Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

News & Commentary
Bluetooth Security Weaknesses Pile Up, While Patching Remains Problematic
Robert Lemos, Contributing WriterNews
Turns out, creating wireless ecosystems for a vast number of different architectures, configurations, and use cases is hard.
By Robert Lemos Contributing Writer, 9/24/2020
Comment0 comments  |  Read  |  Post a Comment
Critical Instagram Flaw Could Let Attackers Spy on Victims
Kelly Sheridan, Staff Editor, Dark ReadingNews
A now-patched remote code execution vulnerability could be exploited with a specially sized image file, researchers report.
By Kelly Sheridan Staff Editor, Dark Reading, 9/24/2020
Comment0 comments  |  Read  |  Post a Comment
7 Non-Technical Skills Threat Analysts Should Master to Keep Their Jobs
Dov Lerner, Security Research Lead, SixgillCommentary
It's not just technical expertise and certifications that enable analysts to build long-term careers in cybersecurity.
By Dov Lerner Security Research Lead, Sixgill, 9/23/2020
Comment0 comments  |  Read  |  Post a Comment
New Google Search Hacks Push Viruses & Porn
David Balaban, Editor at Privacy-PC.comCommentary
Three incidents demonstrate how cybercriminals leverage the scourge of black-hat search engine optimization to manipulate search results.
By David Balaban Editor at Privacy-PC.com, 9/22/2020
Comment0 comments  |  Read  |  Post a Comment
Legality of Security Research to Be Decided in US Supreme Court Case
Robert Lemos, Contributing WriterNews
A ruling that a police officer's personal use of a law enforcement database is "hacking" has security researchers worried for the future.
By Robert Lemos Contributing Writer, 9/9/2020
Comment1 Comment  |  Read  |  Post a Comment
Post-COVID-19 Security Spending Update
Ericka Chickowski, Contributing Writer
Security spending growth will slow in 2020, but purse strings are looser than for other areas of IT.
By Ericka Chickowski Contributing Writer, 9/8/2020
Comment0 comments  |  Read  |  Post a Comment
Malicious Android Apps Slip Through Google Play Protection
Dark Reading Staff, Quick Hits
Multiple Android apps were found spying on users and recruiting victims' devices into ad-fraud botnets.
By Dark Reading Staff , 8/31/2020
Comment1 Comment  |  Read  |  Post a Comment
Data Privacy Concerns, Lack of Trust Foil Automated Contact Tracing
Robert Lemos, Contributing WriterNews
Efforts to create a technology framework for alerting people to whether they have been exposed to an infectious disease have been hindered by a number of key issues.
By Robert Lemos Contributing Writer, 8/28/2020
Comment1 Comment  |  Read  |  Post a Comment
CISA Releases 5G Security Guidelines
Dark Reading Staff, Quick Hits
The new document defines lines of effort for developing security for the growing 5G network.
By Dark Reading Staff , 8/24/2020
Comment0 comments  |  Read  |  Post a Comment
Large Ad Network Collects Private Activity Data, Reroutes Clicks
Robert Lemos, Contributing WriterNews
A Chinese mobile advertising firm has modified code in the software development kit included in more than 1,200 apps, maliciously collecting user activity and performing ad fraud, says Snyk, a software security firm.
By Robert Lemos Contributing Writer, 8/24/2020
Comment0 comments  |  Read  |  Post a Comment
Banks and the New Abnormal
Matt Deres, SVP, Chief Information Officer, Rocket SoftwareCommentary
Banks have hesitated to adopt many strong security practices, and for understandable reasons. But now is the time to be bold.
By Matt Deres SVP, Chief Information Officer, Rocket Software, 8/20/2020
Comment2 comments  |  Read  |  Post a Comment
7 Ways to Keep Your Remote Workforce Safe
Steve Zurier, Contributing Writer
These tips will help you chart a course for a security strategy that just may become part of the normal way organizations will function over the next several years.
By Steve Zurier Contributing Writer, 8/14/2020
Comment3 comments  |  Read  |  Post a Comment
400+ Qualcomm Chip Vulnerabilities Threaten Millions of Android Phones
Kelly Sheridan, Staff Editor, Dark ReadingNews
Security researchers found hundreds of pieces of vulnerable code in the Qualcomm Snapdragon chips powering Android phones.
By Kelly Sheridan Staff Editor, Dark Reading, 8/7/2020
Comment0 comments  |  Read  |  Post a Comment
Voatz Delivers Multilayered Security to Protect Electronic Voting
Terry Sweeney, Contributing EditorNews
SPONSORED CONTENT: While electronic voting has been plagued by fears of tampering or fraud, Voatz is looking to make the process more transparent and auditable, according to company founder Nimit Sawhney. He offers learning points from three recent pilots that highlight how governments can improve the integrity and better protect the voting process and its data.
By Terry Sweeney Contributing Editor, 8/5/2020
Comment0 comments  |  Read  |  Post a Comment
Google & Amazon Replace Apple as Phishers' Favorite Brands
Dark Reading Staff, Quick Hits
Google and Amazon were the most imitated brands in the second quarter, knocking out Apple.
By Dark Reading Staff , 8/4/2020
Comment0 comments  |  Read  |  Post a Comment
Google Adds Security Updates to Chrome Autofill
Dark Reading Staff, Quick Hits
Chrome users can retrieve payment card numbers via biometric authentication and use a new "touch-to-fill: feature to log in to accounts.
By Dark Reading Staff , 7/30/2020
Comment0 comments  |  Read  |  Post a Comment
11 Security Tools to Expect at the Black Hat USA 2020 Arsenal Virtual Event
Jai Vijayan, Contributing Writer
More than 130 security researchers and developers are ready to showcase their work.
By Jai Vijayan Contributing Writer, 7/29/2020
Comment1 Comment  |  Read  |  Post a Comment
Security Flaws Discovered in OKCupid Dating Service
Dark Reading Staff, Quick Hits
Researchers identified a variety of vulnerabilities in apps and websites for the popular online dating platform.
By Dark Reading Staff , 7/29/2020
Comment1 Comment  |  Read  |  Post a Comment
Cybersecurity Lessons from the Pandemic
Monica Verma, CISO and Board Member of Cloud Security Alliance NorwayCommentary
How does cybersecurity support business and society? The pandemic shows us.
By Monica Verma CISO and Board Member of Cloud Security Alliance Norway, 7/22/2020
Comment3 comments  |  Read  |  Post a Comment
Keys for a Safe Return to the Post-Quarantine Office
Curtis Franklin Jr., Senior Editor at Dark Reading
Security teams will need to keep these important considerations in mind as employees make their way back to the workplace.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 7/20/2020
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by nobesityahmedabad
Current Conversations Very useful information
In reply to: Re: Chart
Post Your Own Reply
More Conversations
PR Newswire
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/25/2020
Hacking Yourself: Marie Moe and Pacemaker Security
Gary McGraw Ph.D., Co-founder Berryville Institute of Machine Learning,  9/21/2020
Startup Aims to Map and Track All the IT and Security Things
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/22/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15208
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a `DCHECK` which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can ...
CVE-2020-15209
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a `nullptr` buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one....
CVE-2020-15210
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption. We have patched the issue in d58c96946b and ...
CVE-2020-15211
PUBLISHED: 2020-09-25
In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format uses indices f...
CVE-2020-15212
PUBLISHED: 2020-09-25
In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to `segment_ids_data` can alter `output_index` and then write to outside of `outpu...