Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

News & Commentary
Researchers Find New Approach to Attacking Cloud Infrastructure
Kelly Sheridan, Staff Editor, Dark ReadingNews
Cloud APIs' accessibility over the Internet opens a new window for adversaries to gain highly privileged access to cloud assets.
By Kelly Sheridan Staff Editor, Dark Reading, 11/11/2019
Comment0 comments  |  Read  |  Post a Comment
5 Security Processes You Shouldn't Overlook During M&A
Julie Cullivan, Chief Technology and People Officer, Forescout TechnologiesCommentary
Security needs to be a central element of due diligence if a merger or acquisition is to succeed
By Julie Cullivan Chief Technology and People Officer, Forescout Technologies, 11/11/2019
Comment0 comments  |  Read  |  Post a Comment
Hospital Cyberattacks Linked to Increase in Heart Attack Mortality
Dark Reading Staff, Quick Hits
Breach remediation processes adversely impact timeliness in patient care and outcomes, a new study finds.
By Dark Reading Staff , 11/8/2019
Comment0 comments  |  Read  |  Post a Comment
9 Principles to Simplify Security
Menny Barzilay, CEO at Cytactic & Founder of the THINK:CYBER NewsletterCommentary
This isn't a one-size-fits-all situation. Simplify as much as you can, as the saying goes, but no more than that.
By Menny Barzilay CEO at Cytactic & Founder of the THINK:CYBER Newsletter, 11/8/2019
Comment0 comments  |  Read  |  Post a Comment
Twitter & Trend Micro Fall Victim to Malicious Insiders
Jai Vijayan, Contributing WriterNews
The companies are the latest on a long and growing list of organizations that have fallen victim to users with legitimate access to enterprise systems and data.
By Jai Vijayan Contributing Writer, 11/7/2019
Comment0 comments  |  Read  |  Post a Comment
TA542 Brings Back Emotet with Late September Spike
Kelly Sheridan, Staff Editor, Dark ReadingNews
Overall volumes of banking Trojans and RATs increased during the third quarter, when Emotet was suspiciously absent until mid-September.
By Kelly Sheridan Staff Editor, Dark Reading, 11/7/2019
Comment0 comments  |  Read  |  Post a Comment
PayPal Upsets Microsoft as Phishers' Favorite Brand
Dark Reading Staff, Quick Hits
Several factors edged the world's most popular payment service into the top spot.
By Dark Reading Staff , 11/7/2019
Comment0 comments  |  Read  |  Post a Comment
The Cold Truth about Cyber Insurance
Chris Kennedy, CISO & VP Customer Success, AttackIQCommentary
There is no premium that will recover the millions of dollars your company spends on R&D if your intellectual property is hacked and stolen.
By Chris Kennedy CISO & VP Customer Success, AttackIQ, 11/7/2019
Comment3 comments  |  Read  |  Post a Comment
Kaspersky Analysis Shines Light on DarkUniverse APT Group
Jai Vijayan, Contributing WriterNews
Threat actor was active between 2009 and 2017, targeting military, government, and private organizations.
By Jai Vijayan Contributing Writer, 11/7/2019
Comment0 comments  |  Read  |  Post a Comment
Black Hat Q&A: Hacking a '90s Sports Car
Black Hat Staff,  News
Security researcher Stanislas Lejay offers a preview of his upcoming Black Hat Europe talk on automotive engine computer management and hardware reverse engineering.
By By Alex Wawro, Special to Dark Reading , 11/7/2019
Comment1 Comment  |  Read  |  Post a Comment
Accounting Scams Continue to Bilk Businesses
Robert Lemos, Contributing WriterNews
Yes, ransomware is plaguing businesses and government organizations, but impersonators inserting themselves into financial workflows most often via e-mail continue to enable big paydays.
By Robert Lemos Contributing Writer, 11/6/2019
Comment0 comments  |  Read  |  Post a Comment
Social Media: Corporate Cyber Espionage's Channel of Choice
Otavio Freire, CTO & President, SafeGuard CyberCommentary
Proactive defense and automation can help your company deal with scale and prioritize risks in order to more efficiently fight cyber espionage.
By Otavio Freire CTO & President, SafeGuard Cyber, 11/6/2019
Comment0 comments  |  Read  |  Post a Comment
The Uphill Battle of Triaging Alerts
Anton Chuvakin, Head of Security Solution Strategy, ChronicleCommentary
Prioritizing alerts is foundational to security, but almost every organization struggles to manage this process efficiently. Here's what you can do about it.
By Anton Chuvakin Head of Security Solution Strategy, Chronicle, 11/6/2019
Comment0 comments  |  Read  |  Post a Comment
Disclosure Does Little to Dissuade Cyber Spies
Robert Lemos, Contributing WriterNews
In the past, outing nation-state cyber espionage groups caused a few to close up shop, but nowadays actors are more likely to switch to new infrastructure and continue operations.
By Robert Lemos Contributing Writer, 11/5/2019
Comment0 comments  |  Read  |  Post a Comment
The State of Email Security and Protection
Mike Flouton, Vice President of Email Security at Barracuda NetworksCommentary
Phishing and ransomware top the list of security risks that organizations are not fully prepared to deal with.
By Mike Flouton Vice President of Email Security at Barracuda Networks, 11/5/2019
Comment1 Comment  |  Read  |  Post a Comment
First Bluekeep Exploit Found in the Wild
Dark Reading Staff, Quick Hits
Crashing honeypots alerted the researcher who found the Bluekeep vulnerability.
By Dark Reading Staff , 11/4/2019
Comment0 comments  |  Read  |  Post a Comment
Details of Attack on Electric Utility Emerge
Dark Reading Staff, Quick Hits
The March 5 DDoS attack interrupted communications between generating facilities and the electrical grid in three western states.
By Dark Reading Staff , 11/1/2019
Comment0 comments  |  Read  |  Post a Comment
Google Patches Chrome Zero-Day Under Active Attack
Dark Reading Staff, Quick Hits
The fix addresses CVE-2019-13720, a high-severity, use-after-free vulnerability discovered by Kaspersky Lab researchers.
By Dark Reading Staff , 11/1/2019
Comment0 comments  |  Read  |  Post a Comment
32,000+ WiFi Routers Potentially Exposed to New Gafgyt Variant
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers detect an updated Gafgyt variant that targets flaws in small office and home wireless routers from Zyxel, Huawei, and Realtek.
By Kelly Sheridan Staff Editor, Dark Reading, 10/31/2019
Comment0 comments  |  Read  |  Post a Comment
Chinese Cyber Espionage Group Steals SMS Messages via Telco Networks
Jai Vijayan, Contributing WriterNews
APT41's new campaign is latest to highlight trend by Chinese threat groups to attack upstream service providers as a way to reach its intended targets, FireEye says.
By Jai Vijayan Contributing Writer, 10/31/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by anthonydrobbins
Current Conversations hihihi
In reply to: thank for somuch
Post Your Own Reply
More Conversations
PR Newswire
The Cold Truth about Cyber Insurance
Chris Kennedy, CISO & VP Customer Success, AttackIQ,  11/7/2019
6 Small-Business Password Managers
Curtis Franklin Jr., Senior Editor at Dark Reading,  11/8/2019
Black Hat Q&A: Hacking a '90s Sports Car
Black Hat Staff, ,  11/7/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprise
Assessing Cybersecurity Risk in Today's Enterprise
Security leaders are struggling to understand their organizations risk exposure. While many are confident in their security strategies and processes, theyre also more concerned than ever about getting breached. Download this report today and get insights on how today's enterprises assess and perceive the risks they face in 2019!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18862
PUBLISHED: 2019-11-11
maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode.
CVE-2019-18853
PUBLISHED: 2019-11-11
ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XML_PARSE_HUGE is not properly restricted in coders/svg.c, related to SVG and libxml2.
CVE-2019-18854
PUBLISHED: 2019-11-11
A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to unlimited recursion for a '<use ... xlink:href="#identifier">' substring.
CVE-2019-18855
PUBLISHED: 2019-11-11
A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to potentially unwanted elements or attributes.
CVE-2019-18856
PUBLISHED: 2019-11-11
A Denial Of Service vulnerability exists in the SVG Sanitizer module through 8.x-1.0-alpha1 for Drupal because access to external resources with an SVG use element is mishandled.