IoT
News & Commentary
Modern Cybersecurity Demands a Different Corporate Mindset
Marc Wilczek, Digital Strategist & CIO AdvisorCommentary
Very few organizations have fully incorporated all relevant risks and threats into their current digital strategy, research finds.
By Marc Wilczek Digital Strategist & CIO Advisor, 6/15/2018
Comment0 comments  |  Read  |  Post a Comment
Mobile App Threats Continue to Grow
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Criminals looking to profit from corporate resources and information keep going after mobile devices, two new reports confirm.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/14/2018
Comment0 comments  |  Read  |  Post a Comment
Dark Reading Launches Second INsecurity Conference
Tim Wilson, Editor in Chief, Dark Reading, News
To be held in Chicago Oct. 23-25, defense-focused conference will feature closed-door discussions, co-resident Black Hat Training sessions
By Tim Wilson, Editor in Chief, Dark Reading , 6/5/2018
Comment0 comments  |  Read  |  Post a Comment
Building a Safe, Efficient, Cost-Effective Security Infrastructure
Ken Mills, General Manager of IoT, Surveillance and Security, Dell EMCCommentary
The Industrial Internet of Things allows organizations to address both physical and digital security concerns.
By Ken Mills General Manager of IoT, Surveillance and Security, Dell EMC, 6/4/2018
Comment0 comments  |  Read  |  Post a Comment
New Federal Report Gives Guidance on Beating Botnets
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A report from the Departments of Commerce and Homeland Security provides five goals for protecting infrastructure from botnets and other automated threats.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/31/2018
Comment1 Comment  |  Read  |  Post a Comment
Over 5K Gas Station Tank Gauges Sit Exposed on the Public Net
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
One gas station failed its PCI compliance test due to security holes in its automated gas tank gauge configuration, researcher says.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/29/2018
Comment0 comments  |  Read  |  Post a Comment
Alexa Mishap Hints at Potential Enterprise Security Risk
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
When Alexa mailed a copy of a couple's conversation to a contact, it raised warning flags for security professionals in organizations.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/29/2018
Comment7 comments  |  Read  |  Post a Comment
Wicked Mirai Brings New Exploits to IoT Botnets
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
The latest variant of the venerable Mirai botnet malware combines approaches and brings new exploits to the world of IoT security challenges.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/25/2018
Comment0 comments  |  Read  |  Post a Comment
DOJ Sinkholes VPNFilter Control Servers Found in US
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
The US Department of Justice said the move aims to thwart the spread of the botnet as part of its investigation into Russian nation-state hacking group APT28 aka Fancy Bear.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/24/2018
Comment0 comments  |  Read  |  Post a Comment
Pet Tracker Flaws Expose Pets and Their Owners to Cybercrime
Dark Reading Staff, Quick Hits
Hackers can exploit vulnerabilities in popular pet trackers to intercept location coordinates and access owners' personal data.
By Dark Reading Staff , 5/22/2018
Comment1 Comment  |  Read  |  Post a Comment
7 Tools for Stronger IoT Security, Visibility
Curtis Franklin Jr., Senior Editor at Dark Reading
If you don't know what's on your IoT network, you don't know what to protect -- or protect from. These tools provide visibility into your network so you can be safe with (and from) what you see.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/16/2018
Comment0 comments  |  Read  |  Post a Comment
Why Enterprises Can't Ignore Third-Party IoT-Related Risks
Charlie Miller, Senior Vice President, The Santa Fe GroupCommentary
There's a major disconnect between Internet of Things governance and risk management, according to a new report. Follow these five steps to address the risks.
By Charlie Miller Senior Vice President, The Santa Fe Group, 5/14/2018
Comment2 comments  |  Read  |  Post a Comment
Hide and Seek Brings Persistence to IoT Botnets
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
The rapidly evolving Hide and Seek botnet is now persistent on a wide range of infected IoT devices.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/11/2018
Comment1 Comment  |  Read  |  Post a Comment
8 Ways Hackers Can Game Air Gap Protections
Ericka Chickowski, Contributing Writer, Dark Reading
Isolating critical systems from connectivity isn't a guarantee they can't be hacked.
By Ericka Chickowski Contributing Writer, Dark Reading, 5/11/2018
Comment0 comments  |  Read  |  Post a Comment
17 Zero-Days Found & Fixed in OPC-UA Industrial Protocol Implementations
Dark Reading Staff, Quick Hits
Vulnerabilities in the framework used for secure data transfer in industrial systems were all fixed by March, says Kaspersky Lab.
By Dark Reading Staff , 5/10/2018
Comment0 comments  |  Read  |  Post a Comment
Microsoft's Patch Tuesday Fixes Two CVEs Under Active Attack
Kelly Sheridan, Staff Editor, Dark ReadingNews
This month's updates addressed vulnerabilities in Windows, Office, Edge, Internet Explorer, .Net Framework, Exchange Server, and other services.
By Kelly Sheridan Staff Editor, Dark Reading, 5/8/2018
Comment0 comments  |  Read  |  Post a Comment
10 Lessons From an IoT Demo Lab
Curtis Franklin Jr., Senior Editor at Dark Reading
The Demo Lab at InteropITX 2018 was all about IoT and the traffic - legitimate and malicious - it adds to an enterprise network.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/7/2018
Comment0 comments  |  Read  |  Post a Comment
Defending Against an Automated Attack Chain: Are You Ready?
Derek Manky, Global Security Strategist, FortinetCommentary
Recent threats like AutoSploit bring malware-as-a-service to a whole new level. Here are four ways to be prepared.
By Derek Manky Global Security Strategist, Fortinet, 5/7/2018
Comment0 comments  |  Read  |  Post a Comment
12 Trends Shaping Identity Management
Sara Peters, Senior Editor at Dark Reading
As IAM companies try to stretch 'identity context' into all points of the cybersecurity market, identity is becoming 'its own solar system.'
By Sara Peters Senior Editor at Dark Reading, 4/26/2018
Comment1 Comment  |  Read  |  Post a Comment
Deconstructing the Possibilities and Realities of Enterprise IoT Security
Bill Kleyman, Writer/Blogger/SpeakerCommentary
Organizations are rushing to leverage Internet of Things solutions but struggle to design the information technology architectures that will lock down the data these devices create.
By Bill Kleyman Writer/Blogger/Speaker, 4/24/2018
Comment2 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Meet 'Bro': The Best-Kept Secret of Network Security
Greg Bell, CEO, Corelight,  6/14/2018
Four Faces of Fraud: Identity, 'Fake' Identity, Ransomware & Digital
David Shefter, Chief Technology Officer at Ziften Technologies,  6/14/2018
Containerized Apps: An 8-Point Security Checklist
Jai Vijayan, Freelance writer,  6/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-5236
PUBLISHED: 2018-06-20
Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may be susceptible to a race condition (or race hazard). This type of issue occurs in software where the output is dependent on the sequence or timing of other uncontrollable events.
CVE-2018-5237
PUBLISHED: 2018-06-20
Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.
CVE-2018-6211
PUBLISHED: 2018-06-20
On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, OS command injection is possible as a result of incorrect processing of the res_buf parameter to index.cgi.
CVE-2018-6212
PUBLISHED: 2018-06-20
On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, a reflected Cross-Site Scripting (XSS) attack is possible as a result of missed filtration for special characters in the "Search" field and incorrect proc...
CVE-2018-6213
PUBLISHED: 2018-06-20
In the web server on D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, there is a hardcoded password of anonymous for the admin account.