Endpoint

News & Commentary
GandCrab Ransomware Continues to Evolve But Can't Spread Via SMB Shares Yet
Jai Vijayan, Freelance writerNews
Recent fears that this year's most prolific ransomware threat has acquired new WannaCry-like propagation capabilities appear unfounded at the moment.
By Jai Vijayan Freelance writer, 7/13/2018
Comment0 comments  |  Read  |  Post a Comment
8 Big Processor Vulnerabilities in 2018
Ericka Chickowski, Contributing Writer, Dark Reading
Security researchers have been working in overdrive examining processors for issues and they haven't come up empty-handed.
By Ericka Chickowski Contributing Writer, Dark Reading, 7/13/2018
Comment0 comments  |  Read  |  Post a Comment
FBI: Email Account Compromise Losses Reach $12B
Dark Reading Staff, Quick Hits
There were more than 78K business email account (BEC) and email account compromise (EAC) scam incidents worldwide between October 2013 and May 2018.
By Dark Reading Staff , 7/13/2018
Comment0 comments  |  Read  |  Post a Comment
How to Structure an Enterprise-Wide Threat Intelligence Strategy
Tom Badders, Senior Product Manager, Secure Mobility, at Telos CorporationCommentary
To keep an organization safe, you must think about the entire IT ecosystem.
By Tom Badders Senior Product Manager, Secure Mobility, at Telos Corporation, 7/13/2018
Comment0 comments  |  Read  |  Post a Comment
WordPress Sites Targeted in World Cup-Themed Spam Scam
Jai Vijayan, Freelance writerNews
Spammers using a 'spray & pray' approach to post comments on WordPress powered blogs, forums, says Imperva.
By Jai Vijayan Freelance writer, 7/12/2018
Comment1 Comment  |  Read  |  Post a Comment
Critical Vulns Earn $2K Amid Rise of Bug Bounty Programs
Kelly Sheridan, Staff Editor, Dark ReadingNews
As of June, a total of $31 million has been awarded to security researchers for this year already a big jump from the $11.7 million awarded for the entire 2017.
By Kelly Sheridan Staff Editor, Dark Reading, 7/11/2018
Comment0 comments  |  Read  |  Post a Comment
Banks Suffer an Average of 3.8 Data Leak Incidents Per Week
Dark Reading Staff, Quick Hits
New study examines how financial services information gets sold and shared in the Dark Web.
By Dark Reading Staff , 7/11/2018
Comment0 comments  |  Read  |  Post a Comment
This Is How Much a 'Mega Breach' Really Costs
Kelly Sheridan, Staff Editor, Dark ReadingNews
The average cost of a data breach is $3.86 million, but breaches affecting more than 1 million records are far more expensive.
By Kelly Sheridan Staff Editor, Dark Reading, 7/11/2018
Comment0 comments  |  Read  |  Post a Comment
Major International Airport System Access Sold for $10 on Dark Web
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers from the McAfee Advanced Threat Research team began with an open search on Russian RDP shop UAS to make their discovery.
By Kelly Sheridan Staff Editor, Dark Reading, 7/11/2018
Comment2 comments  |  Read  |  Post a Comment
Apple Releases Wave of Security Updates
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Apple updates software for nearly every hardware platform, though one new feature almost steals the security show.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 7/11/2018
Comment0 comments  |  Read  |  Post a Comment
Bomgar Acquires Avecto
Dark Reading Staff, Quick Hits
Purchase adds layers to privileged access management system.
By Dark Reading Staff , 7/10/2018
Comment0 comments  |  Read  |  Post a Comment
For Data Thieves, the World Cup Runneth Over
Travis Jarae, Founder & CEO of One World IdentityCommentary
Large sporting events are always going to be targets, but the fact that the competition is in Russia adds another layer of concern. Here are three tips to stay safer.
By Travis Jarae Founder & CEO of One World Identity, 7/10/2018
Comment0 comments  |  Read  |  Post a Comment
7 Ways to Keep DNS Safe
Curtis Franklin Jr., Senior Editor at Dark Reading
A DNS attack can have an outsize impact on the targeted organization or organizations. Here's how to make hackers' lives much more difficult.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 7/10/2018
Comment2 comments  |  Read  |  Post a Comment
6 M&A Security Tips
Steve Zurier, Freelance Writer
Companies are realizing that the security posture of an acquired organization should be considered as part of their due diligence process.
By Steve Zurier Freelance Writer, 7/9/2018
Comment0 comments  |  Read  |  Post a Comment
Creating a Defensible Security Architecture
Justin Henderson, SANS Instructor and CEO of H & A Security SolutionsCommentary
Take the time to learn about your assets. You'll be able to layer in multiple prevention and detection solutions and have a highly effective security architecture.
By Justin Henderson SANS Instructor and CEO of H & A Security Solutions, 7/9/2018
Comment0 comments  |  Read  |  Post a Comment
New Malware Strain Targets Cryptocurrency Fans Who Use Macs
Dark Reading Staff, Quick Hits
OSX.Dummy depends on substantial help from an unwary victim.
By Dark Reading Staff , 7/6/2018
Comment0 comments  |  Read  |  Post a Comment
Reactive or Proactive? Making the Case for New Kill Chains
Ryan Stolte, co-founder and CTO at Bay DynamicsCommentary
Classic kill chain models that aim to find and stop external attacks don't account for threats from insiders. Here what a modern kill chain should include.
By Ryan Stolte co-founder and CTO at Bay Dynamics, 7/6/2018
Comment1 Comment  |  Read  |  Post a Comment
Trading Platforms Riddled With Severe Flaws
Ericka Chickowski, Contributing Writer, Dark ReadingNews
In spite of routing trillions of dollars of stock and commodity trades every day, financial cousins to online banking applications are written very insecurely.
By Ericka Chickowski Contributing Writer, Dark Reading, 7/6/2018
Comment0 comments  |  Read  |  Post a Comment
UK Banks Must Produce Backup Plans for Cyberattacks
Dark Reading Staff, Quick Hits
Financial services firms in Britain have three months to explain how they would stay up and running in the event of an attack or service disruption.
By Dark Reading Staff , 7/5/2018
Comment3 comments  |  Read  |  Post a Comment
4 Basic Principles to Help Keep Hackers Out
David Pearson, Principle Threat ResearcherCommentary
The most effective hackers keep things simple, something organizations must take into account.
By David Pearson Principle Threat Researcher, 7/5/2018
Comment3 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
What We Talk About When We Talk About Risk
Jack Jones, Chairman, FAIR Institute,  7/11/2018
Ticketmaster Breach Part of Massive Payment Card Hacking Campaign
Jai Vijayan, Freelance writer,  7/10/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14084
PUBLISHED: 2018-07-16
An issue was discovered in a smart contract implementation for MKCB, an Ethereum token. If the owner sets the value of sellPrice to a large number in setPrices() then the "amount * sellPrice" will cause an integer overflow in sell().
CVE-2018-14085
PUBLISHED: 2018-07-16
An issue was discovered in a smart contract implementation for UserWallet 0x0a7bca9FB7AfF26c6ED8029BB6f0F5D291587c42, an Ethereum token. First, suppose that the owner adds the evil contract address to his sweepers. The evil contract looks like this: contract Exploit { uint public start; function swe...
CVE-2018-14086
PUBLISHED: 2018-07-16
An issue was discovered in a smart contract implementation for SingaporeCoinOrigin (SCO), an Ethereum token. The contract has an integer overflow. If the owner sets the value of sellPrice to a large number in setPrices() then the "amount * sellPrice" will cause an integer overflow in sell(...
CVE-2018-14087
PUBLISHED: 2018-07-16
An issue was discovered in a smart contract implementation for EUC (EUC), an Ethereum token. The contract has an integer overflow. If the owner sets the value of buyPrice to a large number in setPrices() then the "msg.value * buyPrice" will cause an integer overflow in the fallback functio...
CVE-2018-14088
PUBLISHED: 2018-07-16
An issue was discovered in a smart contract implementation for STeX White List (STE(WL)), an Ethereum token. The contract has an integer overflow. If the owner sets the value of amount to a large number then the "amount * 1000000000000000" will cause an integer overflow in withdrawToFounde...