Third-Party Cyber-Risk by the Numbers
GoT Guide to Cybersecurity: Preparing for Battle During a Staffing Shortage
8 'SOC-as-a-Service' Offerings
8 Steps to More Effective Small Business Security
Cartoon: The Cyber Mindset
News & Commentary
Exploits for Adobe Vulnerabilities Spiked in 2018
Jai Vijayan, Freelance writerNews
With Flash Player on way out, attackers are renewing their focus on Acrobat Reader, RiskSense found.
By Jai Vijayan Freelance writer, 4/23/2019
Comment0 comments  |  Read  |  Post a Comment
When Every Attack Is a Zero Day
Saumitra Das, CTO and Co-Founder of Blue HexagonCommentary
Stopping malware the first time is an ideal that has remained tantalizingly out of reach. But automation, artificial intelligence, and deep learning are poised to change that.
By Saumitra Das CTO and Co-Founder of Blue Hexagon, 4/23/2019
Comment0 comments  |  Read  |  Post a Comment
Will the US Adopt a National Privacy Law?
Seth P.  Berman, Partner, NutterCommentary
Probably not before the 2020 election. But keep an eye on this Congress as legislators debate how to define personal data and what limits to place on how companies use it.
By Seth P. Berman Partner, Nutter, 4/23/2019
Comment0 comments  |  Read  |  Post a Comment
7 Ways to Get the Most from Your IDS/IPS
Curtis Franklin Jr., Senior Editor at Dark Reading
Intrusion detection and prevention is at the foundation of successful security in-depth. Securing the perimeter requires a solid understanding of these two critical components.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/23/2019
Comment0 comments  |  Read  |  Post a Comment
1 in 4 Workers Are Aware Of Security Guidelines but Ignore Them
Steve Zurier, Freelance WriterNews
Even more are knowingly connecting to unsecure networks and sharing confidential information through collaboration platforms, according to Symphony Communication Services.
By Steve Zurier Freelance Writer, 4/23/2019
Comment1 Comment  |  Read  |  Post a Comment
FBI: $2.7 Billion in Losses to Cyber-Enabled Crimes in 2018
Dark Reading Staff, Quick Hits
Internet Crime Complaint Center (IC3) last year received an average of 900+ reports daily of Internet-enabled theft, fraud, and exploitation.
By Dark Reading Staff , 4/22/2019
Comment1 Comment  |  Read  |  Post a Comment
Trojanized TeamViewer Used in Targeted Attacks Against Multiple Embassies
Jai Vijayan, Freelance writerNews
Motive remains unclear though financial theft appears to be one possibility, Check Point Research says.
By Jai Vijayan Freelance writer, 4/22/2019
Comment0 comments  |  Read  |  Post a Comment
WannaCry Hero Hutchins Pleads Guilty to Malware Charges
Kelly Sheridan, Staff Editor, Dark ReadingNews
Marcus Hutchins, the security researcher who helped halt the spread of the WannaCry attack, pleads guilty to two charges related to writing malware.
By Kelly Sheridan Staff Editor, Dark Reading, 4/22/2019
Comment0 comments  |  Read  |  Post a Comment
Who Gets Targeted Most in Cyberattack Campaigns
Dark Reading Staff, Quick Hits
Attackers are changing both their tactics and targets in an attempt to remain criminally successful, Proofpoint's study found.
By Dark Reading Staff , 4/22/2019
Comment0 comments  |  Read  |  Post a Comment
4 Tips to Protect Your Business Against Social Media Mistakes
Guy Bunker, CTO of ClearswiftCommentary
Don't let social media become the go-to platform for cybercriminals looking to steal sensitive corporate information or cause huge reputational damage.
By Guy Bunker CTO of Clearswift, 4/22/2019
Comment1 Comment  |  Read  |  Post a Comment
Researchers Find Clues for Dramatically Reducing IDS Traffic Volume
Dark Reading Staff, Quick Hits
Research at military labs and Towson University shows that identifying malicious activity may require much less captured data than has been the case.
By Dark Reading Staff , 4/19/2019
Comment1 Comment  |  Read  |  Post a Comment
Russia Hacked Clinton's Computers Five Hours After Trump's Call
Robert Lemos, Technology Journalist/Data ResearcherNews
Mueller report finds that in July 2016, after then-candidate Donald Trump publicly called for Russia to "find the 30,000 emails," Russian agents targeted Hillary Clinton's personal office with cyberattacks.
By Robert Lemos Technology Journalist/Data Researcher, 4/19/2019
Comment11 comments  |  Read  |  Post a Comment
APT34 Toolset, Victim Data Leaked via Telegram
Dark Reading Staff, Quick Hits
For the last month, an unknown individual or group has been sharing data and hacking tools belonging to Iranian hacker group APT34.
By Dark Reading Staff , 4/19/2019
Comment1 Comment  |  Read  |  Post a Comment
Free Princeton Application Provides IoT Traffic Insight
Dark Reading Staff, Quick Hits
The application developed by a research group allows users to spot possible IoT security problems.
By Dark Reading Staff , 4/19/2019
Comment1 Comment  |  Read  |  Post a Comment
Why We Need a 'Cleaner Internet'
Darren Anstee, Chief Technology Officer at Arbor NetworksCommentary
By blocking threats and attacks nearer to their sources, cybersecurity pros could help turn the connected world into a safer place for all.
By Darren Anstee Chief Technology Officer at Arbor Networks, 4/19/2019
Comment3 comments  |  Read  |  Post a Comment
Third-Party Cyber-Risk by the Numbers
Ericka Chickowski, Contributing Writer, Dark Reading
Recent stats show that the state of third-party cyber risk and vendor risk management remains largely immature at most organizations.
By Ericka Chickowski Contributing Writer, Dark Reading, 4/19/2019
Comment0 comments  |  Read  |  Post a Comment
Cisco Issues 31 Mid-April Security Alerts
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Among them, two are critical and six are of high importance.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/18/2019
Comment0 comments  |  Read  |  Post a Comment
Creator of Hub for Stolen Credit Cards Sentenced to 90 Months
Robert Lemos, Technology Journalist/Data ResearcherNews
Coming eight years after he launched the site, the steep sentence for the cybercriminal operator is based on a tab of $30 million in damages calculated by Mastercard and other credit card companies.
By Robert Lemos , 4/18/2019
Comment0 comments  |  Read  |  Post a Comment
6 Takeaways from Ransomware Attacks in Q1
Jai Vijayan, Freelance writerNews
Customized, targeted ransomware attacks were all the rage.
By Jai Vijayan Freelance writer, 4/18/2019
Comment1 Comment  |  Read  |  Post a Comment
Cloud Security Spend Set to Reach $12.6B by 2023
Kelly Sheridan, Staff Editor, Dark ReadingNews
Growth corresponds with a greater reliance on public cloud services.
By Kelly Sheridan Staff Editor, Dark Reading, 4/18/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Russia Hacked Clinton's Computers Five Hours After Trump's Call
Robert Lemos, Technology Journalist/Data Researcher,  4/19/2019
Tips for the Aftermath of a Cyberattack
Kelly Sheridan, Staff Editor, Dark Reading,  4/17/2019
Why We Need a 'Cleaner Internet'
Darren Anstee, Chief Technology Officer at Arbor Networks,  4/19/2019
Register for Dark Reading Newsletters
Cartoon
White Papers
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-7303
PUBLISHED: 2019-04-23
A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. The seccomp rules were generated to match 64-bit ioctl(2) commands on a 64-bit platform; however, the Linux kernel only uses the lower 32 b...
CVE-2019-7304
PUBLISHED: 2019-04-23
Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1.
CVE-2019-0223
PUBLISHED: 2019-04-23
While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with OpenSSL versions before 1...
CVE-2017-12619
PUBLISHED: 2019-04-23
Apache Zeppelin prior to 0.7.3 was vulnerable to session fixation which allowed an attacker to hijack a valid user session. Issue was reported by "stone lone".
CVE-2018-1317
PUBLISHED: 2019-04-23
In Apache Zeppelin prior to 0.8.0 the cron scheduler was enabled by default and could allow users to run paragraphs as other users without authentication.
Flash Poll
Video
Slideshows
Twitter Feed