Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content tagged with Threat Intelligence
Page 1 / 2   >   >>
Europol Head Fears 5G Will Give Criminals an Edge
Quick Hits  |  7/19/2019  | 
Catherine De Bolle is concerned law enforcement will lose its ability to track criminals with the arrival of 5G networks.
Mirai Groups Target Business IoT Devices
News  |  7/19/2019  | 
More than 30% of Mirai attacks, and an increasing number of variants of the malicious malare, are going after enterprise IoT devices, raising the stakes for business.
RDP Bug Takes New Approach to Host Compromise
News  |  7/18/2019  | 
Researchers show how simply connecting to a rogue machine can silently compromise the host.
8 Legit Tools and Utilities That Cybercriminals Commonly Misuse
Slideshows  |  7/18/2019  | 
Threat actors are increasingly 'living off the land,' using publicly available management and administration tools to conceal malicious activity.
Bluetooth Bug Enables Tracking on Windows 10, iOS & macOS Devices
News  |  7/17/2019  | 
Researchers discover a third-party algorithm in multiple high-profile Bluetooth devices exposes users to third-party tracking and data access.
Security Snapshot: OS, Authentication, Browser & Cloud Trends
News  |  7/16/2019  | 
New research shows cloud apps are climbing, SMS authentication is falling, Chrome is the enterprise browser favorite, and Android leads outdated devices.
US Mayors Commit to Just Saying No to Ransomware
News  |  7/16/2019  | 
The group of more than 1,400 top elected municipal officials takes the admirable, recommended stance against paying ransoms. However, can towns and cities secure their information technology infrastructure to withstand attacks?
Meet DoppelPaymer, BitPaymer's Ransomware Lookalike
News  |  7/15/2019  | 
New ransomware variant DoppelPaymer was leveraged in campaigns against the City of Edcouch, Texas, and the Chilean Ministry of Agriculture.
Where Businesses Waste Endpoint Security Budgets
Slideshows  |  7/15/2019  | 
Too many systems, failure to test tools, and fear of replacement drive endpoint complexity and render products less effective.
How to Catch a Phish: Where Employee Awareness Falls Short
News  |  7/11/2019  | 
Advanced phishing techniques and poor user behaviors that exacerbate the threat of successful attacks.
Software Engineer Charged for Taking Stolen Trade Secrets to China
Quick Hits  |  7/11/2019  | 
Xudong Yao reportedly stole proprietary information from his employer and brought it to China, where he is believed to currently reside.
Persistent Threats Can Last Inside SMB Networks for Years
News  |  7/11/2019  | 
The average dwell time for riskware can be as much as 869 days.
Industry Insight: Checking Up on Healthcare Security
News  |  7/10/2019  | 
Modern threats putting healthcare organization at risk, how they're improving their security posture, and where many fall short.
Financial Firms Face Threats from Employee Mobile Devices
News  |  7/10/2019  | 
A new report says that phishing and man-in-the-middle attacks are major risks to financial institutions - via mobile devices in the hands of their employees.
Vulnerability Found in GE Anesthesia Machines
Quick Hits  |  7/10/2019  | 
GE Healthcare has released a statement claiming the bug is not in the machine itself and does not pose direct risk to patients.
4 Reasons Why SOC Superstars Quit
Commentary  |  7/10/2019  | 
Security analysts know they are a hot commodity in the enviable position of writing their own ticket. Here's how to keep them engaged, challenged, and happy.
Financial Impact of Cybercrime Exceeded $45B in 2018
News  |  7/9/2019  | 
Cybersecurity analysts explore a range of industry research to examine trends around cyber incidents and their financial impact.
Coast Guard Warns Shipping Firms of Maritime Cyberattacks
News  |  7/9/2019  | 
A commercial vessel suffered a significant malware attack in February, prompting the US Coast Guard to issues an advisory to all shipping companies: Here be malware.
Microsoft Patches Zero-Day Vulnerabilities Under Active Attack
News  |  7/9/2019  | 
Microsoft issued fixes for 77 unique vulnerabilities this Patch Tuesday, including two zero-day privilege escalation vulnerabilities seen exploited in the wild.
US Military Warns Companies to Look Out for Iranian Outlook Exploits
News  |  7/3/2019  | 
Microsoft patched a serious vulnerability in the Microsoft Outlook client in 2017, but an Iranian group continues to exploit the flaw.
Sodin Ransomware Exploits Windows Privilege Escalation Bug
News  |  7/3/2019  | 
Exploitation of CVE-2018-8453 grants attackers the highest level of privileges on a target system.
Black Hat Q&A: Understanding NSAs Quest to Open Source Ghidra
News  |  7/3/2019  | 
National Security Agency researcher Brian Knighton offers a preview of his August Black Hat USA talk on the evolution of Ghidra.
Cybersecurity Experts Worry About Satellite & Space Systems
News  |  7/2/2019  | 
As nation-states and rogue actors increasingly probe critical infrastructure, policy and technology experts worry that satellite and space systems are on the front lines.
'Human Side-Channels': Behavioral Traces We Leave Behind
News  |  7/2/2019  | 
How writing patterns, online activities, and other unintentional identifiers can be used in cyber offense and defense.
Ransomware Hits Georgia Court System
Quick Hits  |  7/1/2019  | 
The court's IT department is meeting with external agencies to determine the scope and severity of the cyberattack.
The Truth About Your Software Supply Chain
Slideshows  |  7/1/2019  | 
Open source components help developers innovate faster, but they sometimes come at a high price.
Building the Future Through Security Internships
Commentary  |  7/1/2019  | 
Akamai University, a 12-week internship program, was built from the ground up with the goal of promoting the student not the company.
MageCart Launches Customizable Campaign
News  |  6/28/2019  | 
A tool new to MageCart bolsters the group's ability to evade detection and steal data.
NIST Issues IoT Risk Guidelines
Quick Hits  |  6/27/2019  | 
A new report offers the first step toward understanding and managing IoT cybersecurity risks.
Former Equifax CIO Sentenced to Prison for Insider Trading
Quick Hits  |  6/27/2019  | 
Jun Ying is the second Equifax employee found guilty of insider trading related to the massive 2017 data breach.
How Hackers Infiltrate Open Source Projects
News  |  6/27/2019  | 
The dependency trees of modern software-development make smaller open-source projects vulnerable to hackers sabotaging code.
Malware Coming to a Mac Near You? Yes, Say Security Firms
News  |  6/26/2019  | 
While the password-cracking Mimikatz took top honors, Mac-targeted malware accounted for two of the 10 most detected malware samples, according to WatchGuard.
How to Avoid Becoming the Next Riviera Beach
Commentary  |  6/25/2019  | 
Be prepared by following these five steps so you don't have to pay a ransom to get your data back.
Companies on Watch After US, Iran Claim Cyberattacks
News  |  6/25/2019  | 
With the cyber conflict between the United States and Iran ramping up, companies traditionally targeted by the countries such as those in the oil and gas and financial industries need to bolster their security efforts, experts say.
A Socio-Technical Approach to Cybersecurity's Problems
News  |  6/24/2019  | 
Researchers explore how modern security problems can be solved with an examination of society, technology, and security.
Cyber-Risks Hiding Inside Mobile App Stores
News  |  6/21/2019  | 
As the number of blacklisted apps on Google Play continues to drop, attackers find new ways to compromise smartphones.
Small Businesses May Not Be Security's Weak Link
Quick Hits  |  6/20/2019  | 
Organizations with 250 or fewer employees often employ a higher percentage of security pros than their larger counterparts.
Machine Learning Boosts Defenses, but Security Pros Worry Over Attack Potential
News  |  6/20/2019  | 
As defenders increasingly use machine learning to remove spam, catch fraud, and block malware, concerns persist that attackers will find ways to use AI technology to their advantage.
6 Security Tips That'll Keep the Summer Fun
Slideshows  |  6/19/2019  | 
Taking some time off this summer? Before you head out on vacation, make sure your devices and apps are also ready.
Insecure Home IoT Devices a Clear and Present Danger to Corporate Security
News  |  6/19/2019  | 
Avast-sponsored study shows wide prevalence of IoT devices, many with weak credentials and other security vulnerabilities.
As Cloud Adoption Grows, DLP Remains Key Challenge
News  |  6/18/2019  | 
As businesses use the cloud to fuel growth, many fail to enforce data loss prevention or control how people share data.
Advertising Alliance Plans Protocols to Reduce Dangerous Content
Quick Hits  |  6/18/2019  | 
The Global Alliance for Responsible Media will seek ways to clamp down on dangerous and fake content.
Google Targets Deceptive Sites with New Chrome Tools
Quick Hits  |  6/18/2019  | 
A new extension and browser alert aim to help users report deceptive sites and prevent them from encountering fraud.
How Fraudulent Domains 'Hide in Plain Sight'
News  |  6/18/2019  | 
Cybercriminals use new types of top-level domains, topical keywords, and targeted emails to trick victims into clicking malicious links.
Utilities, Nations Need Better Plan Against Critical Infrastructure Attackers
News  |  6/17/2019  | 
The attackers behind the Triton, or Xenotime, intrusions into critical infrastructure (CI) safety systems are testing their skills against electric power companies. Options for defense are still limited, however.
10 Notable Security Acquisitions of 2019 (So Far)
Slideshows  |  6/15/2019  | 
In a year when security companies have been snapped up left and right, these deals stand out from the chaos.
Better Cybersecurity Research Requires More Data Sharing
News  |  6/14/2019  | 
Researchers at the Workshop on the Economics of Information Security highlight the cost savings of sharing cybersecurity data and push for greater access to information on breaches, attacks, and incidents.
Sensory Overload: Filtering Out Cybersecurity's Noise
Commentary  |  6/14/2019  | 
No organization can prioritize and mitigate hundreds of risks effectively. The secret lies in carefully filtering out the risks, policies, and processes that waste precious time and resources.
Congress Gives 'Hack Back' Legislation Another Try
Quick Hits  |  6/13/2019  | 
Officials reintroduce a bill that would let businesses monitor attacker behavior and target intruders on corporate networks.
The CISO's Drive to Consolidation
Commentary  |  6/13/2019  | 
Cutting back on the number of security tools you're using can save money and leave you safer. Here's how to get started.
Page 1 / 2   >   >>


Where Businesses Waste Endpoint Security Budgets
Kelly Sheridan, Staff Editor, Dark Reading,  7/15/2019
US Mayors Commit to Just Saying No to Ransomware
Robert Lemos, Contributing Writer,  7/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Now this is the worst micromanagment I've seen.
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17210
PUBLISHED: 2019-07-20
An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. The core components that create and launch a print job do not perform complete verification of the session cookie that is supplied to them. As a result, an attacker with guest/pseudo-guest level permissions can bypass t...
CVE-2019-12934
PUBLISHED: 2019-07-20
An issue was discovered in the wp-code-highlightjs plugin through 0.6.2 for WordPress. wp-admin/options-general.php?page=wp-code-highlight-js allows CSRF, as demonstrated by an XSS payload in the hljs_additional_css parameter.
CVE-2019-9229
PUBLISHED: 2019-07-20
An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.251. An internal interface exposed to the link-local address 169.254.254.253 allows attackers in the local network to access multiple quagga VTYs. Attackers can...
CVE-2019-12815
PUBLISHED: 2019-07-19
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.
CVE-2019-13569
PUBLISHED: 2019-07-19
A SQL injection vulnerability exists in the Icegram Email Subscribers & Newsletters plugin through 4.1.7 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.