Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

News & Commentary
Drone Path Often Reveals Operator's Location
Robert Lemos, Contributing WriterNews
The threat posed by drones to critical infrastructure and other operational technology is made more serious by the inability of law enforcement to locate operators, researchers say.
By Robert Lemos Contributing Writer, 7/7/2020
Comment0 comments  |  Read  |  Post a Comment
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark ReadingNews
Cosmic Lynx takes a sophisticated approach to business email compromise and represents a shift in tactics for Russian cybercriminals.
By Kelly Sheridan Staff Editor, Dark Reading, 7/7/2020
Comment0 comments  |  Read  |  Post a Comment
COVID-19: Latest Security News & Commentary
Dark Reading Staff, News
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
By Dark Reading Staff , 7/6/2020
Comment13 comments  |  Read  |  Post a Comment
Cybersecurity's Lament: There Are No Cooks in Space
Curtis Franklin Jr., Senior Editor at Dark Reading
Cybersecurity staff are on edge for the same reason that there are no cooks on the ISS: Organizations are carefully watching expenses for jobs that don't require dedicated team members.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 7/3/2020
Comment0 comments  |  Read  |  Post a Comment
Anatomy of a Long-Con Phish
Chenxi Wang, Founder and General Partner, Rain CapitalExpert Insights
A fraudster on LinkedIn used my online profile in an apparent attempt to pull off a wide-ranging scam business venture.
By Chenxi Wang Founder and General Partner, Rain Capital, 7/2/2020
Comment0 comments  |  Read  |  Post a Comment
Considerations for Seamless CCPA Compliance
Anurag Kahol, CTO, BitglassCommentary
Three steps to better serve consumers, ensure maximum security, and achieve compliance with the California Consumer Privacy Act.
By Anurag Kahol CTO, Bitglass, 7/2/2020
Comment0 comments  |  Read  |  Post a Comment
7 IoT Tips for Home Users
Steve Zurier, Contributing Writer
Whether for business or pleasure, you're on your own once you walk into the house with a new Internet of Things device. Here's how to keep everyone secure.
By Steve Zurier Contributing Writer, 7/2/2020
Comment0 comments  |  Read  |  Post a Comment
Businesses Invest in Cloud Security Tools Despite Concerns
Kelly Sheridan, Staff Editor, Dark ReadingNews
A majority of organizations say the acceleration was driven by a need to support more remote employees.
By Kelly Sheridan Staff Editor, Dark Reading, 7/1/2020
Comment0 comments  |  Read  |  Post a Comment
Don't Slow Cybersecurity Spending: Steer into the Skid with a Tight Business Plan
Mark Darby, CEO of ISMS.onlineCommentary
We all know there are slippery conditions ahead, which is why it's never been more important for organizations to maintain and even increase their spending on cybersecurity.
By Mark Darby CEO of ISMS.online, 6/30/2020
Comment2 comments  |  Read  |  Post a Comment
CISA Issues Advisory on Home Routers
Dark Reading Staff, Quick Hits
The increase in work-from-home employees raises the importance of home router security.
By Dark Reading Staff , 6/30/2020
Comment1 Comment  |  Read  |  Post a Comment
Criminals Turn to IM Platforms to Avoid Law Enforcement Scrutiny
Jai Vijayan, Contributing WriterNews
Researchers from IntSights observed a sharp increase in the use of popular instant messaging apps over the past year among threat groups.
By Jai Vijayan Contributing Writer, 6/25/2020
Comment6 comments  |  Read  |  Post a Comment
Contact Tracing & Threat Intel: Broken Tools & Processes
Doug Helton, Chief Strategy Officer & VP Intelligence, King & UnionCommentary
How epidemiology can solve the people problem in security.
By Doug Helton Chief Strategy Officer & VP Intelligence, King & Union, 6/25/2020
Comment0 comments  |  Read  |  Post a Comment
Rethinking Enterprise Access, Post-COVID-19
Dor Knafo, Co-Founder & CEO of Axis SecurityCommentary
New approaches will allow businesses to reduce risk while meeting the needs of users, employees, and third parties. Here are three issues to consider when reimagining enterprise application access.
By Dor Knafo Co-Founder & CEO of Axis Security, 6/24/2020
Comment0 comments  |  Read  |  Post a Comment
How to Wring Every Last Drop Out of Your Security Budget
Joan Goodchild, Contributing Writer
In the face of tighter budgets and lowered spending forecasts due to the pandemic, optimizing and improving the efficiency of security programs -- without sacrificing integrity -- has never been more important.
By Joan Goodchild Contributing Writer, 6/22/2020
Comment0 comments  |  Read  |  Post a Comment
Employees Say They're Working From Home Without Security Guidance
Dark Reading Staff, Quick Hits
Working from home is new for many enterprise employees, yet many say they've received little in the way of new training or technology to keep them safe.
By Dark Reading Staff , 6/22/2020
Comment2 comments  |  Read  |  Post a Comment
Long-Term Effects of COVID-19 on the Cybersecurity Industry
Ran Shahor, CEO at HolistiCyberCommentary
The maelstrom of change we're going through presents a unique opportunity to become enablers. And to do that requires flexibility.
By Ran Shahor CEO at HolistiCyber, 6/22/2020
Comment6 comments  |  Read  |  Post a Comment
Cloud Threats and Priorities as We Head Into the Second Half of 2020
Ericka Chickowski, Contributing Writer
With millions working from home and relying on the cloud, security leaders are under increasing pressure to keep their enterprises breach-free.
By Ericka Chickowski Contributing Writer, 6/22/2020
Comment0 comments  |  Read  |  Post a Comment
What Will Cybersecurity's 'New Normal' Look Like?
Curtis Franklin, Security Editor
The coronavirus pandemic has forced changes for much of the business world, cybersecurity included. What can we expect going forward?
By Curtis Franklin Security Editor, 6/19/2020
Comment2 comments  |  Read  |  Post a Comment
'New Normal' Caption Contest Winners
Marilyn Cohodas, Managing Editor, Dark ReadingCommentary
Competitors submitted lots of clever virus puns, and the prizes go to ...
By Marilyn Cohodas Managing Editor, Dark Reading, 6/19/2020
Comment0 comments  |  Read  |  Post a Comment
Healthcare CISOs Share COVID-19 Response Stories
Kelly Sheridan, Staff Editor, Dark ReadingNews
Cybersecurity leaders discussed the threats and challenges that arose during the pandemic, and how they responded, during a virtual roundtable.
By Kelly Sheridan Staff Editor, Dark Reading, 6/18/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by NoahSorell
Current Conversations Really!
In reply to: Re: Not surprising
Post Your Own Reply
More Conversations
PR Newswire
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/6/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15350
PUBLISHED: 2020-07-07
RIOT 2020.04 has a buffer overflow in the base64 decoder. The decoding function base64_decode() uses an output buffer estimation function to compute the required buffer capacity and validate against the provided buffer size. The base64_estimate_decode_size() function calculates the expected decoded ...
CVE-2019-19935
PUBLISHED: 2020-07-07
Froala Editor before 3.0.6 allows XSS.
CVE-2020-11882
PUBLISHED: 2020-07-07
The O2 Business application 1.2.0 for Android exposes the canvasm.myo2.SplashActivity activity to other applications. The purpose of this activity is to handle deeplinks that can be delivered either via links or by directly calling the activity. However, the deeplink format is not properly validated...
CVE-2020-15028
PUBLISHED: 2020-07-07
NeDi 1.9C is vulnerable to a cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Topology-Map.php xo parameter.
CVE-2020-15029
PUBLISHED: 2020-07-07
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Assets-Management.php sn parameter.