Endpoint

News & Commentary
Why Hackers Love Healthcare
Allan Alford, Chief Information Security OfficerCommentary
The migration of valuable data to the cloud is piquing the interest of cybercrimimals. But there are ways to fight back.
By Allan Alford Chief Information Security Officer, 4/26/2018
Comment0 comments  |  Read  |  Post a Comment
Google Adds Security Features to Gmail Face-lift
Kelly Sheridan, Staff Editor, Dark ReadingNews
A redesigned Gmail brings new security measures to improve data protection and applications for artificial intelligence.
By Kelly Sheridan Staff Editor, Dark Reading, 4/25/2018
Comment1 Comment  |  Read  |  Post a Comment
Despite Risks, Nearly Half of IT Execs Don't Rethink Cybersecurity after an Attack
Marc Wilczek, Digital Strategist & CIO AdvisorCommentary
A recent survey reveals a troubling degree of security inertia lurking among scores of organizations. But there are a few bright spots.
By Marc Wilczek Digital Strategist & CIO Advisor, 4/25/2018
Comment1 Comment  |  Read  |  Post a Comment
'Webstresser' DDoS Attack Site Shut Down in International Operation
Kelly Sheridan, Staff Editor, Dark ReadingNews
Investigators arrested the admins of Webstresser, the world's largest DDoS marketplace reportedly responsible for more than four million attacks.
By Kelly Sheridan Staff Editor, Dark Reading, 4/25/2018
Comment0 comments  |  Read  |  Post a Comment
Why Information Integrity Attacks Pose New Security Challenges
Tamer Hassan, Co-Founder & CTO, White OpsCommentary
To fight information integrity attacks like the ones recently perpetrated by bots on the FCC's website, we need to change our stance and look for the adversaries hiding in plain sight.
By Tamer Hassan Co-Founder & CTO, White Ops, 4/25/2018
Comment0 comments  |  Read  |  Post a Comment
Coviello: Modern Security Threats are 'Less About the Techniques'
Kelly Sheridan, Staff Editor, Dark ReadingNews
Today's attack surface is broader, more open, and demands a proactive approach to security, according to former RSA chairman Art Coviello.
By Kelly Sheridan Staff Editor, Dark Reading, 4/24/2018
Comment2 comments  |  Read  |  Post a Comment
Deconstructing the Possibilities and Realities of Enterprise IoT Security
Bill Kleyman, Chief Technology Officer, MTM TechnologiesCommentary
Organizations are rushing to leverage Internet of Things solutions but struggle to design the information technology architectures that will lock down the data these devices create.
By Bill Kleyman Chief Technology Officer, MTM Technologies, 4/24/2018
Comment0 comments  |  Read  |  Post a Comment
MEDantex Healthcare Transcription Firm Accidentally Exposes Medical Records
Kelly Sheridan, Staff Editor, Dark ReadingQuick Hits
Exposed data likely the result of a flawed system rebuild after a recent ransomware attack on the company.
By Kelly Sheridan Staff Editor, Dark Reading, 4/24/2018
Comment1 Comment  |  Read  |  Post a Comment
'Stresspaint' Targets Facebook Credentials
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
New malware variant goes after login credentials for popular Facebook pages.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/24/2018
Comment0 comments  |  Read  |  Post a Comment
Digital Identity Makes Headway Around the World
Dan Puterbaugh, Senior Legal Advocate for Adobe Document CloudCommentary
The US is lagging behind the digital ID leaders.
By Dan Puterbaugh Senior Legal Advocate for Adobe Document Cloud, 4/23/2018
Comment0 comments  |  Read  |  Post a Comment
Biometrics Are Coming & So Are Security Concerns
Michael Fauscette, Chief Research Officier at G2 CrowdCommentary
Could these advanced technologies be putting user data at risk?
By Michael Fauscette Chief Research Officier at G2 Crowd, 4/20/2018
Comment0 comments  |  Read  |  Post a Comment
Microsoft CISO Talks Threat Intel, 'Data Inclusion'
Kelly Sheridan, Staff Editor, Dark ReadingNews
Dark Reading caught up with Microsoft's Bret Arsenault to discuss intelligence, identity, and the need to leverage more diverse datasets.
By Kelly Sheridan Staff Editor, Dark Reading, 4/19/2018
Comment2 comments  |  Read  |  Post a Comment
Securing Social Media: National Safety, Privacy Concerns
Kelly Sheridan, Staff Editor, Dark ReadingNews
It's a critical time for social media platforms and the government agencies and private businesses and individuals using them.
By Kelly Sheridan Staff Editor, Dark Reading, 4/19/2018
Comment2 comments  |  Read  |  Post a Comment
First Public Demo of Data Breach via IoT Hack Comes to RSAC
Sara Peters, Senior Editor at Dark ReadingNews
At RSA Conference, senior researchers will show how relatively unskilled attackers can steal personally identifiable information without coming into contact with endpoint security tools.
By Sara Peters Senior Editor at Dark Reading, 4/19/2018
Comment0 comments  |  Read  |  Post a Comment
DHS Helps Shop Android IPS Prototype
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
A MITRE-developed intrusion prevention system for mobile technology is showcased here this week at the RSA Conference.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 4/18/2018
Comment0 comments  |  Read  |  Post a Comment
8 Ways Hackers Monetize Stolen Data
Steve Zurier, Freelance Writer
Hackers are craftier than ever, pilfering PII piecemeal so bad actors can combine data to set up schemes to defraud medical practices, steal military secrets and hijack R&D product information.
By Steve Zurier Freelance Writer, 4/17/2018
Comment3 comments  |  Read  |  Post a Comment
Why We Need Privacy Solutions That Scale Across Borders
Chris Babel, CEO, TrustArcCommentary
New privacy solutions are becoming scalable, smarter, and easier to address compliance across industries and geographies.
By Chris Babel CEO, TrustArc, 4/17/2018
Comment0 comments  |  Read  |  Post a Comment
Microsoft to Roll Out Azure Sphere for IoT Security
Kelly Sheridan, Staff Editor, Dark ReadingNews
Azure Sphere, now in preview, is a three-part program designed to secure the future of connected devices and powered by its own custom version of Linux.
By Kelly Sheridan Staff Editor, Dark Reading, 4/16/2018
Comment0 comments  |  Read  |  Post a Comment
Companies Still Suffering From Poor Credential Hygiene: New Report
Dark Reading Staff, Quick Hits
Credentials are being mis-handled and it's hurting most companies, according to a new report out today.
By Dark Reading Staff , 4/16/2018
Comment0 comments  |  Read  |  Post a Comment
INsecurity Conference Seeks Security Pros to Speak on Best Practices
Tim Wilson, Editor in Chief, Dark Reading, News
Dark Reading's second annual data defense conference will be held Oct. 23-25 in Chicago; call for speakers is issued.
By Tim Wilson, Editor in Chief, Dark Reading , 4/16/2018
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Diversity: It's About Inclusion
Kelly Jackson Higgins, Executive Editor at Dark Reading,  4/25/2018
Threat Intel: Finding Balance in an Overcrowded Market
Kelly Sheridan, Staff Editor, Dark Reading,  4/23/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.