7 Cool New Security Tools to be Revealed at Black Hat Europe
Getting to Know Magecart: An Inside Look at 7 Groups
Understanding Evil Twin AP Attacks and How to Prevent Them
What You Should Know About Grayware (and What to Do About It)
The Morris Worm Turns 30
News & Commentary
7 Free (or Cheap) Ways to Increase Your Cybersecurity Knowledge
Curtis Franklin Jr., Senior Editor at Dark Reading
Building cybersecurity skills is a must; paying a lot for the education is optional. Here are seven options for increasing knowledge without depleting a budget.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/15/2018
Comment0 comments  |  Read  |  Post a Comment
Congress Passes Bill to Create New Federal Cybersecurity Agency
Jai Vijayan, Freelance writerNews
Cybersecurity and Infrastructure Security Agency Act now headed to President Trump for signing into law.
By Jai Vijayan Freelance writer, 11/15/2018
Comment0 comments  |  Read  |  Post a Comment
Cyber Crooks Diversify Business with Multi-Intent Malware
Avi Chesla, CEO and Founder, empowCommentary
The makers of malware have realized that if they're going to invest time and money in compromising cyber defenses, they should do everything they can to monetize their achievement.
By Avi Chesla CEO and Founder, empow, 11/15/2018
Comment1 Comment  |  Read  |  Post a Comment
Cloud, China, Generic Malware Top Security Concerns for 2019
Kelly Sheridan, Staff Editor, Dark ReadingNews
FireEye researchers unveil an extensive list of security risks waiting in the new year's wings.
By Kelly Sheridan Staff Editor, Dark Reading, 11/15/2018
Comment0 comments  |  Read  |  Post a Comment
Japan Cyber Minister Says He Has Never Used a Computer
Dark Reading Staff, Quick Hits
Yoshitaka Sakurada, who recently took on the role after a cabinet shuffling, says it's up to the government to deal with it.
By Dark Reading Staff , 11/15/2018
Comment1 Comment  |  Read  |  Post a Comment
More Than 50% of Free Mobile VPN Apps Have Chinese Ties
Dark Reading Staff, Quick Hits
In addition, most have "unacceptable" privacy policies and "non-existent user support."
By Dark Reading Staff , 11/15/2018
Comment0 comments  |  Read  |  Post a Comment
From Reactive to Proactive: Security as the Bedrock of the SDLC
Brian Rutledge, Principal Security Manager at SpanningCommentary
Secure code development should be a priority, not an afterthought, and adopting the software development life cycle process is a great way to start.
By Brian Rutledge Principal Security Manager at Spanning, 11/15/2018
Comment0 comments  |  Read  |  Post a Comment
Small-Time Cybercriminals Landing Steady Low Blows
Jai Vijayan, Freelance writerNews
High-end crime groups are acquiring the sorts of sophisticated capabilities only nation-states once had, while low-tier criminals maintain a steady stream of malicious activity, from cryptomining to PoS malware.
By Jai Vijayan Freelance writer, 11/14/2018
Comment0 comments  |  Read  |  Post a Comment
Security Teams Struggle with Container Security Strategy
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Fewer than 30% of firms have more than a basic container security plan in place.
By Ericka Chickowski Contributing Writer, Dark Reading, 11/14/2018
Comment0 comments  |  Read  |  Post a Comment
Cryptojacking, Mobile Malware Growing Threats to the Enterprise
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
At the same time, criminal organizations continue to look for new ways to attack their victims.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/14/2018
Comment0 comments  |  Read  |  Post a Comment
Black Hat: European Security Pros Wrestling With Potential Breaches, Privacy Issues
Tim Wilson, Editor in Chief, Dark Reading, News
Black Hat Europe attendee survey shows European cybersecurity leaders are uncertain of their ability to protect end user data and are fearful of a near-term breach of critical infrastructure.
By Tim Wilson, Editor in Chief, Dark Reading , 11/14/2018
Comment0 comments  |  Read  |  Post a Comment
Airlines Have a Big Problem with Bad Bots
Kelly Sheridan, Staff Editor, Dark ReadingNews
Bad bots account for 43.9% of all traffic on their websites, APIs, and mobile apps, according to a new analysis of 100 airlines.
By Kelly Sheridan Staff Editor, Dark Reading, 11/14/2018
Comment0 comments  |  Read  |  Post a Comment
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard TechnologiesCommentary
The attack surface remains largely unprotected from Wi-Fi threats that can result in stolen credentials and sensitive information as well as backdoor/malware payload drops.
By Ryan Orsi Director of Product Management for Wi-Fi at WatchGuard Technologies, 11/14/2018
Comment2 comments  |  Read  |  Post a Comment
Can Businesses Stand Up to Cybercrime? Only 61% Say Yes
Dark Reading Staff, Quick Hits
While 96% of US organizations say business resilience should be core to company strategy, only 61% say it actually is.
By Dark Reading Staff , 11/14/2018
Comment0 comments  |  Read  |  Post a Comment
To Click or Not to Click: The Answer Is Easy
Kowsik Guruswamy, Chief Technology Officer at Menlo SecurityCommentary
Mega hacks like the Facebook breach provide endless ammo for spearphishers. These six tips can help you stay safer.
By Kowsik Guruswamy Chief Technology Officer at Menlo Security, 11/14/2018
Comment1 Comment  |  Read  |  Post a Comment
Microsoft Patch Tuesday Recap: 12 Critical Bugs Fixed
Dark Reading Staff, Quick Hits
Eight of the 12 critical vulnerabilities addressed this month affect the Chakra Scripting Engine in Microsoft Edge.
By Dark Reading Staff , 11/13/2018
Comment0 comments  |  Read  |  Post a Comment
Getting to Know Magecart: An Inside Look at 7 Groups
Kelly Sheridan, Staff Editor, Dark ReadingNews
A new report spills the details on Magecart, the criminal groups driving it, and ongoing attacks targeting low- and high-profile victims.
By Kelly Sheridan Staff Editor, Dark Reading, 11/13/2018
Comment0 comments  |  Read  |  Post a Comment
Empathy: The Next Killer App for Cybersecurity?
Shay Colson, CISSP, Senior Manager, CyberClarity360Commentary
The toughest security problems involve people not technology. Here's how to motivate your frontline employees all the way from the service desk to the corner office.
By Shay Colson CISSP, Senior Manager, CyberClarity360, 11/13/2018
Comment1 Comment  |  Read  |  Post a Comment
Google Traffic Temporarily Rerouted via Russia, China
Kelly Sheridan, Staff Editor, Dark ReadingNews
The incident, which Google reports is now resolved, could be the result of either technical mistakes or malicious activity.
By Kelly Sheridan Staff Editor, Dark Reading, 11/13/2018
Comment0 comments  |  Read  |  Post a Comment
Netskope Announces Series F Funding Round
Dark Reading Staff, Quick Hits
The $168.7 million round will go toward R&D and global expansion, says cloud access security broker provider.
By Dark Reading Staff , 11/13/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by James D. Jones
Current Conversations Really healpful information.
In reply to: nice
Post Your Own Reply
More Conversations
PR Newswire
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018
Veterans Find New Roles in Enterprise Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/12/2018
To Click or Not to Click: The Answer Is Easy
Kowsik Guruswamy, Chief Technology Officer at Menlo Security,  11/14/2018
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Cloud Misconceptions Are Pervasive Across Enterprises
Shadow IT is rampant at many organizations that rely upon cloud-delivered tools and services to enable remote work, according to a new study. Here's what security teams need to do about it. Read >>
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Boosting Security Effectiveness with 'Adjuvants'
How integrating corporate resources like the IT help desk, system administration, quality assurance and HR can breathe new life into your security program. Read >>
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
WanaCrypt0r Hits Worldwide
Consumers and businesses should be sure their Windows systems and software are updated with all current patches in order to stop the spread of this dangerous ransomware attack. Read >>
Partner Perspectives
What's This?
Endpoint Security: Putting The Focus On What Matters
Five tips to help sift through the noise and focus on actions that can dramatically impact your endpoint security program. Read >>
Cartoon
White Papers
Current Issue
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19301
PUBLISHED: 2018-11-15
tp4a TELEPORT 3.1.0 allows XSS via the login page because a crafted username is mishandled when an administrator later views the system log.
CVE-2018-5407
PUBLISHED: 2018-11-15
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
CVE-2018-14934
PUBLISHED: 2018-11-15
The Bluetooth subsystem on Polycom Trio devices with software before 5.5.4 has Incorrect Access Control. An attacker can connect without authentication and subsequently record audio from the device microphone.
CVE-2018-14935
PUBLISHED: 2018-11-15
The Web administration console on Polycom Trio devices with software before 5.5.4 has XSS.
CVE-2018-16619
PUBLISHED: 2018-11-15
Sonatype Nexus Repository Manager before 3.14 allows XSS.
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Flash Poll
Video
Slideshows
Twitter Feed