Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

News & Commentary
Why Security Awareness Training Should Be Backed by Security by Design
Ericka Chickowski, Contributing WriterNews
Cybersecurity training needs an overhaul, though the training itself is only one small part of how security teams can influence user behavior.
By Ericka Chickowski Contributing Writer, 11/25/2020
Comment0 comments  |  Read  |  Post a Comment
How Ransomware Defense Is Evolving With Ransomware Attacks
Joan Goodchild, Contributing Writer
As data exfiltration threats and bigger ransom requests become the norm, security professionals are advancing from the basic "keep good backups" advice.
By Joan Goodchild Contributing Writer, 11/24/2020
Comment0 comments  |  Read  |  Post a Comment
CISA Warns of Holiday Online Shopping Scams
Dark Reading Staff, Quick Hits
The agency urges shoppers to be cautious of fraudulent websites, unsolicited emails, and unencrypted financial transactions.
By Dark Reading Staff , 11/24/2020
Comment0 comments  |  Read  |  Post a Comment
US Treasury's OFAC Ransomware Advisory: Navigating the Gray Areas
Jason Bevis & Kevin Adams-Romano, VP of Awake Labs / Incident Response Specialist at Awake SecurityCommentary
Leveraging the right response strategy, following the regulations, and understanding the ransom entity are the fundamentals in any ransomware outbreak.
By Jason Bevis & Kevin Adams-Romano VP of Awake Labs / Incident Response Specialist at Awake Security, 11/24/2020
Comment0 comments  |  Read  |  Post a Comment
What's in Store for Privacy in 2021
Robert Lemos, Contributing WriterNews
Changes are coming to the privacy landscape, including more regulations and technologies.
By Robert Lemos Contributing Writer, 11/24/2020
Comment0 comments  |  Read  |  Post a Comment
Printers' Cybersecurity Threats Too Often Ignored
Shivaun Albright, Chief Technologist of Print Security, HP Inc.Commentary
Remote workforce heightens the need to protect printing systems against intrusion and compromise.
By Shivaun Albright Chief Technologist of Print Security, HP Inc., 11/24/2020
Comment0 comments  |  Read  |  Post a Comment
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing WriterNews
Companies should plan their future workforce model now, so they have time to implement the necessary tools, including cybersecurity and seamless remote access, a Forrester report says.
By Robert Lemos Contributing Writer, 11/23/2020
Comment1 Comment  |  Read  |  Post a Comment
Ransomware Grows Easier to Spread, Harder to Block
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers illustrate the evolution toward more complete and effective ransomware attacks designed to cripple target organizations.
By Kelly Sheridan Staff Editor, Dark Reading, 11/23/2020
Comment0 comments  |  Read  |  Post a Comment
Evidence-Based Trust Gets Black Hat Europe Spotlight
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
An FPGA-based system could change the balance of power between hardware attackers and defenders within IT security.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/23/2020
Comment0 comments  |  Read  |  Post a Comment
How Retailers Can Fight Fraud and Abuse This Holiday Season
Sunil Potti, General Manager and Vice President, Google Cloud SecurityCommentary
Online shopping will be more popular than ever with consumers... and with malicious actors too.
By Sunil Potti General Manager and Vice President, Google Cloud Security, 11/23/2020
Comment0 comments  |  Read  |  Post a Comment
Facebook Messenger Flaw Enabled Spying on Android Callees
Dark Reading Staff, Quick Hits
A critical flaw in Facebook Messenger on Android would let someone start an audio or video call without the victim's knowledge.
By Dark Reading Staff , 11/20/2020
Comment1 Comment  |  Read  |  Post a Comment
Cybercriminals Get Creative With Google Services
Kelly Sheridan, Staff Editor, Dark ReadingNews
Attacks take advantage of popular services, including Google Forms and Google Docs.
By Kelly Sheridan Staff Editor, Dark Reading, 11/19/2020
Comment0 comments  |  Read  |  Post a Comment
Go SMS Pro Messaging App Exposed Users' Private Media Files
Dark Reading Staff, Quick Hits
The popular Android app uses easily guessable Web addresses when users send private photos, videos, and voice messages.
By Dark Reading Staff , 11/19/2020
Comment0 comments  |  Read  |  Post a Comment
Unpatched Browsers Abound, Study Shows
Steve Zurier, Contributing WriterNews
Google Chrome users don't always take time to relaunch browser updates, and some legacy applications don't support new versions of Chrome, Menlo Security says.
By Steve Zurier Contributing Writer, 11/19/2020
Comment1 Comment  |  Read  |  Post a Comment
Online Shopping Surge Puts Focus on Consumer Security Habits
Robert Lemos, Contributing WriterNews
Companies will have to tread a fine line between delivering security and a frictionless shopping experience, security firms say.
By Robert Lemos Contributing Writer, 11/18/2020
Comment0 comments  |  Read  |  Post a Comment
Cisco Webex Vulns Let 'Ghost' Attendees Spy on Meetings
Kelly Sheridan, Staff Editor, Dark ReadingNews
Three vulnerabilities, patched today, could let an attacker snoop on meetings undetected after the host removes them.
By Kelly Sheridan Staff Editor, Dark Reading, 11/18/2020
Comment1 Comment  |  Read  |  Post a Comment
Out With the Old Perimeter, in With the New Perimeters
Charlie Winckless, Senior Director, Cybersecurity Solutions, at PresidioCommentary
A confluence of trends and events has exploded the whole idea of "the perimeter." Now there are many perimeters, and businesses must adjust accordingly.
By Charlie Winckless Senior Director, Cybersecurity Solutions, at Presidio, 11/18/2020
Comment0 comments  |  Read  |  Post a Comment
How to Identify Cobalt Strike on Your Network
Zohar Buber, Security AnalystCommentary
Common antivirus systems frequently miss Cobalt Strike, a stealthy threat emulation toolkit admired by red teams and attackers alike.
By Zohar Buber Security Analyst, 11/18/2020
Comment2 comments  |  Read  |  Post a Comment
To Pay or Not to Pay: Responding to Ransomware From a Lawyer's Perspective
Beth Burgin Waller, Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLCCommentary
The threat of data extortion adds new layers of risk when determining how to respond to a ransomware attack.
By Beth Burgin Waller Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLC, 11/17/2020
Comment0 comments  |  Read  |  Post a Comment
Security Risks Discovered in Tesla Backup Gateway
Dark Reading Staff, Quick Hits
Cybersecurity researchers report on the security and privacy risks of leaving a Tesla Backup Gateway exposed to the Internet.
By Dark Reading Staff , 11/17/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
PR Newswire
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-20934
PUBLISHED: 2020-11-28
An issue was discovered in the Linux kernel before 5.2.6. On NUMA systems, the Linux fair scheduler has a use-after-free in show_numa_stats() because NUMA fault statistics are inappropriately freed, aka CID-16d51a590a8c.
CVE-2020-29368
PUBLISHED: 2020-11-28
An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.
CVE-2020-29369
PUBLISHED: 2020-11-28
An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe.
CVE-2020-29370
PUBLISHED: 2020-11-28
An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71.
CVE-2020-29371
PUBLISHED: 2020-11-28
An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd.