Perimeter

News & Commentary
7 Holiday Security Tips for Retailers
Steve Zurier, Freelance Writer
It's the most wonderful time of the year and hackers are ready to pounce. Here's how to prevent them from wreaking holiday havoc.
By Steve Zurier Freelance Writer, 11/19/2018
Comment0 comments  |  Read  |  Post a Comment
BlackBerry Doubles Down on Security in $1.4B Acquisition of Cylance
Kelly Sheridan, Staff Editor, Dark ReadingNews
BlackBerry aims to bring Cylance artificial intelligence and security tools into its software portfolio.
By Kelly Sheridan Staff Editor, Dark Reading, 11/16/2018
Comment0 comments  |  Read  |  Post a Comment
26M Texts Exposed in Poorly Secured Vovox Database
Dark Reading Staff, Quick Hits
The server, which lacked password protection, contained tens of millions of SMS messages, two-factor codes, shipping alerts, and other user data.
By Dark Reading Staff , 11/16/2018
Comment0 comments  |  Read  |  Post a Comment
AI Poised to Drive New Wave of Exploits
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Criminals are ready to use AI to dramatically speed the process of finding zero-day vulnerabilities in systems.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/16/2018
Comment0 comments  |  Read  |  Post a Comment
Cloud, China, Generic Malware Top Security Concerns for 2019
Kelly Sheridan, Staff Editor, Dark ReadingNews
FireEye researchers unveil an extensive list of security risks waiting in the new year's wings.
By Kelly Sheridan Staff Editor, Dark Reading, 11/15/2018
Comment0 comments  |  Read  |  Post a Comment
Black Hat: European Security Pros Wrestling With Potential Breaches, Privacy Issues
Tim Wilson, Editor in Chief, Dark Reading, News
Black Hat Europe attendee survey shows European cybersecurity leaders are uncertain of their ability to protect end user data and are fearful of a near-term breach of critical infrastructure.
By Tim Wilson, Editor in Chief, Dark Reading , 11/14/2018
Comment0 comments  |  Read  |  Post a Comment
Google Traffic Temporarily Rerouted via Russia, China
Kelly Sheridan, Staff Editor, Dark ReadingNews
The incident, which Google reports is now resolved, could be the result of either technical mistakes or malicious activity.
By Kelly Sheridan Staff Editor, Dark Reading, 11/13/2018
Comment0 comments  |  Read  |  Post a Comment
Netskope Announces Series F Funding Round
Dark Reading Staff, Quick Hits
The $168.7 million round will go toward R&D and global expansion, says cloud access security broker provider.
By Dark Reading Staff , 11/13/2018
Comment0 comments  |  Read  |  Post a Comment
Sophisticated Campaign Targets Pakistan's Air Force
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Espionage campaign uses a variety of new evasion techniques.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/13/2018
Comment0 comments  |  Read  |  Post a Comment
Finding Gold in the Threat Intelligence Rush
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers sift through millions of threat intel observations to determine where to best find valuable threat data.
By Kelly Sheridan Staff Editor, Dark Reading, 11/7/2018
Comment0 comments  |  Read  |  Post a Comment
Cisco Reports SIP Inspection Vulnerability
Dark Reading Staff, Quick Hits
Advisory addresses active exploitation of vuln in the wild, with no clear solution in sight.
By Dark Reading Staff , 11/2/2018
Comment1 Comment  |  Read  |  Post a Comment
New Bluetooth Vulnerabilities Exposed in Aruba, Cisco, Meraki Access Points
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
'BleedingBit' could give attackers control of the wireless network from a remote vantage point.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/1/2018
Comment0 comments  |  Read  |  Post a Comment
Microsoft, Amazon Top BEC's Favorite Brands
Kelly Sheridan, Staff Editor, Dark ReadingNews
When attackers want to impersonate a brand via email, the majority turn to Microsoft and Amazon because of their ubiquity in enterprise environments.
By Kelly Sheridan Staff Editor, Dark Reading, 11/1/2018
Comment0 comments  |  Read  |  Post a Comment
Radisson Rewards Program Targeted in Data Breach
Dark Reading Staff, Quick Hits
It's the latest in a series of attacks targeting the travel industry, following incidents at British Airways and Cathay Pacific.
By Dark Reading Staff , 11/1/2018
Comment0 comments  |  Read  |  Post a Comment
Kraken Resurfaces From the Deep Web
Kelly Sheridan, Staff Editor, Dark ReadingNews
Fallout Exploit Kit releases Kraken Cryptor ransomware, giving the simple threat a much larger target pool.
By Kelly Sheridan Staff Editor, Dark Reading, 10/30/2018
Comment0 comments  |  Read  |  Post a Comment
Windows Defender: First Full Antivirus Tool to Run in a Sandbox
Kelly Sheridan, Staff Editor, Dark ReadingNews
Sandboxed version now available to Windows Insiders and anyone else who force-enables it in Windows 10 version 1703 and above.
By Kelly Sheridan Staff Editor, Dark Reading, 10/29/2018
Comment0 comments  |  Read  |  Post a Comment
Retail Fraud Spikes Ahead of the Holidays
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers note massive increases in retail goods for sale on the black market, retail phishing sites, and malicious applications and social media profiles.
By Kelly Sheridan Staff Editor, Dark Reading, 10/25/2018
Comment1 Comment  |  Read  |  Post a Comment
Benefits of DNS Service Locality
Paul Vixie, Chairman & CEO, Farsight Security, Inc.Commentary
Operating one's own local DNS resolution servers is one of the simplest and lowest-cost things an IT administrator can do to monitor and protect applications, services, and users from potential risks.
By Paul Vixie Chairman & CEO, Farsight Security, Inc., 10/24/2018
Comment0 comments  |  Read  |  Post a Comment
Understanding SOCs' 4 Top Deficiencies
Heather Hixon,  Senior Solutions Architect, DFLabsCommentary
In most cases, the areas that rankle SANS survey respondents the most about security operations centers can be addressed with the right mix of planning, policies, and procedures.
By Heather Hixon Senior Solutions Architect, DFLabs, 10/22/2018
Comment0 comments  |  Read  |  Post a Comment
NC Water Utility Fights Post-Hurricane Ransomware
Kelly Sheridan, Staff Editor, Dark ReadingNews
North Carolina's Onslow Water and Sewer Authority was hit with an advanced attack in the wake of Hurricane Florence.
By Kelly Sheridan Staff Editor, Dark Reading, 10/16/2018
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by mejarkonsaj
Current Conversations Appreciated
In reply to: Having error 0xe8000015
Post Your Own Reply
Posted by luzpruitt
Current Conversations thanks for sharing
In reply to: thanks
Post Your Own Reply
More Conversations
PR Newswire
RIP, 'IT Security'
Kevin Kurzawa, Senior Information Security Auditor,  11/13/2018
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17906
PUBLISHED: 2018-11-19
Philips iSite and IntelliSpace PACS, iSite PACS, all versions, and IntelliSpace PACS, all versions. Default credentials and no authentication within third party software may allow an attacker to compromise a component of the system.
CVE-2018-9209
PUBLISHED: 2018-11-19
Unauthenticated arbitrary file upload vulnerability in FineUploader php-traditional-server <= v1.2.2
CVE-2018-9207
PUBLISHED: 2018-11-19
Arbitrary file upload in jQuery Upload File <= 4.0.2
CVE-2018-15759
PUBLISHED: 2018-11-19
Pivotal Cloud Foundry On Demand Services SDK, versions prior to 0.24 contain an insecure method of verifying credentials. A remote unauthenticated malicious user may make many requests to the service broker with different credentials, allowing them to infer valid credentials and gain access to perfo...
CVE-2018-15761
PUBLISHED: 2018-11-19
Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions prior to 4.23.0, contains a validation error which allows for privilege escalation. A remote authenticated user may modify the url and content of a consent page to gain a token with arbitrary scopes that escalates their privileges...