
Google's Origin & the Danger of Link Sharing
Dr. Salvatore Stolfo, Fouder & CTO, Allure SecurityCommentary
How the act of sharing links to files stored in a public cloud puts organizations at risk, and what security teams can do to safeguard data and PII.
By Dr. Salvatore Stolfo Fouder & CTO, Allure Security, 5/23/2019
Comment1 Comment  |  Read  |  Post a Comment
Microsoft Opens Defender ATP for Mac to Public Preview
Dark Reading Staff, Quick Hits
Users of the security platform who have preview features enabled can access Defender ATP for Mac via the Security Center onboarding section.
By Dark Reading Staff , 5/23/2019
Comment0 comments  |  Read  |  Post a Comment
Russian Nation-State Hacking Unit's Tools Get More Fancy
Robert Lemos, Contributing WriterNews
APT28/Fancy Bear has expanded its repertoire to more than 30 commands for infecting systems, executing code, and reconnaissance, researchers have found.
By Robert Lemos Contributing Writer, 5/23/2019
Comment0 comments  |  Read  |  Post a Comment
Incident Response: 3 Easy Traps & How to Avoid Them
Beth Burgin Waller, Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLCCommentary
Sage legal advice about navigating a data breach from a troubleshooting cybersecurity outside counsel.
By Beth Burgin Waller Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLC, 5/23/2019
Comment2 comments  |  Read  |  Post a Comment
Alphabet's Chronicle Explores Code-Signing Abuse in the Wild
Kelly Sheridan, Staff Editor, Dark ReadingNews
A new analysis highlights the prevalence of malware signed by certificate authorities and the problems with trust-based security.
By Kelly Sheridan Staff Editor, Dark Reading, 5/22/2019
Comment0 comments  |  Read  |  Post a Comment
New Software Skims Credit Card Info From Online Credit Card Transactions
Dark Reading Staff, Quick Hits
The new exploit builds a fake frame around legitimate portions of an online commerce website.
By Dark Reading Staff , 5/22/2019
Comment3 comments  |  Read  |  Post a Comment
Data Asset Management: What Do You Really Need?
Kelly Sheridan, Staff Editor, Dark ReadingNews
At Interop, a cybersecurity and privacy leader explains her approach to data management and governance at a massive, decentralized company.
By Kelly Sheridan Staff Editor, Dark Reading, 5/22/2019
Comment0 comments  |  Read  |  Post a Comment
Baltimore Email, Other Systems Still Offline from May 7 Ransomware Attack
Dark Reading Staff, Quick Hits
The city's mayor says there's no 'exact timeline on when all systems will be restored.'
By Dark Reading Staff , 5/22/2019
Comment1 Comment  |  Read  |  Post a Comment
Proving the Value of Security Awareness with Metrics that 'Deserve More'
Ira Winkler, CISSP, President, Secure MentemCommentary
Without metrics that matter to the business, awareness programs will continue to be the bastard child of security.
By Ira Winkler CISSP, President, Secure Mentem, 5/22/2019
Comment0 comments  |  Read  |  Post a Comment
DDoS Attacks Up in Q1 After Months of Steady Decline
Jai Vijayan, Contributing WriterNews
Sudden surge suggests that new actors have stepped up to the plate to replace the old operators.
By Jai Vijayan Contributing Writer, 5/22/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Products & Releases
2019 State of Enterprise Secure Access Report
Infocyte Launches Agentless Cloud Workload Protection Platform, Strengthens Capabilities in AWS Environments
Microsoft Joins MANRS to Improve Routing Security
Hunters.AI Raises $5.4M Seed Round to Equip Cybersecurity Teams with Autonomous Threat Hunting Machine
xMatters open-sources its Chaos Engineering tool
Sectigo Sponsors Let’s Encrypt to Enable Certificate Transparency Log Operation
LogRhythm Releases Cloud-Based NextGen Security Information and Event Management (SIEM) Platform
Rackspace and Telos Team Up to Accelerate FedRAMP Journey
More Products & Releases
PR Newswire
97% of Americans Can't Ace a Basic Security Test
Steve Zurier, Contributing Writer,  5/20/2019
How Security Vendors Can Address the Cybersecurity Talent Shortage
Rob Rashotte, VP of Global Training and Technical Field Enablement at Fortinet,  5/24/2019
TeamViewer Admits Breach from 2016
Dark Reading Staff 5/20/2019
Register for Dark Reading Newsletters
Cartoon Contest
White Papers
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-7068
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7069
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7070
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7071
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2019-7072
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
Flash Poll
Video
Slideshows
Twitter Feed