Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint //

Authentication

News & Commentary
Why I'd Take Good IT Hygiene Over Security's Latest Silver Bullet
Avi Shua, Co-Founder, Orca SecurityCommentary
Bells and whistles are great, but you can stay safer by focusing on correct configurations, posture management, visibility, and patching.
By Avi Shua Co-Founder, Orca Security, 12/2/2020
Comment0 comments  |  Read  |  Post a Comment
Evidence-Based Trust Gets Black Hat Europe Spotlight
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
An FPGA-based system could change the balance of power between hardware attackers and defenders within IT security.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/23/2020
Comment0 comments  |  Read  |  Post a Comment
Apple Issues Security Updates
Dark Reading Staff, Quick Hits
Vulnerabilities found in three most recent versions of macOS.
By Dark Reading Staff , 11/13/2020
Comment0 comments  |  Read  |  Post a Comment
Credential Stuffing Fills E-commerce Pipeline in 2020
Dark Reading Staff, Quick Hits
There were 1.3 billion attacks in the third quarter alone, according to new analysis from Arkose Labs.
By Dark Reading Staff , 11/12/2020
Comment0 comments  |  Read  |  Post a Comment
Barracuda to Acquire Fyde for Zero-Trust Capabilities
Dark Reading Staff, Quick Hits
Plans call for expanding the Barracuda CloudGen SASE platform.
By Dark Reading Staff , 11/11/2020
Comment0 comments  |  Read  |  Post a Comment
Claroty Details Vulnerabilities in Schneider PLCs
Dark Reading Staff, Quick Hits
The vulnerabilities in a common line of programmable logic controllers could allow attackers to gain control of industrial equipment.
By Dark Reading Staff , 11/10/2020
Comment0 comments  |  Read  |  Post a Comment
Cloud Usage, Biometrics Surge As Remote Work Grows Permanent
Kelly Sheridan, Staff Editor, Dark ReadingNews
A new report reveals organizations are increasing their adoption of biometric authentication and disallowing SMS as a login method.
By Kelly Sheridan Staff Editor, Dark Reading, 11/10/2020
Comment0 comments  |  Read  |  Post a Comment
FTC Announces Consent Agreement With Zoom
Dark Reading Staff, Quick Hits
The agreement covers Zoom's misleading statements on security for its audio and video calling.
By Dark Reading Staff , 11/9/2020
Comment0 comments  |  Read  |  Post a Comment
7 Online Shopping Tips for the Holidays
Steve Zurier, Contributing Writer
The holidays are right around the corner, and that means plenty of online shopping. These tips will help keep you safe.
By Steve Zurier Contributing Writer, 11/9/2020
Comment0 comments  |  Read  |  Post a Comment
How to Increase Voter Turnout & Reduce Fraud
Husayn Kassai, Co-Founder and CEO, OnfidoCommentary
Digital identity verification has advanced, both technologically and legislatively. Is it the answer to simpler, safer voting?
By Husayn Kassai Co-Founder and CEO, Onfido, 10/29/2020
Comment0 comments  |  Read  |  Post a Comment
6 Ways Passwords Fail Basic Security Tests
Curtis Franklin Jr., Senior Editor at Dark Reading
New data shows humans still struggle with password creation and management.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 10/28/2020
Comment3 comments  |  Read  |  Post a Comment
Neural Networks Help Users Pick More-Secure Passwords
Robert Lemos, Contributing WriterNews
Typically, blocklists are used to prevent users from picking easily guessable patterns, but a small neural network can do the same job and suggests that complex password requirements are not necessary.
By Robert Lemos Contributing Writer, 10/26/2020
Comment0 comments  |  Read  |  Post a Comment
Credential-Stuffing Attacks Plague Loyalty Programs
Ericka Chickowski, Contributing WriterNews
But that's not the only type of web attack cybercriminals have been profiting from.
By Ericka Chickowski Contributing Writer, 10/22/2020
Comment0 comments  |  Read  |  Post a Comment
Modern Day Insider Threat: Network Bugs That Are Stealing Your Data
David Pearson, Principal Threat ResearcherCommentary
Attacks involving an unmanaged device and no malware expose gaps in cybersecurity that must be addressed.
By David Pearson Principal Threat Researcher, 10/21/2020
Comment2 comments  |  Read  |  Post a Comment
Businesses Rethink Endpoint Security for 2021
Kelly Sheridan, Staff Editor, Dark ReadingNews
The mass movement to remote work has forced organizations to rethink their long-term plans for endpoint security. How will things look different next year?
By Kelly Sheridan Staff Editor, Dark Reading, 10/20/2020
Comment0 comments  |  Read  |  Post a Comment
Building the Human Firewall
Aamir Lakhani, Cybersecurity Researcher and Practitioner for FortiGuard LabsCommentary
Cybersecurity was a challenge before COVID-19 sent millions of employees home to work from their own devices and networks. Now what?
By Aamir Lakhani Cybersecurity Researcher and Practitioner for FortiGuard Labs, 10/20/2020
Comment0 comments  |  Read  |  Post a Comment
Online Voting Is Coming, but How Secure Will It Be?
Brad Brooks, CEO of OneLoginCommentary
It's time for state governments to act as leaders, adopt digital ID standards, enable new online voting systems, and provide broad-based access to all communities for the benefit of all.
By Brad Brooks CEO of OneLogin, 10/13/2020
Comment0 comments  |  Read  |  Post a Comment
Why MSPs Are Hacker Targets, and What To Do About It
John Hammond, Senior Security Researcher at HuntressCommentary
Managed service providers are increasingly becoming the launching pad of choice for ransomware and other online malfeasance.
By John Hammond Senior Security Researcher at Huntress, 10/9/2020
Comment0 comments  |  Read  |  Post a Comment
'Father of Identity Theft' Sentenced to 207 Months
Dark Reading Staff, Quick Hits
James Jackson was convicted of mail fraud, aggravated identity theft, access device fraud, and theft of mail last year.
By Dark Reading Staff , 10/2/2020
Comment0 comments  |  Read  |  Post a Comment
MFA-Minded Attackers Continue to Figure Out Workarounds
Robert Lemos, Contributing WriterNews
While MFA can improve overall security posture, it's not a "silver bullet" -- and hacks continue.
By Robert Lemos Contributing Writer, 9/28/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Cloud Security Threats for 2021
Or Azarzar, CTO & Co-Founder of Lightspin,  12/3/2020
Why Vulnerable Code Is Shipped Knowingly
Chris Eng, Chief Research Officer, Veracode,  11/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Assessing Cybersecurity Risk in Todays Enterprises
Assessing Cybersecurity Risk in Todays Enterprises
COVID-19 has created a new IT paradigm in the enterprise and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27772
PUBLISHED: 2020-12-04
A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned int`. This would most likely lead to an impact to application availability, but could po...
CVE-2020-27773
PUBLISHED: 2020-12-04
A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` or division by zero. This would most likely lead to an impact to appli...
CVE-2020-28950
PUBLISHED: 2020-12-04
The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4.0 Patch C was vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges during installation process.
CVE-2020-27774
PUBLISHED: 2020-12-04
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of a too large shift for 64-bit type `ssize_t`. This would most likely lead to an impact to application availability, but co...
CVE-2020-27775
PUBLISHED: 2020-12-04
A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char. This would most likely lead to an impact to application availability, but c...