Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
News & Commentary
VxWorks TCP/IP Stack Vulnerability Poses Major Manufacturing Risk
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A new analysis shows the scale of risk posed by networking vulnerabilities in a popular embedded real-time operating system.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/19/2019
Comment0 comments  |  Read  |  Post a Comment
Behind the Scenes at ICS Village
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
ICS Village co-founder Bryson Bort reveals plans for research-dedicated events that team independent researchers, critical infrastructure owners, and government specialists.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/16/2019
Comment0 comments  |  Read  |  Post a Comment
Apple's New Bounty Program Has Huge Incentives, Big Risks
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Industry observers applaud the program's ability to find exploits but fear unintended consequences.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/13/2019
Comment0 comments  |  Read  |  Post a Comment
Hackers Can Hurt Victims with Noise
Dark Reading Staff, Quick Hits
Research presented at DEF CON shows that attackers can hijack Wi-Fi and Bluetooth-connected speakers to produce damaging sounds.
By Dark Reading Staff , 8/12/2019
Comment0 comments  |  Read  |  Post a Comment
6 Security Considerations for Wrangling IoT
Prabhuram Mohan, Senior Director of Engineering at WhiteHat SecurityCommentary
The Internet of Things isn't going away, so it's important to be aware of the technology's potential pitfalls.
By Prabhuram Mohan Senior Director of Engineering at WhiteHat Security, 8/12/2019
Comment0 comments  |  Read  |  Post a Comment
Significant Vulnerabilities Found in 6 Common Printer Brands
Robert Lemos, Contributing WriterNews
In a half-year project, two researchers tested six of the top enterprise printer brands and found vulnerabilities in every device, some of which allow remote execution.
By Robert Lemos Contributing Writer, 8/9/2019
Comment0 comments  |  Read  |  Post a Comment
Dark Reading News Desk Live at Black Hat USA 2019
Sara Peters, Senior Editor at Dark ReadingNews
Watch right here for 40 video interviews with speakers and sponsors. Streaming live from Black Hat USA Wednesday and Thursday 2 p.m. to 6 p.m. Eastern.
By Sara Peters Senior Editor at Dark Reading, 8/8/2019
Comment1 Comment  |  Read  |  Post a Comment
Researchers Show Vulnerabilities in Facial Recognition
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
The algorithms that check for a user's 'liveness' have blind spots that can lead to vulnerabilities.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/7/2019
Comment1 Comment  |  Read  |  Post a Comment
Boeing 787 On-Board Network Vulnerable to Remote Hacking, Researcher Says
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Boeing disputes IOActive findings ahead of security firm's Black Hat USA presentation.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/7/2019
Comment0 comments  |  Read  |  Post a Comment
US Air Force Bug Bounty Program Nets 54 Flaws for $123,000
Robert Lemos, Contributing WriterNews
The Air Force brought together 50 vetted hackers to find the vulnerabilities in the latest bug-bounty program hosted by a branch of the US military.
By Robert Lemos Contributing Writer, 8/6/2019
Comment1 Comment  |  Read  |  Post a Comment
Russian Attack Group Uses Phones & Printers to Breach Corporate Networks
Dark Reading Staff, Quick Hits
Microsoft spotted Strontium, also known as APT28 or Fancy Bear, using IoT devices to breach businesses and seek high-value data.
By Dark Reading Staff , 8/6/2019
Comment1 Comment  |  Read  |  Post a Comment
US Utilities Hit with Phishing Attack
Dark Reading Staff, Quick Hits
An email phishing attack, thought to be from a nation-state actor, claims that engineers have failed licensing exams.
By Dark Reading Staff , 8/2/2019
Comment0 comments  |  Read  |  Post a Comment
Why the Network Is Central to IoT Security
Jon Green, President & CTO for Security at Aruba Networks, a Hewlett Packard EnterpriseCommentary
Is there something strange about your network activity? Better make sure all of your IoT devices are under control.
By Jon Green President & CTO for Security at Aruba Networks, a Hewlett Packard Enterprise, 7/31/2019
Comment1 Comment  |  Read  |  Post a Comment
Keep Your Eye on Digital Certificates
Terry Sweeney, Contributing Editor
X.509 certificates help secure the identity, privacy, and communication between two endpoints, but these digital certificates also have built-in expirations and must be managed.
By Terry Sweeney Contributing Editor, 7/31/2019
Comment1 Comment  |  Read  |  Post a Comment
Insecure Real-Time Video Protocols Allow Hollywood-Style Hacking
Robert Lemos, Contributing WriterNews
Lack of security in the default settings of Internet-enabled video cameras make co-opting video feeds not just a movie-hacker technique, but a reality for millions of cameras.
By Robert Lemos Contributing Writer, 7/30/2019
Comment0 comments  |  Read  |  Post a Comment
Series of Zero-Day Vulnerabilities Could Endanger 200 Million Devices
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Vulnerabilities in VxWorks' TCP stack could allow an attacker to execute random code, launch a DoS attack, or use the vulnerable system to attack other devices.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 7/29/2019
Comment0 comments  |  Read  |  Post a Comment
Mirai-Like Botnet Wages Massive Application-Layer DDoS Attack
Robert Lemos, Contributing WriterNews
IoT botnetmade up mainly of routershit a service provider with nearly 300,000 requests-per-second in a 13-day deluge of data.
By Robert Lemos Contributing Writer, 7/24/2019
Comment1 Comment  |  Read  |  Post a Comment
CISA Warns Public About the Risks of 5G
Dark Reading Staff, Quick Hits
Vulnerabilities include everything from physical risks through the supply chain to business risks.
By Dark Reading Staff , 7/23/2019
Comment0 comments  |  Read  |  Post a Comment
Mirai Groups Target Business IoT Devices
Robert Lemos, Contributing WriterNews
More than 30% of Mirai attacks, and an increasing number of variants of the malicious malare, are going after enterprise IoT devices, raising the stakes for business.
By Robert Lemos Contributing Writer, 7/19/2019
Comment1 Comment  |  Read  |  Post a Comment
Bluetooth Bug Enables Tracking on Windows 10, iOS & macOS Devices
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers discover a third-party algorithm in multiple high-profile Bluetooth devices exposes users to third-party tracking and data access.
By Kelly Sheridan Staff Editor, Dark Reading, 7/17/2019
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by allenred
Current Conversations nice post
In reply to: cyber security
Post Your Own Reply
Posted by christie446
Current Conversations it very funny
In reply to: woa
Post Your Own Reply
Posted by johnadao
Current Conversations Thank you somuch
In reply to: Thank you somuch
Post Your Own Reply
More Conversations
GitHub Named in Capital One Breach Lawsuit
Dark Reading Staff 8/14/2019
The Mainframe Is Seeing a Resurgence. Is Security Keeping Pace?
Ray Overby, Co-Founder & President at Key Resources, Inc.,  8/15/2019
The Flaw in Vulnerability Management: It's Time to Get Real
Jim Souders, Chief Executive Officer at Adaptiva,  8/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5034
PUBLISHED: 2019-08-20
An exploitable information disclosure vulnerability exists in the Weave Legacy Pairing functionality of Nest Cam IQ Indoor version 4620002. A set of specially crafted weave packets can cause an out of bounds read, resulting in information disclosure. An attacker can send packets to trigger this vuln...
CVE-2019-5035
PUBLISHED: 2019-08-20
An exploitable information disclosure vulnerability exists in the Weave PASE pairing functionality of the Nest Cam IQ Indoor, version 4620002. A set of specially crafted weave packets can brute force a pairing code, resulting in greater Weave access and potentially full device control. An attacker c...
CVE-2019-5036
PUBLISHED: 2019-08-20
An exploitable denial-of-service vulnerability exists in the Weave error reporting functionality of the Nest Cam IQ Indoor, version 4620002. A specially crafted weave packets can cause an arbitrary Weave Exchange Session to close, resulting in a denial of service. An attacker can send a specially cr...
CVE-2019-8103
PUBLISHED: 2019-08-20
Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation ...
CVE-2019-8104
PUBLISHED: 2019-08-20
Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation ...