Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

News & Commentary
Power Outage Hits Millions in South America
Dark Reading Staff, Quick Hits
The outage, which is not (so far) seen as the result of a cyberattack, still had a significant impact on network and server availability.
By Dark Reading Staff , 6/17/2019
Comment0 comments  |  Read  |  Post a Comment
New Decryptor Unlocks Latest Versions of Gandcrab
Dark Reading Staff, Quick Hits
The decryptor neutralizes GandCrab versions 5.0 through 5.2 and lets victims unlock their files for free.
By Dark Reading Staff , 6/17/2019
Comment0 comments  |  Read  |  Post a Comment
Utilities, Nations Need Better Plan Against Critical Infrastructure Attackers
Robert Lemos, Contributing WriterNews
The attackers behind the Triton, or Xenotime, intrusions into critical infrastructure (CI) safety systems are testing their skills against electric power companies. Options for defense are still limited, however.
By Robert Lemos Contributing Writer, 6/17/2019
Comment0 comments  |  Read  |  Post a Comment
The Life-Changing Magic of Tidying Up the Cloud
Kaus Phaltankar, CEO and Co-Founder at CaveonixCommentary
Most companies' cloud security operations would benefit significantly from clean-up, alignment, and organization.
By Kaus Phaltankar CEO and Co-Founder at Caveonix, 6/17/2019
Comment0 comments  |  Read  |  Post a Comment
10 Notable Security Acquisitions of 2019 (So Far)
Kelly Sheridan, Staff Editor, Dark Reading
In a year when security companies have been snapped up left and right, these deals stand out from the chaos.
By Kelly Sheridan Staff Editor, Dark Reading, 6/15/2019
Comment1 Comment  |  Read  |  Post a Comment
Sensory Overload: Filtering Out Cybersecurity's Noise
Joshua Goldfarb, Independent ConsultantCommentary
No organization can prioritize and mitigate hundreds of risks effectively. The secret lies in carefully filtering out the risks, policies, and processes that waste precious time and resources.
By Joshua Goldfarb Independent Consultant, 6/14/2019
Comment0 comments  |  Read  |  Post a Comment
The CISO's Drive to Consolidation
Nik Whitfield, Computer Scientist & Security Technology EntrepreneurCommentary
Cutting back on the number of security tools you're using can save money and leave you safer. Here's how to get started.
By Nik Whitfield Computer Scientist & Security Technology Entrepreneur, 6/13/2019
Comment0 comments  |  Read  |  Post a Comment
7 Truths About BEC Scams
Ericka Chickowski, Contributing Writer
Business email compromise attacks are growing in prevalence and creativity. Here's a look at how they work, the latest stats, and some recent horror stories.
By Ericka Chickowski Contributing Writer, 6/13/2019
Comment3 comments  |  Read  |  Post a Comment
The Rise of 'Purple Teaming'
Joseph R. Salazar, Technical Marketing EngineerCommentary
The next generation of penetration testing represents a more collaborative approach to old fashioned Red Team vs. Blue Team.
By Joseph R. Salazar Technical Marketing Engineer, 6/13/2019
Comment0 comments  |  Read  |  Post a Comment
DNS Observatory Offers Researchers New Insight into Global DNS Activity
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Among its early findings, 60% of the DNS transactions captured were handled by just 1,000 name servers.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/12/2019
Comment0 comments  |  Read  |  Post a Comment
New Funding Values KnowBe4 at $1 Billion
Dark Reading Staff, Quick Hits
The $300 million investment is being led by KKR.
By Dark Reading Staff , 6/12/2019
Comment0 comments  |  Read  |  Post a Comment
Tomorrow's Cybersecurity Analyst Is Not Who You Think
Chris Schueler, Senior VP, Managed Security Services, TrustwaveCommentary
Organizations can't just rely on diverse and cutting-edge technologies to fight adversaries. They will also need people with diverse expertise and backgrounds.
By Chris Schueler Senior VP, Managed Security Services, Trustwave, 6/12/2019
Comment0 comments  |  Read  |  Post a Comment
Predicting Vulnerability Weaponization
Srinivas Mukkamala, Co-founder & CEO, RiskSenseCommentary
Advances in data science are making it possible to shift vulnerability management from a reactive to a proactive discipline.
By Srinivas Mukkamala Co-founder & CEO, RiskSense, 6/12/2019
Comment1 Comment  |  Read  |  Post a Comment
Microsoft Issues Fixes for 88 Vulnerabilities
Kelly Sheridan, Staff Editor, Dark ReadingNews
Four of the flaws are publicly known but none have been listed as under active attack.
By Kelly Sheridan Staff Editor, Dark Reading, 6/11/2019
Comment0 comments  |  Read  |  Post a Comment
'Have I Been Pwned' Is Up for Sale
Dark Reading Staff, Quick Hits
Troy Hunt, who has been running HIBP solo for six years, launched "Project Svalbard" so the site can evolve with more resources, funding, and support.
By Dark Reading Staff , 6/11/2019
Comment0 comments  |  Read  |  Post a Comment
What 3 Powerful GoT Women Teach Us about Cybersecurity
Orion Cassetto, Senior Product Maester, ExabeamCommentary
Imagine Game of Thrones' Daenerys Targaryen, Arya Stark, and Cersei Lannister on the front lines in the real-world battleground of enterprise security.
By Orion Cassetto Senior Product Maester, Exabeam, 6/11/2019
Comment0 comments  |  Read  |  Post a Comment
Getting Up to Speed on Magecart
Casey Quinn, Associate, Newmeyer & DillionCommentary
Greater awareness of how Magecart works will give your company a leg up on the growing threat from this online credit card skimmer. Here are four places to start.
By Casey Quinn Associate, Newmeyer & Dillion, 6/11/2019
Comment0 comments  |  Read  |  Post a Comment
Cognitive Bias Can Hamper Security Decisions
Kelly Sheridan, Staff Editor, Dark ReadingNews
A new report sheds light on how human cognitive biases affect cybersecurity decisions and business outcomes.
By Kelly Sheridan Staff Editor, Dark Reading, 6/10/2019
Comment1 Comment  |  Read  |  Post a Comment
GoldBrute Botnet Brute-Forcing 1.5M RDP Servers
Dark Reading Staff, Quick Hits
Botnets are scanning the Internet for servers exposing RDP and using weak, reused passwords to obtain access.
By Dark Reading Staff , 6/10/2019
Comment0 comments  |  Read  |  Post a Comment
Unmixed Messages: Bringing Security & Privacy Awareness Together
Tom Pendergast & Jeff Morgenroth, Chief Learning Officer at MediaPRO/Instructional Designer at MediaPROCommentary
Security and privacy share the same basic goals, so it just makes sense to combine efforts in those two areas. But that can be easier said than done.
By Tom Pendergast & Jeff Morgenroth Chief Learning Officer at MediaPRO/Instructional Designer at MediaPRO, 6/10/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by jared333
Current Conversations AD VEVENUE BABY
In reply to: Listacles
Post Your Own Reply
More Conversations
PR Newswire
7 Truths About BEC Scams
Ericka Chickowski, Contributing Writer,  6/13/2019
DNS Firewalls Could Prevent Billions in Losses to Cybercrime
Curtis Franklin Jr., Senior Editor at Dark Reading,  6/13/2019
10 Notable Security Acquisitions of 2019 (So Far)
Kelly Sheridan, Staff Editor, Dark Reading,  6/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-9391
PUBLISHED: 2019-06-17
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides UPnP services that are available on port 3480 and can also be accessed via port 80 using the url "/port_3480". It seems that the UPnP services provide "request_image" as one of the s...
CVE-2017-9392
PUBLISHED: 2019-06-17
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides UPnP services that are available on port 3480 and can also be accessed via port 80 using the url "/port_3480". It seems that the UPnP services provide "request_image" as one of the s...
CVE-2018-18958
PUBLISHED: 2019-06-17
OPNsense 18.7.x before 18.7.7 has Incorrect Access Control.
CVE-2019-5016
PUBLISHED: 2019-06-17
An exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module which enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potentially several other vendors/products. A specially crafted index value can cause an invalid memory rea...
CVE-2019-5017
PUBLISHED: 2019-06-17
An exploitable information disclosure vulnerability exists in the KCodes NetUSB.ko kernel module that enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potentially several other vendors/products. An unauthenticated, remote attacker can craft and send a packet...