Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

News & Commentary
Security Now Merges With Dark Reading
Tim Wilson, Editor in Chief, Dark Reading, News
Readers of Security Now will join the Dark Reading community, gaining access to a wide range of cybersecurity content.
By Tim Wilson, Editor in Chief, Dark Reading , 2/21/2020
Comment0 comments  |  Read  |  Post a Comment
Microsoft Announces General Availability of Threat Protection, Insider Risk Management
Kelly Sheridan, Staff Editor, Dark ReadingNews
Microsoft made several security announcements ahead of RSA Conference, including its decision to bring Microsoft Defender to iOS and Android.
By Kelly Sheridan Staff Editor, Dark Reading, 2/20/2020
Comment0 comments  |  Read  |  Post a Comment
44% of Security Threats Start in the Cloud
Kelly Sheridan, Staff Editor, Dark ReadingQuick Hits
Amazon Web Services is a top source of cyberattacks, responsible for 94% of all Web attacks originating in the public cloud.
By Kelly Sheridan Staff Editor, Dark Reading, 2/19/2020
Comment1 Comment  |  Read  |  Post a Comment
Cyber Fitness Takes More Than a Gym Membership & a Crash Diet
Ryan Weeks, Chief Information Security Officer at DattoCommentary
Make cybersecurity your top priority, moving away from addressing individual problems with Band-Aids and toward attaining a long-term cyber-fitness plan.
By Ryan Weeks Chief Information Security Officer at Datto, 2/18/2020
Comment0 comments  |  Read  |  Post a Comment
Palm Beach Elections Office Hit with Ransomware Pre-2016 Election
Dark Reading Staff, Quick Hits
Palm Beach County's elections supervisor does not believe the attack is linked to Russian hacking attempts targeting Florida.
By Dark Reading Staff , 2/14/2020
Comment0 comments  |  Read  |  Post a Comment
DDoS Attacks Nearly Double Between Q4 2018 and Q4 2019
Kelly Sheridan, Staff Editor, Dark ReadingNews
Peer-to-peer botnets, TCP reflection attacks, and increased activity on Sundays are three DDoS attack trends from last quarter.
By Kelly Sheridan Staff Editor, Dark Reading, 2/13/2020
Comment0 comments  |  Read  |  Post a Comment
Huawei Charged with RICO Violations in Federal Court
Dark Reading Staff, Quick Hits
A new set of indictments adds conspiracy to violate RICO statutes to a list of existing charges against the Chinese telecommunications giant.
By Dark Reading Staff , 2/13/2020
Comment0 comments  |  Read  |  Post a Comment
Apps Remain Favorite Mobile Attack Vector
Dark Reading Staff, Quick Hits
Mobile apps are used in nearly 80% of attacks targeting mobile devices, followed by network and operating system attacks.
By Dark Reading Staff , 2/13/2020
Comment0 comments  |  Read  |  Post a Comment
FBI: Business Email Compromise Cost Businesses $1.7B in 2019
Kelly Sheridan, Staff Editor, Dark ReadingNews
BEC attacks comprised nearly half of cybercrime losses last year, which totaled $3.5 billion overall as Internet-enabled crimes ramped up.
By Kelly Sheridan Staff Editor, Dark Reading, 2/12/2020
Comment1 Comment  |  Read  |  Post a Comment
Stop Defending Everything
Kevin Kurzawa, Senior Information Security AuditorCommentary
Instead, try prioritizing with the aid of a thorough asset inventory.
By Kevin Kurzawa Senior Information Security Auditor, 2/12/2020
Comment3 comments  |  Read  |  Post a Comment
Microsoft Patches Exploited Internet Explorer Flaw
Kelly Sheridan, Staff Editor, Dark ReadingNews
This month's Patch Tuesday brings fixes for 99 CVEs, including one IE flaw seen exploited in the wild.
By Kelly Sheridan Staff Editor, Dark Reading, 2/11/2020
Comment0 comments  |  Read  |  Post a Comment
Cybercriminals Swap Phishing for Credential Abuse, Vuln Exploits
Kelly Sheridan, Staff Editor, Dark ReadingNews
Infection vectors were evenly divided among phishing, vulnerability exploitation, and unauthorized credential use in 2019.
By Kelly Sheridan Staff Editor, Dark Reading, 2/11/2020
Comment0 comments  |  Read  |  Post a Comment
RobbinHood Kills Security Processes Before Dropping Ransomware
Kelly Sheridan, Staff Editor, Dark ReadingNews
Attackers deploy a legitimate, digitally signed hardware driver to delete security software from machines before encrypting files.
By Kelly Sheridan Staff Editor, Dark Reading, 2/7/2020
Comment0 comments  |  Read  |  Post a Comment
Forescout Acquired by Private Equity Team
Dark Reading Staff, Quick Hits
The deal, valued at $1.9 billion, is expected to close next quarter.
By Dark Reading Staff , 2/6/2020
Comment0 comments  |  Read  |  Post a Comment
RSAC Sets Finalists for Innovation Sandbox
Curtis Franklin Jr., Senior Editor at Dark Reading
The 10 finalists will each have three minutes to make their case for being the most innovative, promising young security company of the year.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 2/6/2020
Comment0 comments  |  Read  |  Post a Comment
IoT Malware Campaign Infects Global Manufacturing Sites
Kelly Sheridan, Staff Editor, Dark ReadingNews
The infection uses Lemon_Duck PowerShell malware variant to exploit vulnerabilities in embedded devices at manufacturing sites.
By Kelly Sheridan Staff Editor, Dark Reading, 2/5/2020
Comment0 comments  |  Read  |  Post a Comment
Companies Pursue Zero Trust, but Implementers Are Hesitant
Robert Lemos, Contributing WriterNews
Almost three-quarters of enterprises plan to have a zero-trust access model by the end of the year, but nearly half of cybersecurity professionals lack the knowledge to implement the right technologies, experts say.
By Robert Lemos Contributing Writer, 2/4/2020
Comment0 comments  |  Read  |  Post a Comment
SharePoint Bug Proves Popular Weapon for Nation-State Attacks
Kelly Sheridan, Staff Editor, Dark ReadingNews
Thousands of servers could be exposed to SharePoint vulnerability CVE-2019-0604, recently used in cyberattacks against Middle East government targets.
By Kelly Sheridan Staff Editor, Dark Reading, 2/4/2020
Comment0 comments  |  Read  |  Post a Comment
Ransomware Attacks: Why It Should Be Illegal to Pay the Ransom
Fleming Shi, Chief Technical Officer at Barracuda NetworksCommentary
For cities, states and towns, paying up is short-sighted and only makes the problem worse.
By Fleming Shi Chief Technical Officer at Barracuda Networks, 2/4/2020
Comment3 comments  |  Read  |  Post a Comment
Coronavirus Phishing Attack Infects US, UK Inboxes
Dark Reading Staff, Quick Hits
Cybercriminals capitalize on fears of a global health emergency with phishing emails claiming to offer advice for protecting against coronavirus.
By Dark Reading Staff , 2/3/2020
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Zero-Factor Authentication: Owning Our Data
Nick Selby, Chief Security Officer at Paxos Trust Company,  2/19/2020
44% of Security Threats Start in the Cloud
Kelly Sheridan, Staff Editor, Dark Reading,  2/19/2020
Firms Improve Threat Detection but Face Increasingly Disruptive Attacks
Robert Lemos, Contributing Writer,  2/20/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
How Enterprises Are Developing and Maintaining Secure Applications
How Enterprises Are Developing and Maintaining Secure Applications
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8813
PUBLISHED: 2020-02-22
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.
CVE-2020-9039
PUBLISHED: 2020-02-22
Couchbase Server 4.x and 5.x before 6.0.0 has Insecure Permissions for the projector and indexer REST endpoints (they allow unauthenticated access).
CVE-2020-8860
PUBLISHED: 2020-02-22
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S10 Firmware G973FXXS3ASJA, O(8.x), P(9.0), Q(10.0) devices with Exynos chipsets. User interaction is required to exploit this vulnerability in that the target must answer a phone call. T...
CVE-2020-8861
PUBLISHED: 2020-02-22
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1330 1.10B01 BETA Wi-Fi range extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue ...
CVE-2020-8862
PUBLISHED: 2020-02-22
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-2610 Firmware v2.01RC067 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of passwords. The issue results from the ...