Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

6 Lessons IT Security Can Learn From DevOps
Ransomware Red Flags: 7 Signs You're About to Get Hit
MFA Mistakes: 6 Ways to Screw Up Multifactor Authentication
The Threat from the Internet--and What Your Organization Can Do About It
COVID-19: Latest Security News & Commentary
News & Commentary
Don't Fall for It! Defending Against Deepfakes
Curtis Franklin Jr., Senior Editor at Dark Reading
Detecting doctored media has become tricky -- and risky -- business. Here's how organizations can better protect themselves from fake video, audio, and other forms of content.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 9/17/2020
Comment0 comments  |  Read  |  Post a Comment
Indictments Unlikely to Deter China's APT41 Activity
Jai Vijayan, Contributing WriterNews
So far, at least, the threat group has not let public scrutiny slow it down, security researchers say.
By Jai Vijayan Contributing Writer, 9/17/2020
Comment0 comments  |  Read  |  Post a Comment
Iranian Hackers Indicted for Stealing Aerospace & Satellite Tracking Data
Kelly Sheridan, Staff Editor, Dark ReadingNews
Also, the US Treasury sanctioned Iranian attack group APT39 following a years-long malware campaign.
By Kelly Sheridan Staff Editor, Dark Reading, 9/17/2020
Comment0 comments  |  Read  |  Post a Comment
Ransomware Gone Awry Has Fatal Consequences
Dark Reading Staff, Quick Hits
An attack that knocked hospital systems offline reportedly ends in death for patient who had to be sent to another facility.
By Dark Reading Staff , 9/17/2020
Comment0 comments  |  Read  |  Post a Comment
Sumo Logic IPO Prices Higher Than Expected
Kelly Sheridan, Staff Editor, Dark ReadingNews
Co-founder and CTO Christian Beedgen explains what this means for the future of the cloud-based data analytics company.
By Kelly Sheridan Staff Editor, Dark Reading, 9/17/2020
Comment0 comments  |  Read  |  Post a Comment
Time for CEOs to Stop Enabling China's Blatant IP Theft
Eric Noonan, CEO, CyberSheathCommentary
Protecting intellectual property in the name of US economic and national security should be part of every company's fiduciary duty.
By Eric Noonan CEO, CyberSheath, 9/17/2020
Comment0 comments  |  Read  |  Post a Comment
Struggling to Secure Remote IT? 3 Lessons from the Office
Chris Hallenbeck, CISO for the Americas at TaniumCommentary
The great remote work experiment has exacerbated existing challenges and exposed new gaps, but there are things to be learned from office challenges.
By Chris Hallenbeck CISO for the Americas at Tanium, 9/17/2020
Comment0 comments  |  Read  |  Post a Comment
COVID-19: Latest Security News & Commentary
Dark Reading Staff, News
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
By Dark Reading Staff , 9/17/2020
Comment22 comments  |  Read  |  Post a Comment
What's on Your Enterprise Network? You Might Be Surprised
Jai Vijayan, Contributing WriterNews
The strangest connected devices are showing up, and the threats they pose to security should not be overlooked.
By Jai Vijayan Contributing Writer, 9/16/2020
Comment0 comments  |  Read  |  Post a Comment
Likely Links Emerge Between Lazarus Group and Russian-Speaking Cybercriminals
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers examine security incidents over the past several years that seemingly connect North Korea's Lazarus Group with Russian-speaking attackers.
By Kelly Sheridan Staff Editor, Dark Reading, 9/16/2020
Comment0 comments  |  Read  |  Post a Comment
DDoS Attacks Rose 151% in First Half of 2020
Curtis Franklin Jr., Senior Editor at Dark ReadingQuick Hits
Attacks grew in number, size, and sophistication as the coronavirus pandemic took hold.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 9/16/2020
Comment0 comments  |  Read  |  Post a Comment
h2c Smuggling: A New 'Devastating' Kind of HTTP Request
Seth Rosenblatt, Contributing Writer
The newly discovered form of HTTP request smuggling could have widespread impact because any proxy can be affected, researchers say. Here's what infosec pros should know.
By Seth Rosenblatt Contributing Writer, 9/16/2020
Comment0 comments  |  Read  |  Post a Comment
Most Organizations Plan to Make COVID-19 Changes Permanent
Steve Zurier, Contributing WriterNews
After the pandemic, companies will continue to invest in improving IT infrastructure and security as well as automate tasks to reduce errors and improve network resiliency.
By Steve Zurier Contributing Writer, 9/16/2020
Comment0 comments  |  Read  |  Post a Comment
US Charges Five Members of China-Linked APT41 for Global Attacks
Dark Reading Staff, Quick Hits
The five Chinese nationals are among seven defendants arrested for intrusion campaigns into more than 100 organizations, the DoJ reports.
By Dark Reading Staff , 9/16/2020
Comment0 comments  |  Read  |  Post a Comment
8 Reasons Perimeter Security Alone Won't Protect Your Crown Jewels
Juan Pablo Perez-Etchegoyen, CTO, OnapsisCommentary
Most firewalls and security devices effectively protect systems and data, but are they enough to safeguard business-critical applications?
By Juan Pablo Perez-Etchegoyen CTO, Onapsis, 9/16/2020
Comment0 comments  |  Read  |  Post a Comment
CISA Joins MITRE to Issue Vulnerability Identifiers
Robert Lemos, Contributing WriterNews
The Cybersecurity and Infrastructure Security Agency will become a peer of MITRE in the CVE program, likely leading to continued increases in disclosed vulnerabilities.
By Robert Lemos Contributing Writer, 9/16/2020
Comment0 comments  |  Read  |  Post a Comment
Meet the Computer Scientist Who Helped Push for Paper Ballots
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Security Pro File: Award-winning computer scientist and electronic voting expert Barbara Simons chats up her pioneering days in computer programming, paper-ballot backups, Internet voting, math, and sushi.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 9/16/2020
Comment0 comments  |  Read  |  Post a Comment
Cybersecurity Bounces Back, but Talent Still Absent
Simone Petrella, Chief Executive Officer, CyberVistaCommentary
While the demand for cybersecurity talent rebounds, organizations will need to focus on cyber-enabled roles to fill immediate skills gaps.
By Simone Petrella Chief Executive Officer, CyberVista, 9/16/2020
Comment1 Comment  |  Read  |  Post a Comment
Rethinking Resilience: Tips for Your Disaster Recovery Plan
Kelly Sheridan, Staff Editor, Dark ReadingNews
As more organizations face disruptions, a defined approach to recovery is imperative so they can successfully recover, experts say.
By Kelly Sheridan Staff Editor, Dark Reading, 9/15/2020
Comment0 comments  |  Read  |  Post a Comment
More Cyberattacks in the First Half of 2020 Than in All of 2019
Jai Vijayan, Contributing WriterNews
The pandemic-related shift to remote work and the growing availability of ransomware-as-a-service were two major drivers, CrowdStrike says.
By Jai Vijayan Contributing Writer, 9/15/2020
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Security Now Joins Dark Reading

Find out more about the combination of two of the industry's leading cybersecurity news sites.

Detecting doctored media has become tricky -- and risky -- business. Here's how organizations can better protect themselves from fake video, audio, and other forms of content.
The newly discovered form of HTTP request smuggling could have widespread impact because any proxy can be affected, researchers say. Here's what infosec pros should know.
Without the right reinforcements, you could be barking at the moon.
Register for Dark Reading Newsletters
Cartoon
White Papers
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5605
PUBLISHED: 2020-09-18
Directory traversal vulnerability in WHR-G54S firmware 1.43 and earlier allows an attacker to access sensitive information such as setting values via unspecified vectors.
CVE-2020-5606
PUBLISHED: 2020-09-18
Cross-site scripting vulnerability in WHR-G54S firmware 1.43 and earlier allows remote attackers to inject arbitrary script via a specially crafted page.
CVE-2020-5628
PUBLISHED: 2020-09-18
UNIQLO App for Android versions 7.3.3 and earlier allows remote attackers to lead a user to access an arbitrary website via the vulnerable App. As a result, if the access destination is a malicious website, the user may fall victim to the social engineering attack.
CVE-2020-5629
PUBLISHED: 2020-09-18
UNIQLO App for Android versions 7.3.3 and earlier allows remote attackers to lead a user to access an arbitrary website via a malicious App created by the third party. As a result, if the access destination is a malicious website, the user may fall victim to the social engineering attack.
CVE-2020-25756
PUBLISHED: 2020-09-18
** DISPUTED ** A buffer overflow vulnerability exists in the mg_get_http_header function in Cesanta Mongoose 6.18 due to a lack of bounds checking. A crafted HTTP header can exploit this bug. NOTE: a committer has stated "this will not happen in practice."
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Flash Poll
Video
Slideshows
Twitter Feed