Endpoint

News & Commentary
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, PreemptCommentary
Here's how hackers use network tools and stolen identities to turn a device-level compromise into an enterprise-level takedown.
By Ajit Sancheti CEO and Co-Founder, Preempt, 6/20/2018
Comment0 comments  |  Read  |  Post a Comment
Intel VP Talks Data Security Focus Amid Rise of Blockchain, AI
Kelly Sheridan, Staff Editor, Dark ReadingNews
Intel vice president Rick Echevarria discusses the challenges of balancing data security with new technologies like blockchain and artificial intelligence.
By Kelly Sheridan Staff Editor, Dark Reading, 6/20/2018
Comment0 comments  |  Read  |  Post a Comment
The Best and Worst Tasks for Security Automation
Kelly Sheridan, Staff Editor, Dark Reading
As with all new tech, there are good times and and bad times to use it. Security experts share which tasks to prioritize for automation.
By Kelly Sheridan Staff Editor, Dark Reading, 6/20/2018
Comment0 comments  |  Read  |  Post a Comment
How to Prepare for 'WannaCry 2.0'
Shimon Oren, Head of Cyber Intelligence at Deep InstinctCommentary
It seems inevitable that a more-powerful follow-up to last year's malware attack will hit sooner or later. You'd better get prepared.
By Shimon Oren Head of Cyber Intelligence at Deep Instinct, 6/19/2018
Comment0 comments  |  Read  |  Post a Comment
CrowdStrike Secures $200M Funding Round
Dark Reading Staff, Quick Hits
The new funding round brings the company's valuation to more than $3 billion.
By Dark Reading Staff , 6/19/2018
Comment0 comments  |  Read  |  Post a Comment
Security Analytics Startup Uptycs Raises $10M in Series A
Dark Reading Staff, Quick Hits
This round of funding for Uptycs, which runs an osquery-powered analytics platform, was led by ForgePoint Capital and Comcast Ventures.
By Dark Reading Staff , 6/19/2018
Comment0 comments  |  Read  |  Post a Comment
F-Secure Buys MWR InfoSecurity
Dark Reading Staff, Quick Hits
Finnish endpoint security company buys British security service provider in cash deal.
By Dark Reading Staff , 6/18/2018
Comment0 comments  |  Read  |  Post a Comment
3 Tips for Driving User Buy-in to Security Policies
Marc Laliberte, Information Security Threat Analyst, WatchGuard TechnologiesCommentary
Teaching users why it's important to commit to security controls is a far more effective strategy than simply demanding that they follow them. Here's how.
By Marc Laliberte Information Security Threat Analyst, WatchGuard Technologies, 6/18/2018
Comment0 comments  |  Read  |  Post a Comment
Hackers Crack iPhone Defense Built to Block Forensic Tools
Dark Reading Staff, Quick Hits
Grayshift, the company behind a system to help police break into iPhones, says it found a workaround for USB Restricted Mode.
By Dark Reading Staff , 6/15/2018
Comment0 comments  |  Read  |  Post a Comment
Modern Cybersecurity Demands a Different Corporate Mindset
Marc Wilczek, Digital Strategist & CIO AdvisorCommentary
Very few organizations have fully incorporated all relevant risks and threats into their current digital strategy, research finds.
By Marc Wilczek Digital Strategist & CIO Advisor, 6/15/2018
Comment0 comments  |  Read  |  Post a Comment
Kaspersky Lab Freezes Work with Europol in Protest of EU Vote
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
New European Parliament document calls out Kaspersky Lab software as 'malicious' and says it should be banned.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 6/14/2018
Comment0 comments  |  Read  |  Post a Comment
Four Faces of Fraud: Identity, 'Fake' Identity, Ransomware & Digital
David Shefter, Chief Technology Officer at Ziften TechnologiesCommentary
Realizing the wide scope of fraud should be at the top of every business executive's to-do list. Here's some practical advice to help you stay safe.
By David Shefter Chief Technology Officer at Ziften Technologies, 6/14/2018
Comment1 Comment  |  Read  |  Post a Comment
23,000 Compromised in HealthEquity Data Breach
Dark Reading Staff, Quick Hits
HealthEquity, which handles more than 3.4 million health savings accounts, was breached when an intruder accessed an employee's email.
By Dark Reading Staff , 6/14/2018
Comment0 comments  |  Read  |  Post a Comment
Blockchain All the Rage But Comes With Numerous Risks
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers dig into four types of cyberattacks targeting blockchain, how they work, and why early adopters are the easiest targets.
By Kelly Sheridan Staff Editor, Dark Reading, 6/13/2018
Comment0 comments  |  Read  |  Post a Comment
Microsoft Fixes 11 Critical, 39 Important Vulns
Kelly Sheridan, Staff Editor, Dark ReadingNews
The most critical vulnerability, experts say, affects Windows Domain Name Systems, while another lets attackers hack Cortana from the lock screen.
By Kelly Sheridan Staff Editor, Dark Reading, 6/12/2018
Comment2 comments  |  Read  |  Post a Comment
MacOS Bypass Flaw Lets Attackers Sign Malicious Code as Apple
Kelly Sheridan, Staff Editor, Dark ReadingNews
A security bypass weakness in macOS APIs let attackers impersonate Apple to sign malicious code and evade third-party security tools.
By Kelly Sheridan Staff Editor, Dark Reading, 6/12/2018
Comment0 comments  |  Read  |  Post a Comment
'Shift Left' & the Connected Car
Rohit Sethi, COO of Security CompassCommentary
How improving application security in the automotive industry can shorten product development time, reduce costs, and save lives.
By Rohit Sethi COO of Security Compass, 6/12/2018
Comment1 Comment  |  Read  |  Post a Comment
Weaponizing IPv6 to Bypass IPv4 Security
John Anderson, Principal Security Consultant, Trustwave SpiderlabsCommentary
Just because you're not yet using IPv6 doesn't mean you're safe from the protocol's attack vectors.
By John Anderson Principal Security Consultant, Trustwave Spiderlabs, 6/12/2018
Comment1 Comment  |  Read  |  Post a Comment
74 Arrested in International Email Scam Schemes
Dark Reading Staff, Quick Hits
A coordinated effort has led to the arrest of 74 individuals around the world on charges of defrauding businesses and individuals.
By Dark Reading Staff , 6/11/2018
Comment0 comments  |  Read  |  Post a Comment
Fewer Phishing Attacks Hit More Diverse Targets
Kelly Sheridan, Staff Editor, Dark ReadingNews
Nearly 300 brands were hit with phishing attacks in Q1, with cloud storage providers now among the top 10 most targeted.
By Kelly Sheridan Staff Editor, Dark Reading, 6/11/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by RosanaXayaraj
Current Conversations Thanks
In reply to: Re: More information
Post Your Own Reply
More Conversations
PR Newswire
Meet 'Bro': The Best-Kept Secret of Network Security
Greg Bell, CEO, Corelight,  6/14/2018
Four Faces of Fraud: Identity, 'Fake' Identity, Ransomware & Digital
David Shefter, Chief Technology Officer at Ziften Technologies,  6/14/2018
Containerized Apps: An 8-Point Security Checklist
Jai Vijayan, Freelance writer,  6/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-5236
PUBLISHED: 2018-06-20
Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may be susceptible to a race condition (or race hazard). This type of issue occurs in software where the output is dependent on the sequence or timing of other uncontrollable events.
CVE-2018-5237
PUBLISHED: 2018-06-20
Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.
CVE-2018-6211
PUBLISHED: 2018-06-20
On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, OS command injection is possible as a result of incorrect processing of the res_buf parameter to index.cgi.
CVE-2018-6212
PUBLISHED: 2018-06-20
On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, a reflected Cross-Site Scripting (XSS) attack is possible as a result of missed filtration for special characters in the "Search" field and incorrect proc...
CVE-2018-6213
PUBLISHED: 2018-06-20
In the web server on D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, there is a hardcoded password of anonymous for the admin account.