Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

News & Commentary
10 Notable Security Acquisitions of 2019 (So Far)
Kelly Sheridan, Staff Editor, Dark Reading
In a year when security companies have been snapped up left and right, these deals stand out from the chaos.
By Kelly Sheridan Staff Editor, Dark Reading, 6/15/2019
Comment0 comments  |  Read  |  Post a Comment
Triton Attackers Seen Scanning US Power Grid Networks
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
The development follows speculation and concern among security experts that the attack group would expand its scope to the power grid.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 6/14/2019
Comment0 comments  |  Read  |  Post a Comment
DNS Firewalls Could Prevent Billions in Losses to Cybercrime
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
New analysis shows widespread DNS protection could save organizations as much as $200 billion in losses every year.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/13/2019
Comment1 Comment  |  Read  |  Post a Comment
Congress Gives 'Hack Back' Legislation Another Try
Dark Reading Staff, Quick Hits
Officials reintroduce a bill that would let businesses monitor attacker behavior and target intruders on corporate networks.
By Dark Reading Staff , 6/13/2019
Comment0 comments  |  Read  |  Post a Comment
7 Truths About BEC Scams
Ericka Chickowski, Contributing Writer
Business email compromise attacks are growing in prevalence and creativity. Here's a look at how they work, the latest stats, and some recent horror stories.
By Ericka Chickowski Contributing Writer, 6/13/2019
Comment2 comments  |  Read  |  Post a Comment
The Rise of 'Purple Teaming'
Joseph R. Salazar, Technical Marketing EngineerCommentary
The next generation of penetration testing represents a more collaborative approach to old fashioned Red Team vs. Blue Team.
By Joseph R. Salazar Technical Marketing Engineer, 6/13/2019
Comment0 comments  |  Read  |  Post a Comment
DNS Observatory Offers Researchers New Insight into Global DNS Activity
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Among its early findings, 60% of the DNS transactions captured were handled by just 1,000 name servers.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/12/2019
Comment0 comments  |  Read  |  Post a Comment
CrowdStrike Prices IPO Above Range at $34
Kelly Sheridan, Staff Editor, Dark ReadingNews
The endpoint security firm raised $612 million ahead of today's public debut.
By Kelly Sheridan Staff Editor, Dark Reading, 6/12/2019
Comment0 comments  |  Read  |  Post a Comment
Microsoft Issues Fixes for 88 Vulnerabilities
Kelly Sheridan, Staff Editor, Dark ReadingNews
Four of the flaws are publicly known but none have been listed as under active attack.
By Kelly Sheridan Staff Editor, Dark Reading, 6/11/2019
Comment0 comments  |  Read  |  Post a Comment
What 3 Powerful GoT Women Teach Us about Cybersecurity
Orion Cassetto, Senior Product Maester, ExabeamCommentary
Imagine Game of Thrones' Daenerys Targaryen, Arya Stark, and Cersei Lannister on the front lines in the real-world battleground of enterprise security.
By Orion Cassetto Senior Product Maester, Exabeam, 6/11/2019
Comment0 comments  |  Read  |  Post a Comment
Getting Up to Speed on Magecart
Casey Quinn, Associate, Newmeyer & DillionCommentary
Greater awareness of how Magecart works will give your company a leg up on the growing threat from this online credit card skimmer. Here are four places to start.
By Casey Quinn Associate, Newmeyer & Dillion, 6/11/2019
Comment0 comments  |  Read  |  Post a Comment
Cognitive Bias Can Hamper Security Decisions
Kelly Sheridan, Staff Editor, Dark ReadingNews
A new report sheds light on how human cognitive biases affect cybersecurity decisions and business outcomes.
By Kelly Sheridan Staff Editor, Dark Reading, 6/10/2019
Comment1 Comment  |  Read  |  Post a Comment
GoldBrute Botnet Brute-Forcing 1.5M RDP Servers
Dark Reading Staff, Quick Hits
Botnets are scanning the Internet for servers exposing RDP and using weak, reused passwords to obtain access.
By Dark Reading Staff , 6/10/2019
Comment0 comments  |  Read  |  Post a Comment
Unmixed Messages: Bringing Security & Privacy Awareness Together
Tom Pendergast & Jeff Morgenroth, Chief Learning Officer at MediaPRO/Instructional Designer at MediaPROCommentary
Security and privacy share the same basic goals, so it just makes sense to combine efforts in those two areas. But that can be easier said than done.
By Tom Pendergast & Jeff Morgenroth Chief Learning Officer at MediaPRO/Instructional Designer at MediaPRO, 6/10/2019
Comment0 comments  |  Read  |  Post a Comment
The Minefield of Corporate Email
Kelly Sheridan, Staff Editor, Dark ReadingNews
Email security challenges CISOs as cybercriminals target corporate inboxes with malware, phishing attempts, and various forms of fraud.
By Kelly Sheridan Staff Editor, Dark Reading, 6/7/2019
Comment3 comments  |  Read  |  Post a Comment
Cisco Buys Sentryo
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Cisco is adding the French company's network visibility products to its IoT network lineup.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/6/2019
Comment0 comments  |  Read  |  Post a Comment
ADT Teams Up with SonicWall for SMB Security Services
Steve Zurier, Contributing WriterNews
More than half of all SMBs plan to rely on third party providers for their security tools and services, according to IDC.
By Steve Zurier Contributing Writer, 6/6/2019
Comment0 comments  |  Read  |  Post a Comment
SentinelOne Raises $120M in Series D Funding
Dark Reading Staff, Quick Hits
The endpoint security company already has specific plans for the new funds.
By Dark Reading Staff , 6/5/2019
Comment0 comments  |  Read  |  Post a Comment
NSA Issues Advisory for 'BlueKeep' Vulnerability
Dark Reading Staff, Quick Hits
The National Security Agency joins Microsoft in urging Windows admins to patch 'wormable' bug CVE-2019-0708.
By Dark Reading Staff , 6/5/2019
Comment0 comments  |  Read  |  Post a Comment
CISOs & CIOs: Better Together
Leo Taddeo, CISO, Cyxtera, and former FBI SAC of cyber and special operations for the NY region Commentary
An overview of three common organizational structures illustrates how NOT to pit chief security and IT execs against each other.
By Leo Taddeo CISO, Cyxtera, and former FBI SAC of cyber and special operations for the NY region , 6/5/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
7 Truths About BEC Scams
Ericka Chickowski, Contributing Writer,  6/13/2019
DNS Firewalls Could Prevent Billions in Losses to Cybercrime
Curtis Franklin Jr., Senior Editor at Dark Reading,  6/13/2019
Cognitive Bias Can Hamper Security Decisions
Kelly Sheridan, Staff Editor, Dark Reading,  6/10/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7472
PUBLISHED: 2019-06-15
The "Count per Day" plugin before 3.2.6 for WordPress allows XSS via the wp-admin/?page=cpd_metaboxes daytoshow parameter.
CVE-2019-12839
PUBLISHED: 2019-06-15
In OrangeHRM 4.3.1 and before, there is an input validation error within admin/listMailConfiguration (txtSendmailPath parameter) that allows authenticated attackers to achieve arbitrary command execution.
CVE-2019-12840
PUBLISHED: 2019-06-15
In Webmin through 1.910, any user authorized to the "Package Updates" module can execute arbitrary commands with root privileges via the data parameter to update.cgi.
CVE-2019-12835
PUBLISHED: 2019-06-15
formats/xml.cpp in Leanify 0.4.3 allows for a controlled out-of-bounds write in xml_memory_writer::write via characters that require escaping.
CVE-2019-12830
PUBLISHED: 2019-06-15
In MyBB before 1.8.21, an attacker can exploit a parsing flaw in the Private Message / Post renderer that leads to [video] BBCode persistent XSS to take over any forum account, aka a nested video MyCode issue.