Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

News & Commentary
DHS CISA Warns of Phishing Emails Rigged with KONNI Malware
Dark Reading Staff, Quick Hits
Konni is a remote administration tool cyberattackers use to steal files, capture keystrokes, take screenshots, and execute malicious code.
By Dark Reading Staff , 8/14/2020
Comment0 comments  |  Read  |  Post a Comment
7 Ways to Keep Your Remote Workforce Safe
Steve Zurier, Contributing Writer
These tips will help you chart a course for a security strategy that just may become part of the normal way organizations will function over the next several years.
By Steve Zurier Contributing Writer, 8/14/2020
Comment1 Comment  |  Read  |  Post a Comment
WFH Summer 2020 Caption Contest Winners
Marilyn Cohodas, Managing Editor, Dark ReadingCommentary
Clever wordplay on sandcastles, sandboxes, zero trust. and granular controls. And the winners are ...
By Marilyn Cohodas Managing Editor, Dark Reading, 8/14/2020
Comment0 comments  |  Read  |  Post a Comment
RedCurl APT Group Hacks Global Companies for Corporate Espionage
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers analyze a presumably Russian-speaking APT group that has been stealing corporate data since 2018.
By Kelly Sheridan Staff Editor, Dark Reading, 8/13/2020
Comment0 comments  |  Read  |  Post a Comment
With iOS's Privacy Nutrition Label, Apple Upstages Regulators
Heather Federman, VP of Privacy & Policy at BigIDCommentary
New iOS privacy features require developers to disclose what data they're collecting, how they're using it, and with whom they share it.
By Heather Federman VP of Privacy & Policy at BigID, 8/13/2020
Comment0 comments  |  Read  |  Post a Comment
Emotet Return Brings New Tactics & Evasion Techniques
Kelly Sheridan, Staff Editor, Dark ReadingNews
Security researchers tracking Emotet report its reemergence brings new tricks, including new evasion techniques to bypass security tools.
By Kelly Sheridan Staff Editor, Dark Reading, 8/13/2020
Comment0 comments  |  Read  |  Post a Comment
Using 'Data for Good' to Control the Pandemic
Neil Sweeney, Founder & CEO, KilliCommentary
The tech community should unite to develop and distribute a universal COVID-19 contact-tracing application. Here's why and how.
By Neil Sweeney Founder & CEO, Killi, 8/12/2020
Comment0 comments  |  Read  |  Post a Comment
SANS Security Training Firm Hit with Data Breach
Dark Reading Staff, Quick Hits
A phishing email allowed an attacker to compromise a SANS employee's email environment, the organization reports.
By Dark Reading Staff , 8/12/2020
Comment0 comments  |  Read  |  Post a Comment
Kr00k, KRACK, and the Seams in Wi-Fi, IoT Encryption
Ericka Chickowski, Contributing WriterNews
Black Hat talk expands on research that uncovered more weaknesses in Wi-Fi chips allowing for the unauthorized decryption of traffic.
By Ericka Chickowski Contributing Writer, 8/12/2020
Comment0 comments  |  Read  |  Post a Comment
Microsoft Patches 120 Vulnerabilities, Two Zero-Days
Kelly Sheridan, Staff Editor, Dark ReadingNews
The August 2020 Patch Tuesday marks the sixth month in a row Microsoft released patches for more than 110 vulnerabilities.
By Kelly Sheridan Staff Editor, Dark Reading, 8/11/2020
Comment0 comments  |  Read  |  Post a Comment
Zoom Vulnerabilities Demonstrated in DEF CON Talk
Dark Reading Staff, Quick Hits
A security researcher demonstrated multiple vulnerabilities, two of which could let an attacker read and steal user data.
By Dark Reading Staff , 8/11/2020
Comment0 comments  |  Read  |  Post a Comment
EU-US Privacy Shield Dissolution: What Happens Next?
Sam Curry, CSO, CybereasonCommentary
In a world that isn't private by design, security and liability implications for US-based cloud companies are huge.
By Sam Curry CSO, Cybereason, 8/11/2020
Comment0 comments  |  Read  |  Post a Comment
How to Help Spoil the Cybercrime Economy
Marc Wilczek, Digital Strategist & COO of Link11Commentary
Cybercrime increasingly is turning into a commodity. Stolen PII data and hijacked cloud accounts especially propel the spread, research shows.
By Marc Wilczek Digital Strategist & COO of Link11, 8/11/2020
Comment0 comments  |  Read  |  Post a Comment
17 Essential Stats About the State of Consumer Privacy
Ericka Chickowski, Contributing Writer
These illuminating numbers offer a glimpse into current consumer attitudes and enterprise readiness for protecting their customers' personal data.
By Ericka Chickowski Contributing Writer, 8/11/2020
Comment0 comments  |  Read  |  Post a Comment
Hacking It as a CISO: Advice for Security Leadership
Kelly Sheridan, Staff Editor, Dark ReadingNews
A security leader shares tips for adopting a CISO mindset, creating risk management strategies, and "selling infosec" to IT and executives.
By Kelly Sheridan Staff Editor, Dark Reading, 8/10/2020
Comment1 Comment  |  Read  |  Post a Comment
Q2 DDoS Attacks Triple Year Over Year: Report
Dark Reading Staff, Quick Hits
Distributed denial-of-service attacks have stayed consistently high throughout 2020, a shift from normal attack trends that researchers attribute to COVID-19.
By Dark Reading Staff , 8/10/2020
Comment0 comments  |  Read  |  Post a Comment
Digital Clones Could Cause Problems for Identity Systems
Robert Lemos, Contributing WriterNews
Three fundamental technologies -- chatbots, audio fakes, and deepfake videos -- have improved to the point that creating digital, real-time clones of people is merely a matter of integrating the systems.
By Robert Lemos Contributing Writer, 8/8/2020
Comment0 comments  |  Read  |  Post a Comment
Researcher Finds New Office Macro Attacks for MacOS
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Building successful macro attacks means getting past several layers of security, but a Black Hat speaker found a way through.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/7/2020
Comment2 comments  |  Read  |  Post a Comment
IoT Security During COVID-19: What We've Learned & Where We're Going
Aamir Lakhani, Cybersecurity Researcher and Practitioner for FortiGuard LabsCommentary
Vigilance and ongoing training combined with an integrated security framework are key aspects of a successful strategy in the fight against the latest crop of pandemic opportunists.
By Aamir Lakhani Cybersecurity Researcher and Practitioner for FortiGuard Labs, 8/7/2020
Comment0 comments  |  Read  |  Post a Comment
Researchers Create New Framework to Evaluate User Security Awareness
Jai Vijayan, Contributing WriterNews
Approaches based on questionnaires and self-evaluation are not always a good indicator of how well a user can mitigate social engineering threats.
By Jai Vijayan Contributing Writer, 8/6/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/14/2020
Lock-Pickers Face an Uncertain Future Online
Seth Rosenblatt, Contributing Writer,  8/10/2020
Hacking It as a CISO: Advice for Security Leadership
Kelly Sheridan, Staff Editor, Dark Reading,  8/10/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 New Cybersecurity Vulnerabilities That Could Put Your Enterprise at Risk
In this Dark Reading Tech Digest, we look at the ways security researchers and ethical hackers find critical vulnerabilities and offer insights into how you can fix them before attackers can exploit them.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-17475
PUBLISHED: 2020-08-14
Lack of authentication in the network relays used in MEGVII Koala 2.9.1-c3s allows attackers to grant physical access to anyone by sending packet data to UDP port 5000.
CVE-2020-0255
PUBLISHED: 2020-08-14
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-10751. Reason: This candidate is a duplicate of CVE-2020-10751. Notes: All CVE users should reference CVE-2020-10751 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidenta...
CVE-2020-14353
PUBLISHED: 2020-08-14
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-18270. Reason: This candidate is a duplicate of CVE-2017-18270. Notes: All CVE users should reference CVE-2017-18270 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidenta...
CVE-2020-17464
PUBLISHED: 2020-08-14
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2020-17473
PUBLISHED: 2020-08-14
Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to obtain a long-lasting token by impersonating the server.