Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

News & Commentary
Wanted: The (Elusive) Cybersecurity 'All-Star'
Steve Zurier, Contributing WriterNews
Separate workforce studies by (ISC) and ISACA point to the need for security departments to work with existing staff to identify needs and bring entry-level people into the field.
By Steve Zurier Contributing Writer, 5/5/2021
Comment1 Comment  |  Read  |  Post a Comment
Will 2021 Mark the End of World Password Day?
Jake Madders, Director, Hyve Managed HostingCommentary
We might be leaving the world of mandatory asterisks and interrobangs behind for good.
By Jake Madders Director, Hyve Managed Hosting, 5/5/2021
Comment0 comments  |  Read  |  Post a Comment
Newer Generic Top-Level Domains a Security 'Nuisance'
Jai Vijayan, Contributing WriterNews
Ten years of passive DNS data shows classic TLDs such as .com and .net dominate newer TLDs in popularity and use.
By Jai Vijayan Contributing Writer, 5/4/2021
Comment0 comments  |  Read  |  Post a Comment
Scripps Health Responds to Cyberattack
Dark Reading Staff, Quick Hits
The health care system says it has suspended access to patient portals and other applications related to operations at Scripps facilities.
By Dark Reading Staff , 5/4/2021
Comment0 comments  |  Read  |  Post a Comment
Researchers Explore Active Directory Attack Vectors
Kelly Sheridan, Staff Editor, Dark ReadingNews
Incident responders who investigate attacks targeting Active Directory discuss methods used to gain entry, elevate privileges, and control target systems.
By Kelly Sheridan Staff Editor, Dark Reading, 5/3/2021
Comment0 comments  |  Read  |  Post a Comment
Buer Malware Variant Rewritten in Rust Programming Language
Dark Reading Staff, Quick Hits
Researchers suggest a few reasons why operators rewrote Buer in an entirely new language
By Dark Reading Staff , 5/3/2021
Comment0 comments  |  Read  |  Post a Comment
Dark Reading Celebrates 15th Anniversary
Tim Wilson, Editor in Chief, Dark Reading, Commentary
Cybersecurity news site begins 16th year with plans to improve site, deliver more content on cyber threats and best practices.
By Tim Wilson, Editor in Chief, Dark Reading , 5/3/2021
Comment0 comments  |  Read  |  Post a Comment
Stopping the Next SolarWinds Requires Doing Something Different
Tony Cole, CTO at Attivo NetworksCommentary
Will the SolarWinds breach finally prompt the right legislative and regulatory actions on a broader, more effective scale?
By Tony Cole CTO at Attivo Networks, 5/3/2021
Comment2 comments  |  Read  |  Post a Comment
Ransomware Task Force Publishes Framework to Fight Global Threat
Kelly Sheridan, Staff Editor, Dark ReadingNews
An 81-page report details how ransomware has evolved, along with recommendations on how to deter attacks and disrupt its business model.
By Kelly Sheridan Staff Editor, Dark Reading, 4/30/2021
Comment0 comments  |  Read  |  Post a Comment
New Threat Group Carrying Out Aggressive Ransomware Campaign
Jai Vijayan, Contributing WriterNews
UNC2447 observed targeting now-patched vulnerability in SonicWall VPN.
By Jai Vijayan Contributing Writer, 4/30/2021
Comment0 comments  |  Read  |  Post a Comment
MITRE Adds MacOS, More Data Types to ATT&CK Framework
Robert Lemos, Contributing WriterNews
Version 9 of the popular threat matrix will improve support for a variety of platforms, including cloud infrastructure.
By Robert Lemos Contributing Writer, 4/30/2021
Comment0 comments  |  Read  |  Post a Comment
Survey Finds Broad Concern Over Third-Party App Providers Post-SolarWinds
Dark Reading Staff, Quick Hits
Most IT and cybersecurity professionals think security is important enough to delay deployment of applications, survey data shows.
By Dark Reading Staff , 4/30/2021
Comment0 comments  |  Read  |  Post a Comment
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer
Security pros may be working with a false sense of security. We explore seven places where old methods and techniques have to change to keep their organizations safe.
By Steve Zurier Contributing Writer, 4/30/2021
Comment1 Comment  |  Read  |  Post a Comment
API Hole on Experian Partner Site Exposes Credit Scores
Dark Reading Staff, Quick Hits
Student researcher is concerned security gap may exist on many other sites.
By Dark Reading Staff , 4/29/2021
Comment0 comments  |  Read  |  Post a Comment
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark ReadingNews
The FluBot Android malware has spread throughout several European countries through an SMS package delivery scam.
By Kelly Sheridan Staff Editor, Dark Reading, 4/28/2021
Comment0 comments  |  Read  |  Post a Comment
74% of Financial Institutions See Spike in COVID-Related Threats
Dark Reading Staff, Quick Hits
Financial losses have also increased among organizations in the last year, with the average cost reaching $720,000.
By Dark Reading Staff , 4/28/2021
Comment0 comments  |  Read  |  Post a Comment
FBI Works With 'Have I Been Pwned' to Notify Emotet Victims
Dark Reading Staff, Quick Hits
Officials shared 4.3 million email addresses with the HIBP website to help inform companies and individuals if Emotet compromised their accounts.
By Dark Reading Staff , 4/28/2021
Comment0 comments  |  Read  |  Post a Comment
Is Your Cloud Raining Sensitive Data?
Or Azarzar, CTO & Co-Founder of LightspinCommentary
Learn common Kubernetes vulnerabilities and ways to avoid them.
By Or Azarzar CTO & Co-Founder of Lightspin, 4/28/2021
Comment0 comments  |  Read  |  Post a Comment
Do Cyberattacks Affect Stock Prices? It Depends on the Breach
Kelly Sheridan, Staff Editor, Dark ReadingNews
A security researcher explores how data breaches, ransomware attacks, and other types of cybercrime influence stock prices.
By Kelly Sheridan Staff Editor, Dark Reading, 4/27/2021
Comment0 comments  |  Read  |  Post a Comment
Emotet Malware Uninstalled From Infected Devices
Dark Reading Staff, Quick Hits
A law enforcement update deployed to compromised machines in January has been pushed, effectively removing the malware.
By Dark Reading Staff , 4/27/2021
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by etaymaor
Current Conversations Good read
In reply to: Good read!
Post Your Own Reply
More Conversations
PR Newswire
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-24259
PUBLISHED: 2021-05-05
The “Elementor Addon Elements� WordPress Plugin before 1.11.2 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
CVE-2021-24260
PUBLISHED: 2021-05-05
The “Livemesh Addons for Elementor� WordPress Plugin before 6.8 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
CVE-2021-24261
PUBLISHED: 2021-05-05
The “HT Mega – Absolute Addons for Elementor Page Builder� WordPress Plugin before 1.5.7 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by ...
CVE-2021-24262
PUBLISHED: 2021-05-05
The “WooLentor – WooCommerce Elementor Addons + Builder� WordPress Plugin before 1.8.6 has a widget that is vulnerable to stored Cross-Site Scripting (XSS) by lower-priv...
CVE-2021-24263
PUBLISHED: 2021-05-05
The “Elementor Addons – PowerPack Addons for Elementor� WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scriptin...