Endpoint

News & Commentary
Siemens Leads Launch of Global Cybersecurity Initiative
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
The new 'Charter of Trust' aims to make security a key element of the digital economy, critical infrastructure.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/16/2018
Comment0 comments  |  Read  |  Post a Comment
Rise of the 'Hivenet': Botnets That Think for Themselves
Derek Manky, Global Security Strategist, FortinetCommentary
These intelligent botnet clusters swarm compromised devices to identify and assault different attack vectors all at once.
By Derek Manky Global Security Strategist, Fortinet, 2/16/2018
Comment0 comments  |  Read  |  Post a Comment
IRS Reports Steep Decline in Tax-Related ID Theft
Steve Zurier, Freelance WriterNews
Research group Javelin confirms that the numbers are trending in the right direction, with total fraud losses dropping more than 14% to $783 million.
By Steve Zurier Freelance Writer, 2/15/2018
Comment0 comments  |  Read  |  Post a Comment
North Korea-Linked Cyberattacks Spread Out of Control: Report
Kelly Sheridan, Associate Editor, Dark ReadingNews
New details on old cyberattacks originating from North Korea indicate several forms of malware unintentionally spread wider than authors intended.
By Kelly Sheridan Associate Editor, Dark Reading, 2/15/2018
Comment0 comments  |  Read  |  Post a Comment
From DevOps to DevSecOps: Structuring Communication for Better Security
Robert Hawk, Privacy & Security Lead at xMattersCommentary
A solid approach to change management can help prevent problems downstream.
By Robert Hawk Privacy & Security Lead at xMatters, 2/15/2018
Comment1 Comment  |  Read  |  Post a Comment
Windows 10 Critical Vulnerability Reports Grew 64% in 2017
Kelly Sheridan, Associate Editor, Dark ReadingNews
The launch and growth of new operating systems is mirrored by an increase in reported vulnerabilities.
By Kelly Sheridan Associate Editor, Dark Reading, 2/14/2018
Comment1 Comment  |  Read  |  Post a Comment
Intel Expands Bug Bounty Program, Offers up to $250K
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Microprocessor giant adds vulnerability-finding category for Meltdown, Spectre-type flaws.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/14/2018
Comment0 comments  |  Read  |  Post a Comment
Fileless Malware: Not Just a Threat, but a Super-Threat
Itay Glick, CEO & Co-founder, VotiroCommentary
Exploits are getting more sophisticated by the day, and cybersecurity technology just isn't keeping up.
By Itay Glick CEO & Co-founder, Votiro, 2/14/2018
Comment0 comments  |  Read  |  Post a Comment
AI and Machine Learning: Breaking Down Buzzwords
Kelly Sheridan, Associate Editor, Dark ReadingNews
Security experts explain two of today's trendiest technologies to explain what they mean and where you need them.
By Kelly Sheridan Associate Editor, Dark Reading, 2/13/2018
Comment1 Comment  |  Read  |  Post a Comment
Microsoft Fixes Two Security Flaws in Outlook
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
February security patches include updates for 50 vulnerabilities, 14 of which are critical.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/13/2018
Comment0 comments  |  Read  |  Post a Comment
Can Android for Work Redefine Enterprise Mobile Security?
Satish Shetty, CEO, Codeproof TechnologiesCommentary
Google's new mobility management framework makes great strides in addressing security and device management concerns while offering diverse deployment options. Here are the pros and cons.
By Satish Shetty CEO, Codeproof Technologies, 2/13/2018
Comment1 Comment  |  Read  |  Post a Comment
Microsoft Adds Windows Defender ATP Support to Windows 7, 8.1
Dark Reading Staff, Quick Hits
Microsoft brings Windows Defender ATP down-level support to older versions of Windows for businesses transitioning to Windows 10.
By Dark Reading Staff , 2/12/2018
Comment0 comments  |  Read  |  Post a Comment
Google to Mark All HTTP Websites 'Not Secure'
Dark Reading Staff, Quick Hits
Google will push websites to adopt HTTPS encryption by marking all HTTP sites as 'not secure' starting in July 2018.
By Dark Reading Staff , 2/12/2018
Comment0 comments  |  Read  |  Post a Comment
Tracking Bitcoin Wallets as IOCs for Ransomware
Curtis Jordan, Lead Security Engineer, TruSTARCommentary
By understanding how cybercriminals use bitcoin, threat analysts can connect the dots between cyber extortion, wallet addresses, shared infrastructure, TTPs, and attribution.
By Curtis Jordan Lead Security Engineer, TruSTAR, 2/12/2018
Comment0 comments  |  Read  |  Post a Comment
Cyber Warranties: What to Know, What to Ask
Kelly Sheridan, Associate Editor, Dark ReadingNews
The drivers and details behind the growth of cyber warranties, which more businesses are using to guarantee their products.
By Kelly Sheridan Associate Editor, Dark Reading, 2/9/2018
Comment0 comments  |  Read  |  Post a Comment
8 Nation-State Hacking Groups to Watch in 2018
Kelly Sheridan, Associate Editor, Dark Reading
The aliases, geographies, famous attacks, and behaviors of some of the most prolific threat groups.
By Kelly Sheridan Associate Editor, Dark Reading, 2/9/2018
Comment1 Comment  |  Read  |  Post a Comment
Back to Basics: AI Isn't the Answer to What Ails Us in Cyber
Amit Yoran, Chairman & CEO, Tenable Network SecurityCommentary
The irony behind just about every headline-grabbing data breach we've seen in recent years is that they all could have been prevented with simple cyber hygiene.
By Amit Yoran Chairman & CEO, Tenable Network Security, 2/9/2018
Comment1 Comment  |  Read  |  Post a Comment
Apple iOS iBoot Secure Bootloader Code Leaked Online
Dark Reading Staff, Quick Hits
Lawyers for Apple called for the source code to be removed from GitHub.
By Dark Reading Staff , 2/8/2018
Comment0 comments  |  Read  |  Post a Comment
20 Signs You Need to Introduce Automation into Security Ops
Joshua Goldfarb, Co-founder & Chief Product Officer, IDDRACommentary
Far too often, organizations approach automation as a solution looking for a problem rather than the other way around.
By Joshua Goldfarb Co-founder & Chief Product Officer, IDDRA, 2/8/2018
Comment0 comments  |  Read  |  Post a Comment
Man Formerly on FBI Most Wanted List Pleads Guilty in 'Scareware' Hack
Dark Reading Staff, Quick Hits
Latvian man ran bulletproof Web hosting service that served cybercriminals.
By Dark Reading Staff , 2/7/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by aumickmanuela
Current Conversations Thanks  a lot for sharing )
In reply to: Thank you
Post Your Own Reply
More Conversations
PR Newswire
One in Three SOC Analysts Now Job-Hunting
Kelly Jackson Higgins, Executive Editor at Dark Reading,  2/12/2018
Encrypted Attacks Continue to Dog Perimeter Defenses
Ericka Chickowski, Contributing Writer, Dark Reading,  2/14/2018
Can Android for Work Redefine Enterprise Mobile Security?
Satish Shetty, CEO, Codeproof Technologies,  2/13/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: One agent too many was installed on Bob's desktop.
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.