News & Commentary
GPS Spoof Hits Geneva Motor Show
Dark Reading Staff, Quick Hits
Incident leaves GPS units showing a location in England and a date 17 years in the future.
By Dark Reading Staff , 3/13/2019
Comment1 Comment  |  Read  |  Post a Comment
'SimBad': Android Adware Hits 210 Apps with 150M Downloads
Dark Reading Staff, Quick Hits
Google has removed infected applications from the Google Play store after a form of adware potentially affected millions of users.
By Dark Reading Staff , 3/13/2019
Comment1 Comment  |  Read  |  Post a Comment
The Case for Transparency in End-User License Agreements
Lysa Myers, Security Researcher, ESETCommentary
Why it behooves technology companies to consider EULAs as an opportunity to accurately inform customers about privacy issues and other important information.
By Lysa Myers Security Researcher, ESET, 3/13/2019
Comment0 comments  |  Read  |  Post a Comment
5 Essentials for Securing and Managing Windows 10
Josh Mayfield, Director of Security Strategy at AbsoluteCommentary
It's possible to intelligently deploy and utilize Windows 10's many security enhancements while avoiding common and costly migration pitfalls.
By Josh Mayfield Director of Security Strategy at Absolute, 3/12/2019
Comment0 comments  |  Read  |  Post a Comment
Companies Having Trouble Translating Security to Mobile Devices
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
As more enterprise work takes place on mobile devices, more companies are feeling insecure about the security of their mobile fleet, according to a new Verizon report.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 3/7/2019
Comment0 comments  |  Read  |  Post a Comment
CrowdStrike Debuts Mobile Threat Detection System at RSA Conference
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Falcon for Mobile offers detection and response capabilities for mobile platforms.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 3/4/2019
Comment0 comments  |  Read  |  Post a Comment
Whose Line Is It? When Voice Phishing Attacks Get Sneaky
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers investigate malicious apps designed to intercept calls to legitimate numbers, making voice phishing attacks harder to detect.
By Kelly Sheridan Staff Editor, Dark Reading, 2/27/2019
Comment3 comments  |  Read  |  Post a Comment
New Arm Certification Aims to Secure IoT Devices
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A three-tier certification regimen shows adherence to the Platform Security Architecture.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 2/25/2019
Comment1 Comment  |  Read  |  Post a Comment
Lessons From the War on Malicious Mobile Apps
Robert Lemos, Technology Journalist/Data ResearcherNews
Despite the openness of the Android platform, Google has managed to keep its Play store mainly free of malware and malicious apps. Outside of the marketplace is a different matter.
By Robert Lemos , 2/22/2019
Comment0 comments  |  Read  |  Post a Comment
6 Tips for Getting the Most from Your VPN
Curtis Franklin Jr., Senior Editor at Dark Reading
VPNs are critical for information security. But simply having these cozy security tunnels in the toolkit isn't enough to keep an organization's data safe.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 2/22/2019
Comment4 comments  |  Read  |  Post a Comment
70% of Consumers Want Biometrics in the Workplace
Steve Zurier, Freelance WriterNews
Speed, simplicity, and security underscore their desire, a new study shows.
By Steve Zurier Freelance Writer, 2/13/2019
Comment0 comments  |  Read  |  Post a Comment
New Encryption Mode Brings Sincerity and Discretion to Low-Cost Android Devices
Dark Reading Staff, Quick Hits
Adantium, developed by Google, brings communication encryption to bear on storage security.
By Dark Reading Staff , 2/11/2019
Comment0 comments  |  Read  |  Post a Comment
A Dog's Life: Dark Reading Caption Contest Winners
Marilyn Cohodas, Managing Editor, Dark ReadingCommentary
What do a telephony protocol, butt-sniffing, and multifactor authentication have in common? A John Klossner cartoon! And the winners are ...
By Marilyn Cohodas Managing Editor, Dark Reading, 2/8/2019
Comment0 comments  |  Read  |  Post a Comment
Apple Patches Group FaceTime Flaw
Dark Reading Staff, Quick Hits
Teenaged Fortnite player gets credit for finding the bug.
By Dark Reading Staff , 2/7/2019
Comment0 comments  |  Read  |  Post a Comment
Attacks on Automotive Systems Feared Likely
Dark Reading Staff, Quick Hits
Yet few engineers feel empowered to do anything about them, a survey shows.
By Dark Reading Staff , 2/6/2019
Comment1 Comment  |  Read  |  Post a Comment
The 5 Stages of CISO Success, Past & Future
Todd Fitzgerald, Managing Director/CISO at CISO Spotlight, LLCCommentary
In cybersecurity, as in history, security leaders who forget the lessons of the past will be doomed to repeat them.
By Todd Fitzgerald Managing Director/CISO at CISO Spotlight, LLC, 1/25/2019
Comment2 comments  |  Read  |  Post a Comment
How Cybercriminals Clean Their Dirty Money
 Alexon Bell, Global Head of AML & Compliance, QuantexaCommentary
By using a combination of new cryptocurrencies and peer-to-peer marketplaces, cybercriminals are laundering up to an estimated $200 billion in ill-gotten gains a year. And that's just the beginning.
By Alexon Bell Global Head of AML & Compliance, Quantexa, 1/22/2019
Comment9 comments  |  Read  |  Post a Comment
The Security Perimeter Is Dead; Long Live the New Endpoint Perimeter
Ofer Amitai, CEO, PortnoxCommentary
The network no longer provides an air gap against external threats, but access devices can take up the slack.
By Ofer Amitai CEO, Portnox, 1/17/2019
Comment5 comments  |  Read  |  Post a Comment
US Judge: Police Can't Force Biometric Authentication
Dark Reading Staff, Quick Hits
Law enforcement cannot order individuals to unlock devices using facial or fingerprint scans, a California judge says.
By Dark Reading Staff , 1/15/2019
Comment9 comments  |  Read  |  Post a Comment
SCOTUS Says Suit Over Fiat-Chrysler Hack Can Move Forward
Dark Reading Staff, Quick Hits
A class-action suit over a 2015 attack demonstration against a Jeep Cherokee can move forward, US Supreme Court rules.
By Dark Reading Staff , 1/11/2019
Comment3 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
It Takes an Average of 3 to 6 Months to Fill a Cybersecurity Job
Kelly Jackson Higgins, Executive Editor at Dark Reading,  3/12/2019
Cybercriminals Think Small to Earn Big
Dark Reading Staff 3/12/2019
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: LOL  Hope this one wins
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2019-03-18
An unquoted search path vulnerability was identified in Lenovo Dynamic Power Reduction Utility prior to version that could allow a malicious user with local access to execute code with administrative privileges.
PUBLISHED: 2019-03-18
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).
PUBLISHED: 2019-03-17
Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).
PUBLISHED: 2019-03-15
CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser.
PUBLISHED: 2019-03-15
An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user.