Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
News & Commentary
FIDO-Based Authentication Arrives for Smartwatches
Kelly Sheridan, Staff Editor, Dark ReadingNews
The Nok Nok App SDK for Smart Watch is designed to let businesses implement FIDO-based authentication on smartwatches.
By Kelly Sheridan Staff Editor, Dark Reading, 10/22/2019
Comment0 comments  |  Read  |  Post a Comment
Researchers Turn Alexa and Google Home Into Credential Thieves
Dark Reading Staff, Quick Hits
Eight Amazon Alexa and Google Home apps were approved for official app stores even though their actual purposes were eavesdropping and phishing.
By Dark Reading Staff , 10/21/2019
Comment0 comments  |  Read  |  Post a Comment
Older Amazon Devices Subject to Old Wi-Fi Vulnerability
Dark Reading Staff, Quick Hits
The vulnerability in first-generation Echoes and eight-generation Kindles lets an attacker wage man-in-the-middle attacks.
By Dark Reading Staff , 10/17/2019
Comment0 comments  |  Read  |  Post a Comment
IoT Attacks Up Significantly in First Half of 2019
Dark Reading Staff, Quick Hits
New research shows attacks increased ninefold year-over-year, coming from more than a quarter-million unique IP addresses.
By Dark Reading Staff , 10/15/2019
Comment0 comments  |  Read  |  Post a Comment
Why Bricking Vulnerable IoT Devices Comes with Unintended Consequences
Marc Laliberte, Senior Security Analyst, WatchGuard TechnologiesCommentary
Infosec vigilantism can cause serious harm in the era of industrial IoT and connected medical devices.
By Marc Laliberte Senior Security Analyst, WatchGuard Technologies, 10/15/2019
Comment0 comments  |  Read  |  Post a Comment
For Cybersecurity to Be Proactive, Terrains Must Be Mapped
Craig Harber, Chief Technology Officer at Fidelis CybersecurityCommentary
As in any battle, understanding and exploiting the terrain often dictates the outcome.
By Craig Harber Chief Technology Officer at Fidelis Cybersecurity, 10/8/2019
Comment1 Comment  |  Read  |  Post a Comment
How FISMA Requirements Relate to Firmware Security
John Loucaides, Vice President, R&D, EclypsiumCommentary
Federal guidelines can help all organizations pragmatically and meaningfully improve their firmware security.
By John Loucaides Vice President, R&D, Eclypsium, 10/3/2019
Comment0 comments  |  Read  |  Post a Comment
Apple Patches Multiple Vulnerabilities Across Platforms
Dark Reading Staff, Quick Hits
Updates address two separate issues in Apple's desktop and mobile operating systems.
By Dark Reading Staff , 9/27/2019
Comment0 comments  |  Read  |  Post a Comment
Cybersecurity Certification in the Spotlight Again
Robert Lemos, Contributing WriterNews
Swiss technology non-profit group joins others, such as the Obama-era President's Commission, in recommending that certain classes of technology products be tested.
By Robert Lemos Contributing Writer, 9/27/2019
Comment0 comments  |  Read  |  Post a Comment
A Safer IoT Future Must Be a Joint Effort
Sivan Rauscher, CEO & Co-Founder, SAM Seamless NetworkCommentary
We're just at the beginning of an important conversation about the future of our homes and cities, which must involve both consumers and many players in the industry
By Sivan Rauscher CEO & Co-Founder, SAM Seamless Network, 9/20/2019
Comment0 comments  |  Read  |  Post a Comment
California's IoT Security Law Causing Confusion
Robert Lemos, Contributing WriterNews
The law, which goes into effect January 1, requires manufacturers to equip devices with 'reasonable security feature(s).' What that entails is still an open question.
By Robert Lemos Contributing Writer, 9/19/2019
Comment0 comments  |  Read  |  Post a Comment
15K Private Webcams Could Let Attackers View Homes, Businesses
Dark Reading Staff, Quick Hits
Webcams could be potentially accessed and manipulated by anyone with an Internet connection, researchers say.
By Dark Reading Staff , 9/17/2019
Comment0 comments  |  Read  |  Post a Comment
Cartoon Contest: Bedtime Stories
John Klossner, Cartoonist
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
By John Klossner Cartoonist, 9/4/2019
Comment11 comments  |  Read  |  Post a Comment
Securing Our Infrastructure: 3 Steps OEMs Must Take in the IoT Age
Vivek Shah, Senior Product Director at SyncronCommentary
Security has lagged behind adoption of the Internet of Things. The devices hold much promise, but only if a comprehensive security model is constructed.
By Vivek Shah Senior Product Director at Syncron, 8/28/2019
Comment0 comments  |  Read  |  Post a Comment
Unsecured IoT: 8 Ways Hackers Exploit Firmware Vulnerabilities
Terry Dunlap, Co-Founder & Chief Strategy Officer, ReFirm LabsCommentary
As new Internet of Things products enter the market, speed shouldn't trump concerns about security.
By Terry Dunlap Co-Founder & Chief Strategy Officer, ReFirm Labs, 8/27/2019
Comment8 comments  |  Read  |  Post a Comment
Consumers Urged to Secure Their Digital Lives
Robert Lemos, Contributing WriterNews
Security options for consumers improve as Internet of Things devices invade homes and data on consumers proliferates online.
By Robert Lemos Contributing Writer, 8/27/2019
Comment1 Comment  |  Read  |  Post a Comment
Aviation Faces Increasing Cybersecurity Scrutiny
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Some aviation experts and security researchers are trying to foster closer alliances for securing airplane networks.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/22/2019
Comment4 comments  |  Read  |  Post a Comment
VxWorks TCP/IP Stack Vulnerability Poses Major Manufacturing Risk
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A new analysis shows the scale of risk posed by networking vulnerabilities in a popular embedded real-time operating system.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/19/2019
Comment0 comments  |  Read  |  Post a Comment
Behind the Scenes at ICS Village
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
ICS Village co-founder Bryson Bort reveals plans for research-dedicated events that team independent researchers, critical infrastructure owners, and government specialists.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/16/2019
Comment0 comments  |  Read  |  Post a Comment
Apple's New Bounty Program Has Huge Incentives, Big Risks
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Industry observers applaud the program's ability to find exploits but fear unintended consequences.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/13/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by lboettger537
Current Conversations Don't let the (bed) bugs byte.
In reply to: Bugs
Post Your Own Reply
More Conversations
Tor Weaponized to Steal Bitcoin
Dark Reading Staff 10/18/2019
Data Privacy Protections for the Most Vulnerable -- Children
Dimitri Sirota, Founder & CEO of BigID,  10/17/2019
State of SMB Insecurity by the Numbers
Ericka Chickowski, Contributing Writer,  10/17/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-9501
PUBLISHED: 2019-10-22
The Artificial Intelligence theme before 1.2.4 for WordPress has XSS because Genericons HTML files are unnecessarily placed under the web root.
CVE-2019-16971
PUBLISHED: 2019-10-22
In FusionPBX up to 4.5.7, the file app\messages\messages_thread.php uses an unsanitized "contact_uuid" variable coming from the URL, which is reflected on 3 occasions in HTML, leading to XSS.
CVE-2019-16972
PUBLISHED: 2019-10-22
In FusionPBX up to 4.5.7, the file app\contacts\contact_addresses.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.
CVE-2019-16973
PUBLISHED: 2019-10-22
In FusionPBX up to 4.5.7, the file app\contacts\contact_edit.php uses an unsanitized "query_string" variable coming from the URL, which is reflected in HTML, leading to XSS.
CVE-2015-9496
PUBLISHED: 2019-10-22
The freshmail-newsletter plugin before 1.6 for WordPress has shortcode.php SQL Injection via the 'FM_form id=' substring.