Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Page 1 / 2   >   >>
WanaCrypt0r Hits Worldwide
Pieter Arntz, Malware Intelligence Researcher, MalwarebytesCommentary
Consumers and businesses should be sure their Windows systems and software are updated with all current patches in order to stop the spread of this dangerous ransomware attack.
By Pieter Arntz Malware Intelligence Researcher, Malwarebytes, 5/13/2017
Comment1 Comment  |  Read  |  Post a Comment
Malspam Causing Havoc for Mac & Windows
Malwarebytes Labs, Malwarebytes LabsCommentary
Spam is a multi-platform, multi-vector approach to network compromise, and organizations need to weigh up the risks on all fronts to be able to combat it successfully.
By Malwarebytes Labs Malwarebytes Labs, 5/9/2017
Comment0 comments  |  Read  |  Post a Comment
OSX.Bella: Mac Malware Strikes Again
Thomas Reed, Director of Mac Offerings, MalwarebytesCommentary
This variant of the OSX.Dok dropper behaves altogether differently, and installs a completely different payload.
By Thomas Reed Director of Mac Offerings, Malwarebytes, 5/2/2017
Comment1 Comment  |  Read  |  Post a Comment
Locky Returns with a New (Borrowed) Distribution Method
Jerome Segura, Lead Malware Intelligence Analyst, Malwarebytes, Commentary
A layered defense is a strong security posture for dealing with a threat like Locky, that can come in different disguises.
By Jerome Segura, Lead Malware Intelligence Analyst, Malwarebytes , 4/26/2017
Comment0 comments  |  Read  |  Post a Comment
Cybercrime Tactics & Techniques: Q1 2017
Malwarebytes Labs, Malwarebytes LabsCommentary
A deep dive into the threats that got our attention during the first three months of the year and what to expect going forward.
By Malwarebytes Labs Malwarebytes Labs, 4/18/2017
Comment0 comments  |  Read  |  Post a Comment
Securing your Privacy on Android
Nathan Collier, Senior Malware Intelligence Analyst, MalwarebytesCommentary
If you work at a company that allows you to use your mobile device to login to email, access company data, or connect to company Wi-Fi, youre more of a security risk than you think.
By Nathan Collier Senior Malware Intelligence Analyst, Malwarebytes, 4/12/2017
Comment0 comments  |  Read  |  Post a Comment
OSX.Dok: New & Sophisticated Mac Malware Strikes
Thomas Reed, Director of Mac Offerings, MalwarebytesCommentary
Phishing-deployed malware can capture account credentials for any website users log into.
By Thomas Reed Director of Mac Offerings, Malwarebytes, 4/7/2017
Comment0 comments  |  Read  |  Post a Comment
Top 5 Dumbest Cyber Threats That Still Pay Off
Malwarebytes Labs, Malwarebytes LabsCommentary
Some hackers are fairly predictable in their successful use of really dumb attacks.
By Malwarebytes Labs Malwarebytes Labs, 4/4/2017
Comment1 Comment  |  Read  |  Post a Comment
Exploit Kits: Winter 2017 Review
Jerome Segura, Lead Malware Intelligence Analyst, Malwarebytes, Commentary
We take another look at the current EK scene by going over RIG, Sundown, Neutrino and Magnitude.
By Jerome Segura, Lead Malware Intelligence Analyst, Malwarebytes , 3/28/2017
Comment0 comments  |  Read  |  Post a Comment
Malware Explained: Packer, Crypter & Protector
Pieter Arntz, Malware Intelligence Researcher, MalwarebytesCommentary
These three techniques can protect malware from analysis. Heres how they work.
By Pieter Arntz Malware Intelligence Researcher, Malwarebytes, 3/22/2017
Comment0 comments  |  Read  |  Post a Comment
7 Things You Need to Know about Bayesian Spam Filtering
Pieter Arntz, Malware Intelligence Researcher, MalwarebytesCommentary
Knowing how spam filters work can clarify how some messages get through, and how your own emails can avoid being caught.
By Pieter Arntz Malware Intelligence Researcher, Malwarebytes, 3/14/2017
Comment0 comments  |  Read  |  Post a Comment
4 Ways to Recover from a Cyberattack
Malwarebytes Labs, Malwarebytes LabsCommentary
Be prepared and act quickly are two key steps that will help you bounce back quickly from a cyberattack.
By Malwarebytes Labs Malwarebytes Labs, 3/8/2017
Comment0 comments  |  Read  |  Post a Comment
Adware vs. Ad Fraud: Viva la Difference!
Pieter Arntz, Malware Intelligence Researcher, MalwarebytesCommentary
Both earn their money in the advertising trade but they each have very different means of operation and targets.
By Pieter Arntz Malware Intelligence Researcher, Malwarebytes, 3/6/2017
Comment0 comments  |  Read  |  Post a Comment
DNSSEC: Why Do We Need It?
Pieter Arntz, Malware Intelligence Researcher, MalwarebytesCommentary
The number of signed domain names has grown considerably over the past two and a half years but some sectors are heavily lagging behind.
By Pieter Arntz Malware Intelligence Researcher, Malwarebytes, 3/1/2017
Comment1 Comment  |  Read  |  Post a Comment
Mac Malware Reaches New Highs
Thomas Reed, Director of Mac Offerings, MalwarebytesCommentary
Two new malware threats in a week this past month, plus others in January, brings the 2017 Mac malware count up to 6 and growing.
By Thomas Reed Director of Mac Offerings, Malwarebytes, 2/28/2017
Comment1 Comment  |  Read  |  Post a Comment
Meet 'Fruitfly:' Mac Malware Targeting Biomedical Research Centers
Malwarebytes Labs, Malwarebytes LabsCommentary
This newly discovered code contains indications that it has been circulating undetected for at least a couple years.
By Malwarebytes Labs Malwarebytes Labs, 1/24/2017
Comment0 comments  |  Read  |  Post a Comment
Threat Attribution: Misunderstood & Abused
Malwarebytes Labs, Malwarebytes LabsCommentary
Despite its many pitfalls, threat attribution remains an important part of any incident response plan. Heres why.
By Malwarebytes Labs Malwarebytes Labs, 1/18/2017
Comment0 comments  |  Read  |  Post a Comment
Understanding The Basics Of Two-Factor Authentication
Malwarebytes Labs, Malwarebytes LabsCommentary
With data breaches resulting in leaked passwords occurring almost daily, two-factor authentication has become an essential tool in the security toolkit.
By Malwarebytes Labs Malwarebytes Labs, 1/16/2017
Comment3 comments  |  Read  |  Post a Comment
Operational Security Best Practices For Social Media
Malwarebytes Labs, Malwarebytes LabsCommentary
Building a firm, clear policy on disclosures online can provide a flexible, adaptive response that will protect proprietary data from winding up in a public leak.
By Malwarebytes Labs Malwarebytes Labs, 1/11/2017
Comment0 comments  |  Read  |  Post a Comment
Online Or Offline, Ransomware Will Find You
Malwarebytes Labs, Malwarebytes LabsCommentary
The current threat landscape is a mish-mash of online ransomware, offline ransomware, and those that are a mixture of the two.
By Malwarebytes Labs Malwarebytes Labs, 1/9/2017
Comment0 comments  |  Read  |  Post a Comment
Page 1 / 2   >   >>
1268
The Security of Cloud Applications
Hillel Solow, CTO and Co-founder, Protego,  7/11/2019
Where Businesses Waste Endpoint Security Budgets
Kelly Sheridan, Staff Editor, Dark Reading,  7/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "SpearPhish! Everyone out of the office!"
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-10100
PUBLISHED: 2019-07-17
tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization of Input During Web Page Generation. The impact is: JavaScript code execution. The component is: Media element. The attack vector is: The victim must paste malicious content to media element's embed tab.
CVE-2019-12175
PUBLISHED: 2019-07-17
In Zeek Network Security Monitor (formerly known as Bro) before 2.6.2, a NULL pointer dereference in the Kerberos (aka KRB) protocol parser leads to DoS because a case-type index is mishandled.
CVE-2019-12475
PUBLISHED: 2019-07-17
In MicroStrategy Web before 10.4.6, there is stored XSS in metric due to insufficient input validation.
CVE-2019-13346
PUBLISHED: 2019-07-17
In MyT 1.5.1, the User[username] parameter has XSS.
CVE-2019-13403
PUBLISHED: 2019-07-17
Temenos CWX version 8.9 has an Broken Access Control vulnerability in the module /CWX/Employee/EmployeeEdit2.aspx, leading to the viewing of user information.