Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

10 Tips for Maintaining Information Security During Layoffs
What Usability Means to Security Pros
RATs 101: The Grimy Trojans That Scurry Through Remote Access Pipes
Name That Toon: Return to the New Normal
COVID-19: Latest Security News & Commentary
News & Commentary
Q&A: Eugene Spafford on the Risks of Internet Voting
Jai Vijayan, Contributing WriterNews
Allowing people to cast their ballots online to circumvent coronavirus-related health concerns introduces problems that we simply don't know how to manage, says the Purdue University professor and security leader.
By Jai Vijayan Contributing Writer, 6/5/2020
Comment0 comments  |  Read  |  Post a Comment
Spear-Phishing Campaign Hits Developer Collaboration System Users
Dark Reading Staff, Quick Hits
Users of Zeplin, a popular developer and designer collaboration system, have been hit with new waves of spear-phishing attacks in the last month.
By Dark Reading Staff , 6/5/2020
Comment0 comments  |  Read  |  Post a Comment
Name That Toon: Sign of the Tides
John Klossner, Cartoonist
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
By John Klossner Cartoonist, 6/5/2020
Comment4 comments  |  Read  |  Post a Comment
Local, State Governments Face Cybersecurity Crisis
Robert Lemos, Contributing WriterNews
Ransomware hit small government organizations hard in 2019. Now they have to deal with budget cuts, pandemic precautions, social unrest, and the coming election cycle.
By Robert Lemos Contributing Writer, 6/5/2020
Comment0 comments  |  Read  |  Post a Comment
The Privacy & Security Outlook for Businesses Post-COVID-19
Aaron Shum, Practice Lead - Security, Privacy, Risk & Compliance, Info-Tech Research GroupCommentary
Long-term business needs -- and the ethical implications that result -- don't simply go away just because we're navigating a global health crisis.
By Aaron Shum Practice Lead - Security, Privacy, Risk & Compliance, Info-Tech Research Group, 6/5/2020
Comment0 comments  |  Read  |  Post a Comment
COVID-19: Latest Security News & Commentary
Dark Reading Staff, News
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
By Dark Reading Staff , 6/5/2020
Comment11 comments  |  Read  |  Post a Comment
New 'Tycoon' Ransomware Strain Targets Windows, Linux
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers say Tycoon ransomware, which has targeted software and educational institutions, has a few traits they haven't seen before.
By Kelly Sheridan Staff Editor, Dark Reading, 6/4/2020
Comment0 comments  |  Read  |  Post a Comment
Malware Campaign Hides in Resumes and Medical Leave Forms
Dark Reading Staff, Quick Hits
The campaigns have been part of the overall increase in coronavirus-related malware activity.
By Dark Reading Staff , 6/4/2020
Comment0 comments  |  Read  |  Post a Comment
Strengthening Secure Information Sharing Through Technology & Standards
Ameesh Divatia, Co-Founder & CEO of BaffleCommentary
How data sharing, innovation, and regulatory standardization can make it easier for organizations to both contribute and consume critical threat intelligence.
By Ameesh Divatia Co-Founder & CEO of Baffle, 6/4/2020
Comment1 Comment  |  Read  |  Post a Comment
Microsoft Office Files Most Popular for Exploit Tests
Dark Reading Staff, Quick Hits
A new report examines attacker methodologies to better understand how exploit testing is conducted in the wild.
By Dark Reading Staff , 6/4/2020
Comment0 comments  |  Read  |  Post a Comment
Could Automation Kill the Security Analyst?
Corin Imai, Senior Security Advisor, DomainToolsCommentary
Five skills to ensure job security in the Age of Automation.
By Corin Imai Senior Security Advisor, DomainTools, 6/4/2020
Comment0 comments  |  Read  |  Post a Comment
What Usability Means to Security Pros
Ericka Chickowski, Contributing Writer
The last thing cybersecurity executives and practitioners need are even more tools that are difficult to operate. Here's what they look for when assessing new tools.
By Ericka Chickowski Contributing Writer, 6/4/2020
Comment1 Comment  |  Read  |  Post a Comment
Kaspersky IDs Sophisticated New Malware Targeted at Air-Gapped Systems
Jai Vijayan, Contributing WriterNews
'USBCulprit' is one of several tools that suggest previously known Cycldek group is more dangerous than previous assumed, security vendor says.
By Jai Vijayan Contributing Writer, 6/3/2020
Comment0 comments  |  Read  |  Post a Comment
RATs 101: The Grimy Trojans That Scurry Through Remote Access Pipes
Curtis Franklin Jr., Senior Editor at Dark Reading
Remote Access Trojans (RATs) can be the beginning of very bad things on your network or workstations.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/3/2020
Comment0 comments  |  Read  |  Post a Comment
Google Faces $5B Lawsuit for Tracking Users in Incognito Mode
Dark Reading Staff, Quick Hits
A proposed class-action lawsuit accuses Google of collecting browser data from people who used "private" mode.
By Dark Reading Staff , 6/3/2020
Comment0 comments  |  Read  |  Post a Comment
Chasing RobbinHood: Up Close with an Evolving Threat
Kelly Sheridan, Staff Editor, Dark ReadingNews
A security researcher details how RobbinHood has changed and why it remains a threat for businesses to watch.
By Kelly Sheridan Staff Editor, Dark Reading, 6/3/2020
Comment0 comments  |  Read  |  Post a Comment
Old Spreadsheet Macro Tech Newly Popular with Criminals
Dark Reading Staff, Quick Hits
A 30-year-old macro technology for Microsoft Excel is finding new popularity as a cybersecurity attack vector.
By Dark Reading Staff , 6/3/2020
Comment0 comments  |  Read  |  Post a Comment
What Government Contractors Need to Know About NIST, DFARS Password Reqs
Raz Rafaeli, CEO and Co-Founder at Secret Double OctopusCommentary
Organizations that fail to comply with these rules can get hit with backbreaking fines and class-action lawsuits.
By Raz Rafaeli CEO and Co-Founder at Secret Double Octopus, 6/3/2020
Comment0 comments  |  Read  |  Post a Comment
Many Exchange Servers Are Still Vulnerable to Remote Exploit
Robert Lemos, Contributing WriterNews
A privilege-escalation vulnerability patched in February by Microsoft continues to affect Exchange servers, with more than 80% of Internet-connected servers remaining vulnerable, one firm reports.
By Robert Lemos Contributing Writer, 6/3/2020
Comment0 comments  |  Read  |  Post a Comment
Social Distancing for Healthcare's IoT Devices
Ori Bach, CEO of TrapX SecurityCommentary
Security pros need to double down around prevention of lateral movement by attackers, especially if IoT devices are connected to the network.
By Ori Bach CEO of TrapX Security, 6/3/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Security Now Joins Dark Reading

Find out more about the combination of two of the industry's leading cybersecurity news sites.

edge
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
Remote Access Trojans (RATs) can be the beginning of very bad things on your network or workstations.
Insider cyberthreats are always an issue during layoffs -- but with record numbers of home-office workers heading for the unemployment line, it has never been harder to maintain cybersecurity during offboarding.
Register for Dark Reading Newsletters
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
White Papers
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13897
PUBLISHED: 2020-06-07
HESK before 3.1.10 allows reflected XSS.
CVE-2020-13894
PUBLISHED: 2020-06-07
handler/upload_handler.jsp in DEXT5 Editor through 3.5.1402961 allows an attacker to download arbitrary files via the savefilepath field.
CVE-2020-13895
PUBLISHED: 2020-06-07
Crypt::Perl::ECDSA in the Crypt::Perl (aka p5-Crypt-Perl) module before 0.32 for Perl fails to verify correct ECDSA signatures when r and s are small and when s = 1. This happens when using the curve secp256r1 (prime256v1). This could conceivably have a security-relevant impact if an attacker wishes...
CVE-2020-13890
PUBLISHED: 2020-06-06
The Neon theme 2.0 before 2020-06-03 for Bootstrap allows XSS via an Add Task Input operation in a dashboard.
CVE-2020-13889
PUBLISHED: 2020-06-06
showAlert() in the administration panel in Bludit 3.12.0 allows XSS.
Flash Poll
Video
Slideshows
Twitter Feed