IoT
News & Commentary
Necurs Botnet Goes Phishing for Banks
Kelly Sheridan, Staff Editor, Dark ReadingNews
A new Necurs botnet campaign targets thousands of banks with a malicious file dropping the FlawedAmmyy remote-access Trojan.
By Kelly Sheridan Staff Editor, Dark Reading, 8/16/2018
Comment0 comments  |  Read  |  Post a Comment
Researcher Finds MQTT Hole in IoT Defenses
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A commonly used protocol provides a gaping backdoor when misconfigured.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/16/2018
Comment0 comments  |  Read  |  Post a Comment
Miller & Valasek: Security Stakes Higher for Autonomous Vehicles
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Car hacking specialists shift gears and work on car defense in their latest gigs - at GM subsidiary Cruise Automation.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/15/2018
Comment1 Comment  |  Read  |  Post a Comment
2018 Pwnie Awards: Who Pwned, Who Got Pwned
Kelly Sheridan, Staff Editor, Dark Reading
A team of security experts round up the best and worst of the year in cybersecurity at Black Hat 2018.
By Kelly Sheridan Staff Editor, Dark Reading, 8/15/2018
Comment0 comments  |  Read  |  Post a Comment
Gartner Says IT Security Spending to Hit $124B in 2019
Dark Reading Staff, Quick Hits
Global IT security spending will grow 12.4% in 2018 and another 8.7% in 2019.
By Dark Reading Staff , 8/15/2018
Comment1 Comment  |  Read  |  Post a Comment
Vulnerable Smart City Devices Can Be Exploited To Cause Panic, Chaos
Jai Vijayan, Freelance writerNews
False alerts about floods, radiation levels are just some of the ways attackers can abuse weakly protected IoT devices, researchers warn.
By Jai Vijayan Freelance writer, 8/10/2018
Comment0 comments  |  Read  |  Post a Comment
IoT Malware Discovered Trying to Attack Satellite Systems of Airplanes, Ships
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Researcher Ruben Santamarta shared the details of his successful hack of an in-flight airplane Wi-Fi network and other findings at Black Hat USA today.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/9/2018
Comment0 comments  |  Read  |  Post a Comment
Dark Reading News Desk Live at Black Hat USA 2018
Sara Peters, Senior Editor at Dark ReadingNews
Watch here Wednesday and Thursday, 2 p.m. - 6 p.m. ET to see over 40 live video interviews straight from the Black Hat USA conference in Las Vegas.
By Sara Peters Senior Editor at Dark Reading, 8/9/2018
Comment1 Comment  |  Read  |  Post a Comment
Manufacturing Industry Experiencing Higher Incidence of Cyberattacks
Ericka Chickowski, Contributing Writer, Dark ReadingNews
New report reveals the natural consequences of ignoring the attendant risks of industrial IoT and Industry 4.0.
By Ericka Chickowski Contributing Writer, Dark Reading, 8/8/2018
Comment0 comments  |  Read  |  Post a Comment
FBI Offers New IoT Security Tips
Dark Reading Staff, Quick Hits
A new article from the FBI offers insight into IoT risks and ways to reduce them.
By Dark Reading Staff , 8/3/2018
Comment0 comments  |  Read  |  Post a Comment
New Spectre Variant Hits the Network
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A new proof of concept is a reminder that complex systems can be vulnerable at the most basic level.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 7/30/2018
Comment0 comments  |  Read  |  Post a Comment
MUD: The Solution to Our Messy Enterprise IoT Security Problems?
Louis Creager, IoT Security Analyst, zveloCommentary
The 'Manufacturer Usage Description' proposal from IETF offers a promising route for bolstering security across the industry.
By Louis Creager IoT Security Analyst, zvelo, 7/30/2018
Comment0 comments  |  Read  |  Post a Comment
Tenable Prices IPO, Raises $250 Million
Kelly Sheridan, Staff Editor, Dark ReadingNews
The past year has been one of significant growth for the cybersecurity firm, which is trading under the NASDAQ symbol TENB.
By Kelly Sheridan Staff Editor, Dark Reading, 7/26/2018
Comment1 Comment  |  Read  |  Post a Comment
The ABCs of Hacking a Voting Machine
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
A hacker who successfully infiltrated a voting machine at last year's DEF CON will demonstrate at Black Hat USA how he did it, as well as what he later found stored on other decommissioned WinVote machines.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/25/2018
Comment1 Comment  |  Read  |  Post a Comment
Securing Our Interconnected Infrastructure
Dave Weinstein, VP of Threat Research, Claroty Commentary
A little over a year ago, the world witnessed NotPetya, the most destructive cyberattack to date. What have we learned?
By Dave Weinstein VP of Threat Research, Claroty , 7/25/2018
Comment1 Comment  |  Read  |  Post a Comment
Why Security Startups Fly And Why They Crash
Kelly Sheridan, Staff Editor, Dark ReadingNews
What makes startups stand out in a market flooded with thousands of vendors? Funding experts and former founders share their thoughts.
By Kelly Sheridan Staff Editor, Dark Reading, 7/20/2018
Comment1 Comment  |  Read  |  Post a Comment
Robotic Vacuums May Hoover Your Data
Dark Reading Staff, Quick Hits
Researchers have discovered a pair of vulnerabilities that allow unauthorized code execution in a robotic vacuum.
By Dark Reading Staff , 7/19/2018
Comment0 comments  |  Read  |  Post a Comment
Free New Scanner Aims to Protect Home Networks
Dark Reading Staff, Quick Hits
Free software pinpoints vulnerabilities and offers suggestions for remediation.
By Dark Reading Staff , 7/19/2018
Comment2 comments  |  Read  |  Post a Comment
SCADA/ICS Dangers & Cybersecurity Strategies
Peter Newton, Senior Director of Product Marketing at FortinetCommentary
Nearly 60% of surveyed organizations using SCADA or ICS reported they experienced a breach in those systems in the last year. Here are four tips for making these systems safer.
By Peter Newton Senior Director of Product Marketing at Fortinet, 7/17/2018
Comment0 comments  |  Read  |  Post a Comment
Apple Releases Wave of Security Updates
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Apple updates software for nearly every hardware platform, though one new feature almost steals the security show.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 7/11/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-13435
PUBLISHED: 2018-08-16
** DISPUTED ** An issue was discovered in the LINE jp.naver.line application 8.8.0 for iOS. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method to disable passcode authentication. NOTE: the vendor indicates that this is not an attack of interest w...
CVE-2018-13446
PUBLISHED: 2018-08-16
** DISPUTED ** An issue was discovered in the LINE jp.naver.line application 8.8.1 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary passcode. ...
CVE-2018-14567
PUBLISHED: 2018-08-16
libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.
CVE-2018-15122
PUBLISHED: 2018-08-16
An issue found in Progress Telerik JustAssembly through 2018.1.323.2 and JustDecompile through 2018.2.605.0 makes it possible to execute code by decompiling a compiled .NET object (such as DLL or EXE) with an embedded resource file by clicking on the resource.
CVE-2018-11509
PUBLISHED: 2018-08-16
ASUSTOR ADM 3.1.0.RFQ3 uses the same default root:admin username and password as it does for the NAS itself for applications that are installed from the online repository. This may allow an attacker to login and upload a webshell.