Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Emotet 101: How the Ransomware Works -- and Why It's So Darn Effective
Securing Slack: 5 Tips for Safer Messaging, Collaboration
A 7-Step Cybersecurity Plan for Healthcare Organizations
The Threat from the Internet--and What Your Organization Can Do About It
COVID-19: Latest Security News & Commentary
News & Commentary
Trickbot, Phishing, Ransomware & Elections
Adam Caudill, Principal Security Engineer at 1PasswordCommentary
The botnet has taken some hits lately, but that doesn't mean the threat is over. Here are some steps you can take to keep it from your door.
By Adam Caudill Principal Security Engineer at 1Password, 10/19/2020
Comment0 comments  |  Read  |  Post a Comment
7 Tips for Choosing Security Metrics That Matter
Ericka Chickowski, Contributing Writer
Experts weigh in on picking metrics that demonstrate how the security team is handling operational efficiency and reducing risk.
By Ericka Chickowski Contributing Writer, 10/19/2020
Comment0 comments  |  Read  |  Post a Comment
Chart: The Pandemic Reprioritizes Security Projects
Edge Editors, Dark Reading
Responses among IT and security pros reflect concern over vulnerabilities incurred by workers accessing the enterprise network from poorly protected home networks.
By Edge Editors Dark Reading, 10/19/2020
Comment0 comments  |  Read  |  Post a Comment
A Swift Reminder About Cybersecurity
Edge Editors, Dark Reading
The hackers gonna crack, crack, crack, crack, crack ...
By Edge Editors Dark Reading, 10/19/2020
Comment0 comments  |  Read  |  Post a Comment
Expert Tips to Keep WordPress Safe
Curtis Franklin Jr., Senior Editor at Dark Reading
The most widely used content management system on the Web relies heavily on plug-ins and add-on software -- and that requires rigorous security measures at every level.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 10/19/2020
Comment0 comments  |  Read  |  Post a Comment
A New Risk Vector: The Enterprise of Things
Greg Clark, CEO, Forescout Technologies Inc.Commentary
Billions of devices -- including security cameras, smart TVs, and manufacturing equipment -- are largely unmanaged and increase an organization's risk.
By Greg Clark CEO, Forescout Technologies Inc., 10/19/2020
Comment0 comments  |  Read  |  Post a Comment
Massive New Phishing Campaigns Target Microsoft, Google Cloud Users
Dark Reading Staff, Quick Hits
US Counterintelligence Director & Fmr. Europol Leader Talk Election Security
Kelly Sheridan, Staff Editor, Dark ReadingNews
The US counterintelligence lead joins a former Europol cyber chief to discuss modern election threats and the benefits of public-private collaboration.
By Kelly Sheridan Staff Editor, Dark Reading, 10/16/2020
Comment1 Comment  |  Read  |  Post a Comment
An Uncommon 20 Years of Commonly Enumerating Vulns
Curtis Franklin Jr., Senior Editor at Dark Reading
Larry Cashdollar, a researcher with more than 300 CVEs to his credit, looks back at his favorite vulnerabilities (and being the only individual CNA on Mitre's list).
By Curtis Franklin Jr. Senior Editor at Dark Reading, 10/16/2020
Comment0 comments  |  Read  |  Post a Comment
Academia Adopts Mitre ATT&CK Framework
Robert Lemos, Contributing WriterNews
Security pros and academic researchers discuss the best ways to use MITRE's framework to inform cybersecurity efforts, analyze threats, and teach future workers.
By Robert Lemos Contributing Writer, 10/16/2020
Comment0 comments  |  Read  |  Post a Comment
Cybercrime Losses Up 50%, Exceeding $1.8B
Marc Wilczek, Digital Strategist & COO of Link11Commentary
Fewer companies are being hit by cyber incidents, but those that do get hit are hit harder and more often.
By Marc Wilczek Digital Strategist & COO of Link11, 10/16/2020
Comment0 comments  |  Read  |  Post a Comment
Prolific Cybercrime Group Now Focused on Ransomware
Robert Lemos, Contributing WriterNews
Cybercriminal team previously associated with point-of-sale malware and data theft has now moved almost completely into the more lucrative crimes of ransomware and extortion.
By Robert Lemos Contributing Writer, 10/15/2020
Comment0 comments  |  Read  |  Post a Comment
US Indicts Members of Transnational Money-Laundering Organization
Jai Vijayan, Contributing WriterNews
Members of the QQAAZZ group helped cybercriminals conceal origins of stolen funds, DoJ alleges.
By Jai Vijayan Contributing Writer, 10/15/2020
Comment0 comments  |  Read  |  Post a Comment
Twitter Hack Analysis Drives Calls for Greater Security Regulation
Dark Reading Staff, Quick Hits
New York's Department of Financial Services calls for more cybersecurity regulation at social media firms following the "jarringly easy" Twitter breach.
By Dark Reading Staff , 10/15/2020
Comment0 comments  |  Read  |  Post a Comment
Barnes & Noble Warns Customers About Data Breach
Dark Reading Staff, Quick Hits
Famed bookseller says non-financial data was exposed in a new attack.
By Dark Reading Staff , 10/15/2020
Comment0 comments  |  Read  |  Post a Comment
Overcoming the Challenge of Shorter Certificate Lifespans
Mike Cooper, Founder & CEO of RevocentCommentary
We could be in the middle of a major transition to shorter and shorter certificate life spans, which has significant implications for how IT organizations manage certificates across the enterprise.
By Mike Cooper Founder & CEO of Revocent, 10/15/2020
Comment1 Comment  |  Read  |  Post a Comment
The Ruthless Cyber Chaos of Business Recovery
Emil Sayegh, CEO and President, NtiretyCommentary
Critical technology initiatives leveraging the best of technology solutions are the only way through the cyber chaos of 2020.
By Emil Sayegh CEO and President, Ntirety, 10/15/2020
Comment0 comments  |  Read  |  Post a Comment
Microsoft Office 365 Accounts a Big Target for Attackers
Jai Vijayan, Contributing WriterNews
Just as they did with PowerShell for Windows, threat actors are abusing native O365 capabilities for lateral movement, command-and-control communication, and other malicious activity.
By Jai Vijayan Contributing Writer, 10/15/2020
Comment0 comments  |  Read  |  Post a Comment
Zoom Announces Rollout of End-to-End Encryption
Dark Reading Staff, Quick Hits
Phase 1 removes Zoom servers from the key generation and distribution processes.
By Dark Reading Staff , 10/14/2020
Comment0 comments  |  Read  |  Post a Comment
London Borough of Hackney Investigates 'Serious' Cyberattack
Dark Reading Staff, Quick Hits
London's Hackney Council says some services may be slow or unavailable as it looks into a cyberattack affecting services and IT systems.
By Dark Reading Staff , 10/14/2020
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by karthik.k16
Current Conversations Thanks. Very informative
In reply to: Great article
Post Your Own Reply
More Conversations
PR Newswire
Security Now Joins Dark Reading

Find out more about the combination of two of the industry's leading cybersecurity news sites.

The most widely used content management system on the Web relies heavily on plug-ins and add-on software -- and that requires rigorous security measures at every level.
Larry Cashdollar, a researcher with more than 300 CVEs to his credit, looks back at his favorite vulnerabilities (and being the only individual CNA on Mitre's list).
As the pandemic continues, security teams still need help they can't get. But the "skills shortage" is only part of the story.
Register for Dark Reading Newsletters
Cartoon
White Papers
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11496
PUBLISHED: 2020-10-19
Sprecher SPRECON-E firmware prior to 8.64b might allow local attackers with access to engineering data to insert arbitrary code. This firmware lacks the validation of the input values on the device side, which is provided by the engineering software during parameterization. Attackers with access to ...
CVE-2020-15822
PUBLISHED: 2020-10-19
In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped.
CVE-2020-24375
PUBLISHED: 2020-10-19
A DNS rebinding vulnerability in the UPnP MediaServer implementation in Freebox Server before 4.2.3.
CVE-2020-7193
PUBLISHED: 2020-10-19
A ictexpertcsvdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVE-2020-7194
PUBLISHED: 2020-10-19
A perfaddormoddevicemonitor expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Flash Poll
Video
Slideshows
Twitter Feed