Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

News & Commentary
BEC Busts Take Down Multimillion-Dollar Operations
Kelly Sheridan, Staff Editor, Dark ReadingNews
The two extraditions of business email compromise attackers indicate a step forward for international law enforcement collaboration.
By Kelly Sheridan Staff Editor, Dark Reading, 7/6/2020
Comment0 comments  |  Read  |  Post a Comment
Credit-Card Skimmer Seeks Websites Running Microsoft's ASP.NET
Dark Reading Staff, Quick Hits
The payment-card skimmer targets websites hosted on Microsoft IIS servers and running the ASP.NET web framework.
By Dark Reading Staff , 7/6/2020
Comment0 comments  |  Read  |  Post a Comment
How to Assess More Sophisticated IoT Threats
Jack Mannino, CEO, nVisiumCommentary
Securing the Internet of Things requires diligence in secure development and hardware design throughout the product life cycle, as well as resilience testing and system component analysis.
By Jack Mannino CEO, nVisium, 7/6/2020
Comment0 comments  |  Read  |  Post a Comment
BIG-IP Vulnerabilities Could be Big Trouble for Customers
Dark Reading Staff, Quick Hits
Left unpatched, pair of vulnerabilities could give attackers wide access to a victim's application delivery network.
By Dark Reading Staff , 7/2/2020
Comment0 comments  |  Read  |  Post a Comment
Making Sense of EARN IT & LAED Bills' Implications for Crypto
Seth Rosenblatt, Contributing WriterNews
After Senate Judiciary Committee pushes EARN IT Act a step closer to ratification, raising further concerns for privacy advocates, here's what to know.
By Seth Rosenblatt Contributing Writer, 7/2/2020
Comment0 comments  |  Read  |  Post a Comment
Considerations for Seamless CCPA Compliance
Anurag Kahol, CTO, BitglassCommentary
Three steps to better serve consumers, ensure maximum security, and achieve compliance with the California Consumer Privacy Act.
By Anurag Kahol CTO, Bitglass, 7/2/2020
Comment0 comments  |  Read  |  Post a Comment
Lessons from COVID-19 Cyberattacks: Where Do We Go Next?
Derek Manky, Chief of Security Insights and Global Threat Alliances, FortiGuard LabsCommentary
We need to learn from the attacks and attempts that have occurred in order to prepare for the future.
By Derek Manky Chief of Security Insights and Global Threat Alliances, FortiGuard Labs, 7/2/2020
Comment1 Comment  |  Read  |  Post a Comment
7 IoT Tips for Home Users
Steve Zurier, Contributing Writer
Whether for business or pleasure, you're on your own once you walk into the house with a new Internet of Things device. Here's how to keep everyone secure.
By Steve Zurier Contributing Writer, 7/2/2020
Comment0 comments  |  Read  |  Post a Comment
Chinese Software Company Aisino Uninstalls GoldenSpy Malware
Steve Zurier, Contributing WriterNews
Follow-up sandbox research confirms Aisino knew about the malware in its tax software, though it's still unclear whether it was culpable.
By Steve Zurier Contributing Writer, 7/1/2020
Comment0 comments  |  Read  |  Post a Comment
Microsoft Issues Out-of-Band Patches for RCE Flaws
Dark Reading Staff, Quick Hits
Vulnerabilities had not been exploited or publicly disclosed before fixes were released, Microsoft reports.
By Dark Reading Staff , 7/1/2020
Comment0 comments  |  Read  |  Post a Comment
4 Steps to a More Mature Identity Program
Mike Kiser, Global Security Advocate, Office of the CTO, SailPointCommentary
Security has evolved to evaluate an identity's attributes, access, and behavior to determine appropriate access.
By Mike Kiser Global Security Advocate, Office of the CTO, SailPoint, 7/1/2020
Comment0 comments  |  Read  |  Post a Comment
Another COVID-19 Side Effect: Rising Nation-State Cyber Activity
Stephen Ward, VP, ThreatConnectCommentary
While financial institutions and government remain popular targets, COVID-19 research organizations are now also in the crosshairs.
By Stephen Ward VP, ThreatConnect, 7/1/2020
Comment1 Comment  |  Read  |  Post a Comment
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark ReadingNews
A series of IoT vulnerabilities could put hospital networks, medical data, and patient safety at risk.
By Kelly Sheridan Staff Editor, Dark Reading, 6/30/2020
Comment12 comments  |  Read  |  Post a Comment
COVID-19 Puts ICS Security Initiatives 'On Pause'
Nicole Ferraro, Contributing WriterNews
Security pros concerned that increased remote access to vulnerable operational technology and stalled efforts to harden OT environments puts critical infrastructure at greater risk.
By Nicole Ferraro Contributing Writer, 6/30/2020
Comment1 Comment  |  Read  |  Post a Comment
CISA Issues Advisory on Home Routers
Dark Reading Staff, Quick Hits
The increase in work-from-home employees raises the importance of home router security.
By Dark Reading Staff , 6/30/2020
Comment1 Comment  |  Read  |  Post a Comment
3 Ways to Flatten the Health Data Hacking Curve
David MacLeod, Senior Vice President, Chief Information Officer, and Enterprise CISO at WelltokCommentary
With more people working from home, health data security is more challenging but vitally important. These tips can help safeguard healthcare data.
By David MacLeod Senior Vice President, Chief Information Officer, and Enterprise CISO at Welltok, 6/30/2020
Comment0 comments  |  Read  |  Post a Comment
Contact Tracing & Threat Intel: Broken Tools & Processes
Doug Helton, Chief Strategy Officer & VP Intelligence, King & UnionCommentary
How epidemiology can solve the people problem in security.
By Doug Helton Chief Strategy Officer & VP Intelligence, King & Union, 6/25/2020
Comment0 comments  |  Read  |  Post a Comment
No Internet Access? Amid Protests, Here's How to Tell Whether the Government Is Behind it
Seth Rosenblatt, Contributing WriterNews
Government-mandated Internet shutdowns occur far more regularly than you might expect.
By Seth Rosenblatt Contributing Writer, 6/24/2020
Comment0 comments  |  Read  |  Post a Comment
Rethinking Enterprise Access, Post-COVID-19
Dor Knafo, Co-Founder & CEO of Axis SecurityCommentary
New approaches will allow businesses to reduce risk while meeting the needs of users, employees, and third parties. Here are three issues to consider when reimagining enterprise application access.
By Dor Knafo Co-Founder & CEO of Axis Security, 6/24/2020
Comment0 comments  |  Read  |  Post a Comment
Microsoft Previews Windows Defender ATP for Android
Dark Reading Staff, Quick Hits
In addition, the first release of Defender ATP for Linux is now generally available.
By Dark Reading Staff , 6/23/2020
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by Qualitybacklinks
Current Conversations yes, i hope so
In reply to: Re: Affected devices
Post Your Own Reply
Posted by FlynneTrobe
Current Conversations yes, i hope so
In reply to: Re: Affected devices
Post Your Own Reply
Posted by NoahSorell
Current Conversations Really!
In reply to: Re: Not surprising
Post Your Own Reply
More Conversations
PR Newswire
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/6/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5595
PUBLISHED: 2020-07-07
TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model) contains a buffer overflow vulnerability, which may allow a remote attacker to stop the network functions of the products or execute...
CVE-2020-5596
PUBLISHED: 2020-07-07
TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model) does not properly manage sessions, which may allow a remote attacker to stop the network functions of the products or execute a mali...
CVE-2020-5597
PUBLISHED: 2020-07-07
TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model) contains a null pointer dereference vulnerability, which may allow a remote attacker to stop the network functions of the products o...
CVE-2020-5598
PUBLISHED: 2020-07-07
TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model) contains an improper access control vulnerability, which may which may allow a remote attacker tobypass access restriction and stop ...
CVE-2020-5599
PUBLISHED: 2020-07-07
TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model) contains an improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability, which may allow a remo...