Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

News & Commentary
With GDPR's 'Right of Access,' Who Really Has Access?
Kelly Sheridan, Staff Editor, Dark ReadingNews
How a security researcher learned organizations willingly hand over sensitive data with little to no identity verification.
By Kelly Sheridan Staff Editor, Dark Reading, 6/19/2019
Comment0 comments  |  Read  |  Post a Comment
Serverless Computing from the Inside Out
Joe Vadakkan, Global Cloud Security Leader, Optiv SecurityCommentary
The biggest 'serverless' risks don't stem from the technology itself. They occur when organizations respond to the adoption from the outside in.
By Joe Vadakkan Global Cloud Security Leader, Optiv Security, 6/19/2019
Comment0 comments  |  Read  |  Post a Comment
Cost per Cyberattack Jumps to $4.6M in 2019
Dark Reading Staff, Quick Hits
From 2018 to 2019, the percentage of cyberattacks costing $10 million or more nearly doubled, hitting 13%.
By Dark Reading Staff , 6/19/2019
Comment1 Comment  |  Read  |  Post a Comment
How Hackers Emptied Church Coffers with a Simple Phishing Scam
Sam Bocetta, Security AnalystCommentary
Cyber thieves aren't bound by a code of ethics. They look for weak targets and high rewards, which is exactly what Saint Ambrose Catholic offered.
By Sam Bocetta Security Analyst, 6/19/2019
Comment0 comments  |  Read  |  Post a Comment
As Cloud Adoption Grows, DLP Remains Key Challenge
Kelly Sheridan, Staff Editor, Dark ReadingNews
As businesses use the cloud to fuel growth, many fail to enforce data loss prevention or control how people share data.
By Kelly Sheridan Staff Editor, Dark Reading, 6/18/2019
Comment0 comments  |  Read  |  Post a Comment
Advertising Alliance Plans Protocols to Reduce Dangerous Content
Dark Reading Staff, Quick Hits
The Global Alliance for Responsible Media will seek ways to clamp down on dangerous and fake content.
By Dark Reading Staff , 6/18/2019
Comment0 comments  |  Read  |  Post a Comment
The Evolution of Identity
Kathleen Peters, SVP & Head of Fraud & Identity, ExperianCommentary
How data and technology can help businesses make the right fraud decisions, protect people's identities, and create an improved customer experience.
By Kathleen Peters SVP & Head of Fraud & Identity, Experian, 6/18/2019
Comment0 comments  |  Read  |  Post a Comment
Can Your Patching Strategy Keep Up with the Demands of Open Source?
 Tim Mackey, Principal Security Strategist, CyRC, at SynopsysCommentary
It's time to reassess your open source management policies and processes.
By Tim Mackey Principal Security Strategist, CyRC, at Synopsys, 6/18/2019
Comment4 comments  |  Read  |  Post a Comment
How Fraudulent Domains 'Hide in Plain Sight'
Kelly Sheridan, Staff Editor, Dark ReadingNews
Cybercriminals use new types of top-level domains, topical keywords, and targeted emails to trick victims into clicking malicious links.
By Kelly Sheridan Staff Editor, Dark Reading, 6/18/2019
Comment1 Comment  |  Read  |  Post a Comment
Power Outage Hits Millions in South America
Dark Reading Staff, Quick Hits
The outage, which is not (so far) seen as the result of a cyberattack, still had a significant impact on network and server availability.
By Dark Reading Staff , 6/17/2019
Comment0 comments  |  Read  |  Post a Comment
New Decryptor Unlocks Latest Versions of Gandcrab
Dark Reading Staff, Quick Hits
The decryptor neutralizes GandCrab versions 5.0 through 5.2 and lets victims unlock their files for free.
By Dark Reading Staff , 6/17/2019
Comment0 comments  |  Read  |  Post a Comment
Utilities, Nations Need Better Plan Against Critical Infrastructure Attackers
Robert Lemos, Contributing WriterNews
The attackers behind the Triton, or Xenotime, intrusions into critical infrastructure (CI) safety systems are testing their skills against electric power companies. Options for defense are still limited, however.
By Robert Lemos Contributing Writer, 6/17/2019
Comment1 Comment  |  Read  |  Post a Comment
The Life-Changing Magic of Tidying Up the Cloud
Kaus Phaltankar, CEO and Co-Founder at CaveonixCommentary
Most companies' cloud security operations would benefit significantly from clean-up, alignment, and organization.
By Kaus Phaltankar CEO and Co-Founder at Caveonix, 6/17/2019
Comment0 comments  |  Read  |  Post a Comment
10 Notable Security Acquisitions of 2019 (So Far)
Kelly Sheridan, Staff Editor, Dark Reading
In a year when security companies have been snapped up left and right, these deals stand out from the chaos.
By Kelly Sheridan Staff Editor, Dark Reading, 6/15/2019
Comment1 Comment  |  Read  |  Post a Comment
Sensory Overload: Filtering Out Cybersecurity's Noise
Joshua Goldfarb, Independent ConsultantCommentary
No organization can prioritize and mitigate hundreds of risks effectively. The secret lies in carefully filtering out the risks, policies, and processes that waste precious time and resources.
By Joshua Goldfarb Independent Consultant, 6/14/2019
Comment0 comments  |  Read  |  Post a Comment
The CISO's Drive to Consolidation
Nik Whitfield, Computer Scientist & Security Technology EntrepreneurCommentary
Cutting back on the number of security tools you're using can save money and leave you safer. Here's how to get started.
By Nik Whitfield Computer Scientist & Security Technology Entrepreneur, 6/13/2019
Comment0 comments  |  Read  |  Post a Comment
7 Truths About BEC Scams
Ericka Chickowski, Contributing Writer
Business email compromise attacks are growing in prevalence and creativity. Here's a look at how they work, the latest stats, and some recent horror stories.
By Ericka Chickowski Contributing Writer, 6/13/2019
Comment4 comments  |  Read  |  Post a Comment
The Rise of 'Purple Teaming'
Joseph R. Salazar, Technical Marketing EngineerCommentary
The next generation of penetration testing represents a more collaborative approach to old fashioned Red Team vs. Blue Team.
By Joseph R. Salazar Technical Marketing Engineer, 6/13/2019
Comment0 comments  |  Read  |  Post a Comment
DNS Observatory Offers Researchers New Insight into Global DNS Activity
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Among its early findings, 60% of the DNS transactions captured were handled by just 1,000 name servers.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/12/2019
Comment0 comments  |  Read  |  Post a Comment
New Funding Values KnowBe4 at $1 Billion
Dark Reading Staff, Quick Hits
The $300 million investment is being led by KKR.
By Dark Reading Staff , 6/12/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
7 Truths About BEC Scams
Ericka Chickowski, Contributing Writer,  6/13/2019
DNS Firewalls Could Prevent Billions in Losses to Cybercrime
Curtis Franklin Jr., Senior Editor at Dark Reading,  6/13/2019
Can Your Patching Strategy Keep Up with the Demands of Open Source?
Tim Mackey, Principal Security Strategist, CyRC, at Synopsys,  6/18/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-16593
PUBLISHED: 2019-06-19
The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Shell Metacharacter Injection.
CVE-2018-16594
PUBLISHED: 2019-06-19
The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Directory Traversal.
CVE-2018-16595
PUBLISHED: 2019-06-19
The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices has a Buffer Overflow.
CVE-2019-12890
PUBLISHED: 2019-06-19
RedwoodHQ 2.5.5 does not require any authentication for database operations, which allows remote attackers to create admin users via a con.automationframework users insert_one call.
CVE-2019-9763
PUBLISHED: 2019-06-19
An issue was discovered in Openfind Mail2000 v6 Webmail. XSS can occur via an '<object data="data:text/html' substring in an e-mail message (The vendor subsequently patched this).