IoT
News & Commentary
Free Princeton Application Provides IoT Traffic Insight
Dark Reading Staff, Quick Hits
The application developed by a research group allows users to spot possible IoT security problems.
By Dark Reading Staff , 4/19/2019
Comment1 Comment  |  Read  |  Post a Comment
Why We Need a 'Cleaner Internet'
Darren Anstee, Chief Technology Officer at Arbor NetworksCommentary
By blocking threats and attacks nearer to their sources, cybersecurity pros could help turn the connected world into a safer place for all.
By Darren Anstee Chief Technology Officer at Arbor Networks, 4/19/2019
Comment3 comments  |  Read  |  Post a Comment
This Week in Security Funding: Where the Money Went
Kelly Sheridan, Staff Editor, Dark ReadingNews
Predictions for cybersecurity investment in 2019 are holding true with funding announcements from four startups.
By Kelly Sheridan Staff Editor, Dark Reading, 4/12/2019
Comment0 comments  |  Read  |  Post a Comment
Stop Mocking & Start Enabling Emerging Technologies
Rick Holland, Chief Information Security Officer and Vice President of  Strategy at Digital ShadowsCommentary
Mocking new technology isn't productive and can lead to career disadvantage.
By Rick Holland Chief Information Security Officer and Vice President of Strategy at Digital Shadows, 4/9/2019
Comment0 comments  |  Read  |  Post a Comment
Airports & Operational Technology: 4 Attack Scenarios
Edy Almer, VP Product, CyberbitCommentary
As OT systems increasingly fall into the crosshairs of cyberattackers, aviation-industry CISOs have become hyper-focused on securing them.
By Edy Almer VP Product, Cyberbit, 4/2/2019
Comment0 comments  |  Read  |  Post a Comment
7 Malware Families Ready to Ruin Your IoT's Day
Curtis Franklin Jr., Senior Editor at Dark Reading
This latest list of Internet of Things miscreants doesn't limit itself to botnets, like Mirai.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 3/29/2019
Comment1 Comment  |  Read  |  Post a Comment
Microsoft Tackles IoT Security with New Azure Updates
Kelly Sheridan, Staff Editor, Dark ReadingNews
The Azure Security Center for IoT provides teams with an overview of IoT devices and helps monitor their security properties.
By Kelly Sheridan Staff Editor, Dark Reading, 3/28/2019
Comment2 comments  |  Read  |  Post a Comment
Inside Cyber Battlefields, the Newest Domain of War
Kelly Sheridan, Staff Editor, Dark ReadingNews
In his Black Hat Asia keynote, Mikko Hypponen explored implications of "the next arms race" and why cyber will present challenges never before seen in warfare.
By Kelly Sheridan Staff Editor, Dark Reading, 3/28/2019
Comment3 comments  |  Read  |  Post a Comment
Hacker AI vs. Enterprise AI: A New Threat
Satish Abburi, Founder of Elysium AnalyticsCommentary
Artificial intelligence and machine learning are being weaponized using the same logic and functionality that legitimate organizations use.
By Satish Abburi Founder of Elysium Analytics, 3/21/2019
Comment0 comments  |  Read  |  Post a Comment
DDoS Attack Size Drops 85% in Q4 2018
Kelly Sheridan, Staff Editor, Dark ReadingNews
The sharp decline follows an FBI takedown of so-called "booter," or DDoS-for-hire, websites in December 2018.
By Kelly Sheridan Staff Editor, Dark Reading, 3/19/2019
Comment0 comments  |  Read  |  Post a Comment
Norsk Hydro Shuts Plants Amid Ransomware Attack
Kelly Sheridan, Staff Editor, Dark ReadingQuick Hits
The cyberattack, first detected on Monday night, has shut down Norsk's entire global network.
By Kelly Sheridan Staff Editor, Dark Reading, 3/19/2019
Comment1 Comment  |  Read  |  Post a Comment
New Mirai Version Targets Business IoT Devices
Dark Reading Staff, Quick Hits
The notorious Internet of Things botnet is evolving to attack more types of devices including those found in enterprises.
By Dark Reading Staff , 3/19/2019
Comment1 Comment  |  Read  |  Post a Comment
New IoT Security Bill: Third Time's the Charm?
Robert Lemos, Technology Journalist/Data ResearcherNews
The latest bill to set security standards for connected devices sold to the US government has fewer requirements, instead leaving recommendations to the National Institute of Standards and Technology.
By Robert Lemos Technology Journalist/Data Researcher, 3/18/2019
Comment0 comments  |  Read  |  Post a Comment
7 Low-Cost Security Tools
Curtis Franklin Jr., Senior Editor at Dark Reading
Security hardware doesn't have to be expensive or complex to do the job. Here are seven examples of low-cost hardware that could fill a need in your security operations.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 3/15/2019
Comment0 comments  |  Read  |  Post a Comment
Anomaly Detection Techniques: Defining Normal
Rosaria Silipo, Ph.D., Principal Data Scientist, KNIMECommentary
The challenge is identifying suspicious events in training sets where no anomalies are encountered. Part two of a two-part series.
By Rosaria Silipo Ph.D., Principal Data Scientist, KNIME, 3/14/2019
Comment0 comments  |  Read  |  Post a Comment
New Malware Shows Marketing Polish
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A new strain of point-of-sale malware skims credit card numbers and comes via a highly polished marketing campaign.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 3/13/2019
Comment0 comments  |  Read  |  Post a Comment
GPS Spoof Hits Geneva Motor Show
Dark Reading Staff, Quick Hits
Incident leaves GPS units showing a location in England and a date 17 years in the future.
By Dark Reading Staff , 3/13/2019
Comment1 Comment  |  Read  |  Post a Comment
The Case for Transparency in End-User License Agreements
Lysa Myers, Security Researcher, ESETCommentary
Why it behooves technology companies to consider EULAs as an opportunity to accurately inform customers about privacy issues and other important information.
By Lysa Myers Security Researcher, ESET, 3/13/2019
Comment0 comments  |  Read  |  Post a Comment
NSA, DHS Call for Info Sharing Across Public and Private Sectors
Kelly Sheridan, Staff Editor, Dark ReadingNews
Industry leaders debate how government and businesses can work together on key cybersecurity issues.
By Kelly Sheridan Staff Editor, Dark Reading, 3/11/2019
Comment0 comments  |  Read  |  Post a Comment
Georgia's Jackson County Pays $400K to Ransomware Attackers
Dark Reading Staff, Quick Hits
The ransomware campaign started March 1 and shut down most of Jackson County's IT systems.
By Dark Reading Staff , 3/11/2019
Comment3 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Russia Hacked Clinton's Computers Five Hours After Trump's Call
Robert Lemos, Technology Journalist/Data Researcher,  4/19/2019
Tips for the Aftermath of a Cyberattack
Kelly Sheridan, Staff Editor, Dark Reading,  4/17/2019
Why We Need a 'Cleaner Internet'
Darren Anstee, Chief Technology Officer at Arbor Networks,  4/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-7303
PUBLISHED: 2019-04-23
A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. The seccomp rules were generated to match 64-bit ioctl(2) commands on a 64-bit platform; however, the Linux kernel only uses the lower 32 b...
CVE-2019-7304
PUBLISHED: 2019-04-23
Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1.
CVE-2019-0223
PUBLISHED: 2019-04-23
While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with OpenSSL versions before 1...
CVE-2017-12619
PUBLISHED: 2019-04-23
Apache Zeppelin prior to 0.7.3 was vulnerable to session fixation which allowed an attacker to hijack a valid user session. Issue was reported by "stone lone".
CVE-2018-1317
PUBLISHED: 2019-04-23
In Apache Zeppelin prior to 0.8.0 the cron scheduler was enabled by default and could allow users to run paragraphs as other users without authentication.