Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats //

Advanced Threats

News & Commentary
7 Ways to Keep Your Remote Workforce Safe
Steve Zurier, Contributing Writer
These tips will help you chart a course for a security strategy that just may become part of the normal way organizations will function over the next several years.
By Steve Zurier Contributing Writer, 8/14/2020
Comment1 Comment  |  Read  |  Post a Comment
Kr00k, KRACK, and the Seams in Wi-Fi, IoT Encryption
Ericka Chickowski, Contributing WriterNews
Black Hat talk expands on research that uncovered more weaknesses in Wi-Fi chips allowing for the unauthorized decryption of traffic.
By Ericka Chickowski Contributing Writer, 8/12/2020
Comment0 comments  |  Read  |  Post a Comment
How to Help Spoil the Cybercrime Economy
Marc Wilczek, Digital Strategist & COO of Link11Commentary
Cybercrime increasingly is turning into a commodity. Stolen PII data and hijacked cloud accounts especially propel the spread, research shows.
By Marc Wilczek Digital Strategist & COO of Link11, 8/11/2020
Comment0 comments  |  Read  |  Post a Comment
IoT Security During COVID-19: What We've Learned & Where We're Going
Aamir Lakhani, Cybersecurity Researcher and Practitioner for FortiGuard LabsCommentary
Vigilance and ongoing training combined with an integrated security framework are key aspects of a successful strategy in the fight against the latest crop of pandemic opportunists.
By Aamir Lakhani Cybersecurity Researcher and Practitioner for FortiGuard Labs, 8/7/2020
Comment0 comments  |  Read  |  Post a Comment
Dark Reading Video News Desk Returns to Black Hat
Sara Peters, Senior Editor at Dark ReadingNews
UPDATED: Coming to you prerecorded from in front of carefully arranged bookcases around the world ...!
By Sara Peters Senior Editor at Dark Reading, 8/6/2020
Comment0 comments  |  Read  |  Post a Comment
Why Satellite Communication Eavesdropping Will Remain A Problem
Dark Reading Staff, News
Oxford PhD candidate James Pavur shows that SATCOM security has still made no progress since previous Black Hat disclosures, and discusses the physical and economic limitations that slow make it unlikely to improve anytime soon.
By Dark Reading Staff , 8/6/2020
Comment0 comments  |  Read  |  Post a Comment
Russian Election Interference: Whats Next?
Sara Peters, Senior Editor at Dark ReadingNews
Nate Beach-Westmoreland gives a look back at the past 10 years of Russian election interference and disinformation campaigns. What can we learn from the past and what should we expect as the 2020 US presidential election approaches?
By Sara Peters Senior Editor at Dark Reading, 8/5/2020
Comment0 comments  |  Read  |  Post a Comment
Retooling the SOC for a Post-COVID World
Nilesh Dherange, CTO at GuruculCommentary
Residual work-from-home policies will require changes to security policies, procedures, and technologies.
By Nilesh Dherange CTO at Gurucul, 8/4/2020
Comment0 comments  |  Read  |  Post a Comment
Dark Web Travel Fraudsters Left Hurting From Lockdowns
Ericka Chickowski, Contributing WriterNews
Shadow travel businesses that depend on loyalty program fraud have been impacted just like the legitimate travel orgs they prey on.
By Ericka Chickowski Contributing Writer, 7/30/2020
Comment0 comments  |  Read  |  Post a Comment
Using the Attack Cycle to Up Your Security Game
Todd Graham, Vice President, VenrockCommentary
Like the universe, the attack surface is always expanding. Here's how to keep up and even get ahead.
By Todd Graham Vice President, Venrock, 7/30/2020
Comment0 comments  |  Read  |  Post a Comment
Technical Challenges of IoT Cybersecurity in a Post-COVID-19 World
Dr. Johannes Bauer, Principal Security Advisor at ULCommentary
Effective management of vulnerabilities can be done only when information about supply chain dependencies is accurate and recent.
By Dr. Johannes Bauer Principal Security Advisor at UL, 7/29/2020
Comment0 comments  |  Read  |  Post a Comment
The Future's Biggest Cybercrime Threat May Already Be Here
Steve Durbin, Managing Director of the Information Security ForumCommentary
Current attacks will continue to be refined, and what may seem a weakness now could turn out to be a disaster.
By Steve Durbin Managing Director of the Information Security Forum, 7/29/2020
Comment0 comments  |  Read  |  Post a Comment
Autonomous IT: Less Reacting, More Securing
Greg Jensen, Senior Director of Security at Oracle CorporationCommentary
Keeping data secure requires a range of skills and perfect execution. AI makes that possible.
By Greg Jensen Senior Director of Security at Oracle Corporation, 7/28/2020
Comment1 Comment  |  Read  |  Post a Comment
Deepfakes & James Bond Research Project: Cool but Dangerous
Matt Lewis, Technical Research Director at NCC GroupCommentary
Open source software for creating deepfakes is getting better and better, to the chagrin of researchers
By Matt Lewis Technical Research Director at NCC Group, 7/23/2020
Comment1 Comment  |  Read  |  Post a Comment
8 Cybersecurity Themes to Expect at Black Hat USA 2020
Ericka Chickowski, Contributing Writer
Here are the trends and topics that'll capture the limelight at this year's virtual event.
By Ericka Chickowski Contributing Writer, 7/23/2020
Comment0 comments  |  Read  |  Post a Comment
North Korea's Lazarus Group Developing Cross-Platform Malware Framework
Robert Lemos, Contributing WriterNews
The APT group, known for its attack on Sony Pictures in 2014, has created an "advanced malware framework" that can launch and manage attacks against systems running Windows, MacOS, and Linux.
By Robert Lemos Contributing Writer, 7/22/2020
Comment0 comments  |  Read  |  Post a Comment
Cybersecurity Lessons from the Pandemic
Monica Verma, CISO and Board Member of Cloud Security Alliance NorwayCommentary
How does cybersecurity support business and society? The pandemic shows us.
By Monica Verma CISO and Board Member of Cloud Security Alliance Norway, 7/22/2020
Comment2 comments  |  Read  |  Post a Comment
Leading Through Uncertainty: Be Proactive in Your Dark Web Intelligence Strategy
Srilekha Sankaran, Product Consultant at ManageEngineCommentary
Having a strong Dark Web intelligence posture helps security teams understand emerging vulnerability trends.
By Srilekha Sankaran Product Consultant at ManageEngine, 7/21/2020
Comment0 comments  |  Read  |  Post a Comment
What Organizations Need to Know About IoT Supply Chain Risk
Daniel dos Santos, Research Manager at Forescout TechnologiesCommentary
Here are some factors organizations should consider as they look to limit the risk posed by risks like Ripple20.
By Daniel dos Santos Research Manager at Forescout Technologies, 7/20/2020
Comment1 Comment  |  Read  |  Post a Comment
Third-Party IoT Vulnerabilities: We Need a Cybersecurity Paradigm Shift
Natali Tshuva, Co-Founder & CEO of SternumCommentary
The only entities equipped to safeguard Internet of Things devices against risks are the IoT device manufacturers themselves.
By Natali Tshuva Co-Founder & CEO of Sternum, 7/16/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/14/2020
Lock-Pickers Face an Uncertain Future Online
Seth Rosenblatt, Contributing Writer,  8/10/2020
Hacking It as a CISO: Advice for Security Leadership
Kelly Sheridan, Staff Editor, Dark Reading,  8/10/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 New Cybersecurity Vulnerabilities That Could Put Your Enterprise at Risk
In this Dark Reading Tech Digest, we look at the ways security researchers and ethical hackers find critical vulnerabilities and offer insights into how you can fix them before attackers can exploit them.
Flash Poll
The State of Ransomware
The State of Ransomware
Ransomware has become one of the most prevalent new cybersecurity threats faced by today's enterprises. This new report from Dark Reading includes feedback from IT and IT security professionals about their organization's ransomware experiences, defense plans, and malware challenges. Find out what they had to say!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-17475
PUBLISHED: 2020-08-14
Lack of authentication in the network relays used in MEGVII Koala 2.9.1-c3s allows attackers to grant physical access to anyone by sending packet data to UDP port 5000.
CVE-2020-0255
PUBLISHED: 2020-08-14
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-10751. Reason: This candidate is a duplicate of CVE-2020-10751. Notes: All CVE users should reference CVE-2020-10751 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidenta...
CVE-2020-14353
PUBLISHED: 2020-08-14
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-18270. Reason: This candidate is a duplicate of CVE-2017-18270. Notes: All CVE users should reference CVE-2017-18270 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidenta...
CVE-2020-17464
PUBLISHED: 2020-08-14
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2020-17473
PUBLISHED: 2020-08-14
Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to obtain a long-lasting token by impersonating the server.