Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

News & Commentary
With iOS's Privacy Nutrition Label, Apple Upstages Regulators
Heather Federman, VP of Privacy & Policy at BigIDCommentary
New iOS privacy features require developers to disclose what data they're collecting, how they're using it, and with whom they share it.
By Heather Federman VP of Privacy & Policy at BigID, 8/13/2020
Comment0 comments  |  Read  |  Post a Comment
Using 'Data for Good' to Control the Pandemic
Neil Sweeney, Founder & CEO, KilliCommentary
The tech community should unite to develop and distribute a universal COVID-19 contact-tracing application. Here's why and how.
By Neil Sweeney Founder & CEO, Killi, 8/12/2020
Comment0 comments  |  Read  |  Post a Comment
Threats vs. Thrift: Running Effective AppSec During a Global Crisis
Patrick Carey, Vice President Product Management, ExopriseCommentary
By looking at security testing capacity, staff expertise, and risks throughout the software supply chain, application security teams can improve their overall effectiveness.
By Patrick Carey Vice President Product Management, Exoprise, 8/12/2020
Comment0 comments  |  Read  |  Post a Comment
Zoom Vulnerabilities Demonstrated in DEF CON Talk
Dark Reading Staff, Quick Hits
A security researcher demonstrated multiple vulnerabilities, two of which could let an attacker read and steal user data.
By Dark Reading Staff , 8/11/2020
Comment0 comments  |  Read  |  Post a Comment
Is Edtech the Greatest APT?
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Educational technology is critical but can come at huge costs to student and teacher privacy and security. Are those costs too high?
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/11/2020
Comment0 comments  |  Read  |  Post a Comment
17 Essential Stats About the State of Consumer Privacy
Ericka Chickowski, Contributing Writer
These illuminating numbers offer a glimpse into current consumer attitudes and enterprise readiness for protecting their customers' personal data.
By Ericka Chickowski Contributing Writer, 8/11/2020
Comment0 comments  |  Read  |  Post a Comment
Hacking It as a CISO: Advice for Security Leadership
Kelly Sheridan, Staff Editor, Dark ReadingNews
A security leader shares tips for adopting a CISO mindset, creating risk management strategies, and "selling infosec" to IT and executives.
By Kelly Sheridan Staff Editor, Dark Reading, 8/10/2020
Comment1 Comment  |  Read  |  Post a Comment
Q2 DDoS Attacks Triple Year Over Year: Report
Dark Reading Staff, Quick Hits
Distributed denial-of-service attacks have stayed consistently high throughout 2020, a shift from normal attack trends that researchers attribute to COVID-19.
By Dark Reading Staff , 8/10/2020
Comment0 comments  |  Read  |  Post a Comment
COVID-19: Latest Security News & Commentary
Dark Reading Staff, News
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
By Dark Reading Staff , 8/10/2020
Comment19 comments  |  Read  |  Post a Comment
400+ Qualcomm Chip Vulnerabilities Threaten Millions of Android Phones
Kelly Sheridan, Staff Editor, Dark ReadingNews
Security researchers found hundreds of pieces of vulnerable code in the Qualcomm Snapdragon chips powering Android phones.
By Kelly Sheridan Staff Editor, Dark Reading, 8/7/2020
Comment0 comments  |  Read  |  Post a Comment
A Mix of Optimism and Pessimism for Security of the 2020 Election
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
DHS CISA's Christopher Krebs and Georgetown University's Matt Blaze at Black Hat USA give the lowdown on where things stand and what still needs to happen to protect the integrity of November's election.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/6/2020
Comment0 comments  |  Read  |  Post a Comment
Dark Reading Video News Desk Returns to Black Hat
Sara Peters, Senior Editor at Dark ReadingNews
UPDATED: Coming to you prerecorded from in front of carefully arranged bookcases around the world ...!
By Sara Peters Senior Editor at Dark Reading, 8/6/2020
Comment0 comments  |  Read  |  Post a Comment
Where Dark Reading Goes Next
Dark Reading Staff, News
Dark Reading Editor-in-Chief gives a complete rundown of all the Dark Reading projects you might not even know about, his insight into the future of the security industry, and how we plan to cover it.
By Dark Reading Staff , 8/6/2020
Comment0 comments  |  Read  |  Post a Comment
Information Operations Spotlighted at Black Hat as Election Worries Rise
Robert Lemos, Contributing WriterNews
From Russia's "best-in-class" efforts at widening social divides in Western democracies to China's blunt attacks on dissidents, information operations are becoming a greater threat, says a Stanford researcher.
By Robert Lemos Contributing Writer, 8/6/2020
Comment0 comments  |  Read  |  Post a Comment
Platform Security: Intel Pushes to Reduce Supply Chain Attacks
Terry Sweeney, Contributing EditorNews
SPONSORED CONTENT: Attacks on supply chains involve lots of players and companies, not to mention an exponential amount of data for the stealing, notes Intel's Tom Garrison. Notoriously difficult to detect and mitigate, Garrison discusses new approaches to securing an individual company's computing platforms, including Compute Lifecycle Assurance.
By Terry Sweeney Contributing Editor, 8/6/2020
Comment0 comments  |  Read  |  Post a Comment
2019 Breach Leads to $80 Million Fine for Capital One
Dark Reading Staff, Quick Hits
The fine is part of a series of steps required by the Office of the Comptroller of the Currency.
By Dark Reading Staff , 8/6/2020
Comment0 comments  |  Read  |  Post a Comment
Four Rules and Three Tools to Protect Against Fake SaaS Apps
Dmitry Dontov, Chief Technology Officer, Spin TechnologyCommentary
Here's how to blunt the twinned forces of shadow IT and counterfeit apps and keep your data safe.
By Dmitry Dontov Chief Technology Officer, Spin Technology, 8/6/2020
Comment0 comments  |  Read  |  Post a Comment
3 Tips For Better Security Across the Software Supply Chain
Matthew Lewinski, Distinguished Engineer at Quest SoftwareCommentary
It may sound look intimidating, but with a few tweaks to tools and processes already in use, it's not hard to get a head start on improving security posture of the software supply chain.
By Matthew Lewinski Distinguished Engineer at Quest Software, 8/6/2020
Comment0 comments  |  Read  |  Post a Comment
What a Security Engineer & Software Engineer Learned by Swapping Roles
Kelly Sheridan, Staff Editor, Dark ReadingNews
A security engineer and infrastructure engineer with Salesforce share lessons learned from their professional role reversal, and advice for people on both teams.
By Kelly Sheridan Staff Editor, Dark Reading, 8/5/2020
Comment0 comments  |  Read  |  Post a Comment
Tales from the Trenches Show Security Issues Endemic to Healthcare
Robert Lemos, Contributing WriterNews
The CISO for Indiana University Health says simple policies, good communication, and strong authentication go much further than vendor tools in solving security problems.
By Robert Lemos Contributing Writer, 8/5/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by dfwroofingpro
Current Conversations I agreed
In reply to: Blake Luby
Post Your Own Reply
Posted by nuritakartika
Current Conversations yes agree for you
In reply to: Re: Effective Grouping
Post Your Own Reply
Posted by quanganh189
Current Conversations i think you're wrong
In reply to: Re: Thank you
Post Your Own Reply
More Conversations
PR Newswire
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/10/2020
Researcher Finds New Office Macro Attacks for MacOS
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/7/2020
Exploiting Google Cloud Platform With Ease
Dark Reading Staff 8/6/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: They said you could use Zoom anywhere.......
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13285
PUBLISHED: 2020-08-13
For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting vulnerability exists in the issue reference number tooltip.
CVE-2020-16087
PUBLISHED: 2020-08-13
An issue was discovered in Zalo.exe in VNG Zalo Desktop 19.8.1.0. An attacker can run arbitrary commands on a remote Windows machine running the Zalo client by sending the user of the device a crafted file.
CVE-2020-17463
PUBLISHED: 2020-08-13
FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items.
CVE-2019-16374
PUBLISHED: 2020-08-13
Pega Platform 8.2.1 allows LDAP injection because a username can contain a * character and can be of unlimited length. An attacker can specify four characters of a username, followed by the * character, to bypass access control.
CVE-2020-13280
PUBLISHED: 2020-08-13
For GitLab before 13.0.12, 13.1.6, 13.2.3 a memory exhaustion flaw exists due to excessive logging of an invite email error message.