Perimeter

News & Commentary
Turn the NIST Cybersecurity Framework into Reality: 4 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin SystemsCommentary
Actionable advice for tailoring the National Institute of Standards and Technology's security road map to your company's business needs.
By Mukul Kumar & Anupam Sahai CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems, 9/20/2018
Comment3 comments  |  Read  |  Post a Comment
The Top 5 Security Threats & Mitigations for Industrial Networks
Barak Perelman, CEO, IndegyCommentary
While vastly different than their IT counterparts, operational technology environments share common risks and best practices.
By Barak Perelman CEO, Indegy, 9/18/2018
Comment0 comments  |  Read  |  Post a Comment
Modular Malware Brings Stealthy Attacks to Former Soviet States
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A new malware technique is making phishing attacks harder to spot when they succeed.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 9/12/2018
Comment0 comments  |  Read  |  Post a Comment
8 Attack Vectors Puncturing Cloud Environments
Kelly Sheridan, Staff Editor, Dark Reading
These methods may not yet be on your security team's radar, but given their impact, they should be.
By Kelly Sheridan Staff Editor, Dark Reading, 9/7/2018
Comment0 comments  |  Read  |  Post a Comment
Take (Industrial) Control: A Look at the 2018 ICS Threat Landscape
Kelly Sheridan, Staff Editor, Dark ReadingNews
New research sheds light on the biggest threats to strike ICS systems in the first half of 2018, and what's in store for the rest of this year.
By Kelly Sheridan Staff Editor, Dark Reading, 9/6/2018
Comment1 Comment  |  Read  |  Post a Comment
7 Ways Blockchain is Being Used for Security
Curtis Franklin Jr., Senior Editor at Dark Reading
Blockchain is being used as a security tool. If you haven't thought about adopting it, you might want to reconsider your take.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 9/5/2018
Comment0 comments  |  Read  |  Post a Comment
NIST Releases Draft on BGP Security
Dark Reading Staff, Quick Hits
Paper describes a technique to protect the Internet from Border Gateway Protocol route hijacking attacks.
By Dark Reading Staff , 9/5/2018
Comment0 comments  |  Read  |  Post a Comment
Authentication Grows Up
Kelly Sheridan, Staff Editor, Dark ReadingNews
Which forms of multi-factor authentication (MFA) are working, which are not, and where industry watchers think the market is headed.
By Kelly Sheridan Staff Editor, Dark Reading, 9/4/2018
Comment0 comments  |  Read  |  Post a Comment
Machine Identities Need Protection, Too
Dark Reading Staff, Quick Hits
A new study shows that device identities need a level of protection that they're not getting from most organizations.
By Dark Reading Staff , 8/31/2018
Comment0 comments  |  Read  |  Post a Comment
Who's At Greatest Risk for BEC Attacks? Not the CEO
Kelly Sheridan, Staff Editor, Dark ReadingNews
CEOs only make up 2.2% of business email compromise targets, a sign most victims are further down the corporate ladder.
By Kelly Sheridan Staff Editor, Dark Reading, 8/30/2018
Comment0 comments  |  Read  |  Post a Comment
'Security Fatigue' Could Put Business at Risk
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
The relentless march of security breaches may cause some individuals to drop their guard, but there's more to the story than that.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/29/2018
Comment0 comments  |  Read  |  Post a Comment
IT Professionals Think They're Better Than Their Security
Dark Reading Staff, Quick Hits
More than half of professionals think they have a good shot at a successful insider attack.
By Dark Reading Staff , 8/29/2018
Comment2 comments  |  Read  |  Post a Comment
How Can We Improve the Conversation Among Blue Teams?
Tim Wilson, Editor in Chief, Dark Reading, Commentary
Dark Reading seeks new ways to bring defenders together to share information and best practices
By Tim Wilson, Editor in Chief, Dark Reading , 8/27/2018
Comment5 comments  |  Read  |  Post a Comment
New Mirai Variants Leverage Open Source Project
Dark Reading Staff, Quick Hits
Aboriginal Linux gives Mirai new cross-platform capabilities - including Android.
By Dark Reading Staff , 8/23/2018
Comment0 comments  |  Read  |  Post a Comment
How Threats Increase in Internet Time
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Cybercrime incidents and costs increase with each passing minute on the Internet.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/21/2018
Comment0 comments  |  Read  |  Post a Comment
7 Serious IoT Vulnerabilities
Curtis Franklin Jr., Senior Editor at Dark Reading
A growing number of employees have various IoT devices in their homes where they're also connecting to an enterprise network to do their work. And that means significant threats loom.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/21/2018
Comment1 Comment  |  Read  |  Post a Comment
Researcher Finds MQTT Hole in IoT Defenses
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A commonly used protocol provides a gaping backdoor when misconfigured.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/16/2018
Comment3 comments  |  Read  |  Post a Comment
Gartner Says IT Security Spending to Hit $124B in 2019
Dark Reading Staff, Quick Hits
Global IT security spending will grow 12.4% in 2018 and another 8.7% in 2019.
By Dark Reading Staff , 8/15/2018
Comment2 comments  |  Read  |  Post a Comment
Understanding Firewalls: Build Them Up, Tear Them Down
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A presentation at Black Hat USA will walk attendees through developing a firewall for MacOS, and then poking holes in it.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/8/2018
Comment0 comments  |  Read  |  Post a Comment
Google Details Tech Built into Shielded VMs
Kelly Sheridan, Staff Editor, Dark ReadingNews
Specialized virtual machines, recently released in beta mode, ensure cloud workloads haven't been compromised.
By Kelly Sheridan Staff Editor, Dark Reading, 8/6/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
New Cold Boot Attack Gives Hackers the Keys to PCs, Macs
Kelly Sheridan, Staff Editor, Dark Reading,  9/13/2018
Turn the NIST Cybersecurity Framework into Reality: 4 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-1674
PUBLISHED: 2018-09-20
IBM Business Process Manager 8.5 through 8.6 and 18.0.0.0 through 18.0.0.1 are vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 145109.
CVE-2018-1800
PUBLISHED: 2018-09-20
IBM Sterling B2B Integrator Standard Edition 5.2.6.0 and 6.2.6.1 could allow a local user to obtain highly sensitive information during a short time period when installation is occuring. IBM X-Force ID: 149607.
CVE-2018-3864
PUBLISHED: 2018-09-20
An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long &quot...
CVE-2018-3865
PUBLISHED: 2018-09-20
An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long &quot...
CVE-2018-17254
PUBLISHED: 2018-09-20
The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter.