Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content tagged with Endpoint
Page 1 / 2   >   >>
RDP Bug Takes New Approach to Host Compromise
News  |  7/18/2019  | 
Researchers show how simply connecting to a rogue machine can silently compromise the host.
8 Legit Tools and Utilities That Cybercriminals Commonly Misuse
Slideshows  |  7/18/2019  | 
Threat actors are increasingly 'living off the land,' using publicly available management and administration tools to conceal malicious activity.
79% of US Consumers Fear Webcams Are Watching
Quick Hits  |  7/18/2019  | 
Widespread privacy concerns have caused 60% of people to cover their laptop webcams some in creative ways survey data shows.
Bluetooth Bug Enables Tracking on Windows 10, iOS & macOS Devices
News  |  7/17/2019  | 
Researchers discover a third-party algorithm in multiple high-profile Bluetooth devices exposes users to third-party tracking and data access.
A Password Management Report Card
Commentary  |  7/17/2019  | 
New research on password management tools identifies the relative strengths and weaknesses of 12 competing offerings.
Security Snapshot: OS, Authentication, Browser & Cloud Trends
News  |  7/16/2019  | 
New research shows cloud apps are climbing, SMS authentication is falling, Chrome is the enterprise browser favorite, and Android leads outdated devices.
How Attackers Infiltrate the Supply Chain & What to Do About It
Commentary  |  7/16/2019  | 
With some security best practices, enterprises can significantly reduce the chances that a potential supply chain attack will affect business operations.
Symantec Builds Out Cloud Portfolio to Enforce 'Zero Trust'
Quick Hits  |  7/16/2019  | 
New additions to its Integrated Cyber Defense Platform aim to give businesses greater control over access to cloud resources and applications.
Meet DoppelPaymer, BitPaymer's Ransomware Lookalike
News  |  7/15/2019  | 
New ransomware variant DoppelPaymer was leveraged in campaigns against the City of Edcouch, Texas, and the Chilean Ministry of Agriculture.
18% of Enterprises Holding Back on Windows 10 Upgrade
Quick Hits  |  7/15/2019  | 
Microsoft will officially end support for Windows 7 on January 14, 2020. Many large businesses aren't ready.
Where Businesses Waste Endpoint Security Budgets
Slideshows  |  7/15/2019  | 
Too many systems, failure to test tools, and fear of replacement drive endpoint complexity and render products less effective.
German Schools Ban Office 365, Cite Privacy Concerns
Quick Hits  |  7/12/2019  | 
The ruling follows years of debate over whether German schools and institutions should use Microsoft tools and services.
Competing Priorities Mean Security Risks for Small Businesses
Quick Hits  |  7/12/2019  | 
Small business IT professionals are trying to balance multiple priorities and finding that the balance often leaves the company with serious security risks.
How to Catch a Phish: Where Employee Awareness Falls Short
News  |  7/11/2019  | 
Advanced phishing techniques and poor user behaviors that exacerbate the threat of successful attacks.
Industry Insight: Checking Up on Healthcare Security
News  |  7/10/2019  | 
Modern threats putting healthcare organization at risk, how they're improving their security posture, and where many fall short.
Why You Need a Global View of IT Assets
Commentary  |  7/10/2019  | 
It may seem obvious, but many companies lose sight of the fact that they can't protect what they don't know they even have.
Vulnerability Found in GE Anesthesia Machines
Quick Hits  |  7/10/2019  | 
GE Healthcare has released a statement claiming the bug is not in the machine itself and does not pose direct risk to patients.
Organizations Are Adapting Authentication for Cloud Applications
News  |  7/9/2019  | 
Companies see the changing demands of cloud identity management but are mixed in their responses to those demands.
Financial Impact of Cybercrime Exceeded $45B in 2018
News  |  7/9/2019  | 
Cybersecurity analysts explore a range of industry research to examine trends around cyber incidents and their financial impact.
Microsoft Patches Zero-Day Vulnerabilities Under Active Attack
News  |  7/9/2019  | 
Microsoft issued fixes for 77 unique vulnerabilities this Patch Tuesday, including two zero-day privilege escalation vulnerabilities seen exploited in the wild.
Cybercriminals Target Budding Cannabis Retailers
Quick Hits  |  7/9/2019  | 
Companies in the young, rapidly growing industry are targeted for sensitive information they store and immature security practices.
Insider Threats: An M&A Dealmaker's Nightmare
Commentary  |  7/9/2019  | 
Because data has never been more portable, taking it has never been easier. And that's a huge problem during mergers and acquisitions.
Android App Publishers Won't Take 'No' for an Answer on Personal Data
News  |  7/8/2019  | 
Researchers find more than 1,000 apps in the Google Play store that gather personal data even when the user has denied permission.
Broadcom Moves Forward on Symantec Acquisition
Quick Hits  |  7/8/2019  | 
Reports indicate a deal could be made by mid-July as Broadcom secures financing for the purchase.
Intelligent Authentication Market Grows to Meet Demand
News  |  7/5/2019  | 
Confidence in user identity is critical to prevent fraud and theft, and companies are looking for new ways to get the necessary assurance.
D-Link Agrees to Strengthen Device Security
Quick Hits  |  7/3/2019  | 
A settlement with the FTC should mean comprehensive security upgrades for D-Link routers and IP camera.
Sodin Ransomware Exploits Windows Privilege Escalation Bug
News  |  7/3/2019  | 
Exploitation of CVE-2018-8453 grants attackers the highest level of privileges on a target system.
More Than Half of SMB Devices Run Outdated Operating Systems
News  |  7/3/2019  | 
66% of devices in small-to midsized businesses are based on expired or about-to-expire Microsoft OS versions, Alert Logic study found.
Disarming Employee Weaponization
Commentary  |  7/3/2019  | 
Human vulnerability presents a real threat for organizations. But it's also a remarkable opportunity to turn employees into our strongest cyber warriors.
'Human Side-Channels': Behavioral Traces We Leave Behind
News  |  7/2/2019  | 
How writing patterns, online activities, and other unintentional identifiers can be used in cyber offense and defense.
In Cybercrime's Evolution, Active, Automated Attacks Are the Latest Fad
Commentary  |  7/2/2019  | 
Staying ahead can feel impossible, but understanding that perfection is impossible can free you to make decisions about managing risk.
Lake City Employee Fired Following Ransom Payment
Quick Hits  |  7/2/2019  | 
The Florida city approved its insurer to pay $460,000 in ransom for a cyberattack that shut down servers, email, and phone.
The Case for Encryption: Fact vs. Fiction
Commentary  |  7/2/2019  | 
The common belief that encryption enables bad behavior primarily used by thieves, international terrorists, and other villainous characters is simply not true. Here's why.
Ransomware Hits Georgia Court System
Quick Hits  |  7/1/2019  | 
The court's IT department is meeting with external agencies to determine the scope and severity of the cyberattack.
How GDPR Teaches Us to Take a Bottom-Up Approach to Privacy
Commentary  |  6/28/2019  | 
Looking at underlying security needs means organizations are more likely to be in compliance with privacy regulations.
Inside MLS, the New Protocol for Secure Enterprise Messaging
News  |  6/27/2019  | 
As personal messaging platforms see the rise of end-to-end encryption, businesses struggle to provide strong levels of security.
Office 365 Multifactor Authentication Done Right
Commentary  |  6/27/2019  | 
Why the ubiquitous nature of Office 365 poses unique challenges for MFA-based security and how organizations can protect themselves.
Malware Coming to a Mac Near You? Yes, Say Security Firms
News  |  6/26/2019  | 
While the password-cracking Mimikatz took top honors, Mac-targeted malware accounted for two of the 10 most detected malware samples, according to WatchGuard.
FIDO Alliance to Tackle Identity Verification and IoT Authentication
News  |  6/26/2019  | 
Standards group forms two new working groups to develop new open specifications.
How to Avoid Becoming the Next Riviera Beach
Commentary  |  6/25/2019  | 
Be prepared by following these five steps so you don't have to pay a ransom to get your data back.
The Rise of Silence and the Fall of Coinhive
Commentary  |  6/25/2019  | 
Cryptomining will exist as long as it remains profitable. One of the most effective ways to disrupt that activity is to make it too expensive to run cryptomining malware in your network.
Never Trust, Always Verify: Demystifying Zero Trust to Secure Your Networks
Commentary  |  6/24/2019  | 
The point of Zero Trust is not to make networks, clouds, or endpoints more trusted; it's to eliminate the concept of trust from digital systems altogether.
Cyber-Risks Hiding Inside Mobile App Stores
News  |  6/21/2019  | 
As the number of blacklisted apps on Google Play continues to drop, attackers find new ways to compromise smartphones.
Patrolling the New Cybersecurity Perimeter
Commentary  |  6/21/2019  | 
Remote work and other developments demand a shift to managing people rather than devices.
'Democratizing' Machine Learning for Fraud Prevention & Payments Intelligence
Commentary  |  6/20/2019  | 
How fraud experts can fight cybercrime by 'downloading' their knowledge and experience into computer models.
Machine Learning Boosts Defenses, but Security Pros Worry Over Attack Potential
News  |  6/20/2019  | 
As defenders increasingly use machine learning to remove spam, catch fraud, and block malware, concerns persist that attackers will find ways to use AI technology to their advantage.
With GDPR's 'Right of Access,' Who Really Has Access?
News  |  6/19/2019  | 
How a security researcher learned organizations willingly hand over sensitive data with little to no identity verification.
Cost per Cyberattack Jumps to $4.6M in 2019
Quick Hits  |  6/19/2019  | 
From 2018 to 2019, the percentage of cyberattacks costing $10 million or more nearly doubled, hitting 13%.
How Hackers Emptied Church Coffers with a Simple Phishing Scam
Commentary  |  6/19/2019  | 
Cyber thieves aren't bound by a code of ethics. They look for weak targets and high rewards, which is exactly what Saint Ambrose Catholic offered.
The Evolution of Identity
Commentary  |  6/18/2019  | 
How data and technology can help businesses make the right fraud decisions, protect people's identities, and create an improved customer experience.
Page 1 / 2   >   >>


Where Businesses Waste Endpoint Security Budgets
Kelly Sheridan, Staff Editor, Dark Reading,  7/15/2019
How Attackers Infiltrate the Supply Chain & What to Do About It
Shay Nahari, Head of Red-Team Services at CyberArk,  7/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-7843
PUBLISHED: 2019-07-18
Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Insufficient input validation vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.
CVE-2019-7846
PUBLISHED: 2019-07-18
Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Improper error handling vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.
CVE-2019-7847
PUBLISHED: 2019-07-18
Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Improper Restriction of XML External Entity Reference ('XXE') vulnerability. Successful exploitation could lead to Arbitrary read access to the file system in the context of the current user.
CVE-2019-7848
PUBLISHED: 2019-07-18
Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Inadequate access control vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.
CVE-2019-7850
PUBLISHED: 2019-07-18
Adobe Campaign Classic version 18.10.5-8984 and earlier versions have a Command injection vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.