Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

News & Commentary
COVID-19: Latest Security News & Commentary
Dark Reading Staff, News
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
By Dark Reading Staff , 7/2/2020
Comment13 comments  |  Read  |  Post a Comment
7 IoT Tips for Home Users
Steve Zurier, Contributing Writer
Whether for business or pleasure, you're on your own once you walk into the house with a new Internet of Things device. Here's how to keep everyone secure.
By Steve Zurier Contributing Writer, 7/2/2020
Comment0 comments  |  Read  |  Post a Comment
Businesses Invest in Cloud Security Tools Despite Concerns
Kelly Sheridan, Staff Editor, Dark ReadingNews
A majority of organizations say the acceleration was driven by a need to support more remote employees.
By Kelly Sheridan Staff Editor, Dark Reading, 7/1/2020
Comment0 comments  |  Read  |  Post a Comment
Don't Slow Cybersecurity Spending: Steer into the Skid with a Tight Business Plan
Mark Darby, CEO of ISMS.onlineCommentary
We all know there are slippery conditions ahead, which is why it's never been more important for organizations to maintain and even increase their spending on cybersecurity.
By Mark Darby CEO of ISMS.online, 6/30/2020
Comment1 Comment  |  Read  |  Post a Comment
CISA Issues Advisory on Home Routers
Dark Reading Staff, Quick Hits
The increase in work-from-home employees raises the importance of home router security.
By Dark Reading Staff , 6/30/2020
Comment1 Comment  |  Read  |  Post a Comment
Criminals Turn to IM Platforms to Avoid Law Enforcement Scrutiny
Jai Vijayan, Contributing WriterNews
Researchers from IntSights observed a sharp increase in the use of popular instant messaging apps over the past year among threat groups.
By Jai Vijayan Contributing Writer, 6/25/2020
Comment6 comments  |  Read  |  Post a Comment
Contact Tracing & Threat Intel: Broken Tools & Processes
Doug Helton, Chief Strategy Officer & VP Intelligence, King & UnionCommentary
How epidemiology can solve the people problem in security.
By Doug Helton Chief Strategy Officer & VP Intelligence, King & Union, 6/25/2020
Comment0 comments  |  Read  |  Post a Comment
Rethinking Enterprise Access, Post-COVID-19
Dor Knafo, Co-Founder & CEO of Axis SecurityCommentary
New approaches will allow businesses to reduce risk while meeting the needs of users, employees, and third parties. Here are three issues to consider when reimagining enterprise application access.
By Dor Knafo Co-Founder & CEO of Axis Security, 6/24/2020
Comment1 Comment  |  Read  |  Post a Comment
How to Wring Every Last Drop Out of Your Security Budget
Joan Goodchild, Contributing Writer
In the face of tighter budgets and lowered spending forecasts due to the pandemic, optimizing and improving the efficiency of security programs -- without sacrificing integrity -- has never been more important.
By Joan Goodchild Contributing Writer, 6/22/2020
Comment1 Comment  |  Read  |  Post a Comment
Employees Say They're Working From Home Without Security Guidance
Dark Reading Staff, Quick Hits
Working from home is new for many enterprise employees, yet many say they've received little in the way of new training or technology to keep them safe.
By Dark Reading Staff , 6/22/2020
Comment3 comments  |  Read  |  Post a Comment
Long-Term Effects of COVID-19 on the Cybersecurity Industry
Ran Shahor, CEO at HolistiCyberCommentary
The maelstrom of change we're going through presents a unique opportunity to become enablers. And to do that requires flexibility.
By Ran Shahor CEO at HolistiCyber, 6/22/2020
Comment7 comments  |  Read  |  Post a Comment
Cloud Threats and Priorities as We Head Into the Second Half of 2020
Ericka Chickowski, Contributing Writer
With millions working from home and relying on the cloud, security leaders are under increasing pressure to keep their enterprises breach-free.
By Ericka Chickowski Contributing Writer, 6/22/2020
Comment0 comments  |  Read  |  Post a Comment
What Will Cybersecurity's 'New Normal' Look Like?
Curtis Franklin, Security Editor
The coronavirus pandemic has forced changes for much of the business world, cybersecurity included. What can we expect going forward?
By Curtis Franklin Security Editor, 6/19/2020
Comment3 comments  |  Read  |  Post a Comment
'New Normal' Caption Contest Winners
Marilyn Cohodas, Managing Editor, Dark ReadingCommentary
Competitors submitted lots of clever virus puns, and the prizes go to ...
By Marilyn Cohodas Managing Editor, Dark Reading, 6/19/2020
Comment0 comments  |  Read  |  Post a Comment
Healthcare CISOs Share COVID-19 Response Stories
Kelly Sheridan, Staff Editor, Dark ReadingNews
Cybersecurity leaders discussed the threats and challenges that arose during the pandemic, and how they responded, during a virtual roundtable.
By Kelly Sheridan Staff Editor, Dark Reading, 6/18/2020
Comment0 comments  |  Read  |  Post a Comment
The Bigger the News, the Bigger the Cyber Threats
Len Shneyder, Co-Chair of the Election Special Interest Group at the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG)Commentary
Criminals use disasters, wars, and now pandemics as air cover to focus collective anxiety and fear into highly targeted, malicious messaging.
By Len Shneyder Co-Chair of the Election Special Interest Group at the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG), 6/18/2020
Comment0 comments  |  Read  |  Post a Comment
60% of Businesses Plan to Spend More on Cyber Insurance
Dark Reading Staff, Quick Hits
New data reveals 65% of SMEs plan to invest more in cyber insurance, compared with 58% of large enterprises.
By Dark Reading Staff , 6/18/2020
Comment1 Comment  |  Read  |  Post a Comment
Most Contact-Tracing Apps Fail Basic Security
Robert Lemos, Contributing WriterNews
A survey of 17 Android applications for informing citizens if they had potential contact with a COVD-19-infected individual finds few have adopted code-hardening techniques.
By Robert Lemos Contributing Writer, 6/18/2020
Comment0 comments  |  Read  |  Post a Comment
CISO Dialogue: How to Optimize Your Security Budget
Chris Triolo, Vice President of Customer Success, Respond SoftwareCommentary
CISOs are never going to have all the finances they want. Hard choices must be made. The CISO of Amazon Prime Video discusses his approaches to a slimmed-down budget.
By Chris Triolo Vice President of Customer Success, Respond Software, 6/18/2020
Comment0 comments  |  Read  |  Post a Comment
7 Tips for Employers Navigating Remote Recruitment
Kelly Sheridan, Staff Editor, Dark Reading
Hiring experts explain how companies should approach recruitment when employers and candidates are working remotely.
By Kelly Sheridan Staff Editor, Dark Reading, 6/17/2020
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by NoahSorell
Current Conversations Really!
In reply to: Re: Not surprising
Post Your Own Reply
More Conversations
PR Newswire
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/2/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-9498
PUBLISHED: 2020-07-02
Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP server, a series ofspecially-crafted PDUs could result in memory corruption, possiblyallowing arbitrary code to be executed...
CVE-2020-3282
PUBLISHED: 2020-07-02
A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attack...
CVE-2020-5909
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Controller user interface (UI) to fetch the agent installer, the server TLS certificate is not verified.
CVE-2020-5910
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized.
CVE-2020-5911
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system.