Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

News & Commentary
FIDO-Based Authentication Arrives for Smartwatches
Kelly Sheridan, Staff Editor, Dark ReadingNews
The Nok Nok App SDK for Smart Watch is designed to let businesses implement FIDO-based authentication on smartwatches.
By Kelly Sheridan Staff Editor, Dark Reading, 10/22/2019
Comment0 comments  |  Read  |  Post a Comment
How Much Security Is Enough? Practitioners Weigh In
Kelly Sheridan, Staff Editor, Dark ReadingNews
Most IT and security pros surveyed say they could afford some, but not all, of the minimum security needed to protect themselves.
By Kelly Sheridan Staff Editor, Dark Reading, 10/22/2019
Comment0 comments  |  Read  |  Post a Comment
Microsoft Aims to Block Firmware Attacks with New Secured-Core PCs
Kelly Sheridan, Staff Editor, Dark ReadingNews
Partnerships with Intel, Qualcomm, and AMD will bring a new layer of device security that alters the boot process to detect firmware compromise.
By Kelly Sheridan Staff Editor, Dark Reading, 10/21/2019
Comment0 comments  |  Read  |  Post a Comment
In a Crowded Endpoint Security Market, Consolidation Is Underway
Kelly Sheridan, Staff Editor, Dark ReadingNews
Experts examine the drivers pushing today's endpoint security market to consolidate as its many players compete to meet organizations' changing demands and transition to the cloud.
By Kelly Sheridan Staff Editor, Dark Reading, 10/18/2019
Comment0 comments  |  Read  |  Post a Comment
SOC Puppet: Dark Reading Caption Contest Winners
Marilyn Cohodas, Managing Editor, Dark ReadingCommentary
Social engineering, SOC analysts, and Sock puns. And the winners are:
By Marilyn Cohodas Managing Editor, Dark Reading, 10/18/2019
Comment0 comments  |  Read  |  Post a Comment
Phishing Campaign Targets Stripe Credentials, Financial Data
Kelly Sheridan, Staff Editor, Dark ReadingNews
Attackers make use of an old trick and evade detection by blocking users from viewing an embedded link when hovering over the URL.
By Kelly Sheridan Staff Editor, Dark Reading, 10/17/2019
Comment0 comments  |  Read  |  Post a Comment
State of SMB Insecurity by the Numbers
Ericka Chickowski, Contributing Writer
SMBs still perceive themselves at low risk from cyberthreats in spite of attack statistics that paint a different pictur
By Ericka Chickowski Contributing Writer, 10/17/2019
Comment2 comments  |  Read  |  Post a Comment
Smart Prevention: How Every Enterprise Can Create Human Firewalls
Debby Briggs, Chief Security Officer at NETSCOUTCommentary
Organizations of all sizes should include both human firewalls and virtual tools in their cybersecurity budgets.
By Debby Briggs Chief Security Officer at NETSCOUT, 10/17/2019
Comment0 comments  |  Read  |  Post a Comment
Yahoo Breach Victims May Qualify for $358 Payout
Dark Reading Staff, Quick Hits
Pending approval of the settlement, affected account holders may be eligible for a payout or two years of free credit monitoring.
By Dark Reading Staff , 10/17/2019
Comment0 comments  |  Read  |  Post a Comment
Cozy Bear Emerges from Hibernation to Hack EU Ministries
Robert Lemos, Contributing WriterNews
The cyber-espionage group, linked to Russia and blamed for hacking the Democratic National Committee in 2016, has been using covert communications and other techniques to escape detection for at least two years.
By Robert Lemos Contributing Writer, 10/17/2019
Comment0 comments  |  Read  |  Post a Comment
Data Privacy Protections for the Most Vulnerable Children
Dimitri Sirota, Founder & CEO of BigIDCommentary
The business case for why companies that respect the privacy of individuals, and especially minors, will have a strong competitive advantage.
By Dimitri Sirota Founder & CEO of BigID, 10/17/2019
Comment2 comments  |  Read  |  Post a Comment
Schadenfreude Is a Bad Look & Other Observations About Recent Disclosures
James Plouffe, Lead Architect at MobileIronCommentary
The debate about whether Android or iOS is the more inherently secure platform misses the larger issues that both platforms are valuable targets and security today is no guarantee of security tomorrow.
By James Plouffe Lead Architect at MobileIron, 10/16/2019
Comment0 comments  |  Read  |  Post a Comment
Federal CIOs Zero In on Zero Trust
William Peteroy, Chief Technology Officer, Security, at GigamonCommentary
Here's how federal CIOs can begin utilizing the security concept and avoid predictable obstacles.
By William Peteroy Chief Technology Officer, Security, at Gigamon, 10/16/2019
Comment0 comments  |  Read  |  Post a Comment
Sodinokibi Ransomware: Where Attackers' Money Goes
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers following the ransomware variant uncover new data on how much its affiliates earn and where they spend it.
By Kelly Sheridan Staff Editor, Dark Reading, 10/15/2019
Comment1 Comment  |  Read  |  Post a Comment
Symantec Adds Endpoint Security Tool to Revamp Portfolio
Dark Reading Staff, Quick Hits
Symantec Endpoint Security aims to deliver protection, detection, threat hunting, and response in a single tool.
By Dark Reading Staff , 10/15/2019
Comment0 comments  |  Read  |  Post a Comment
Why Bricking Vulnerable IoT Devices Comes with Unintended Consequences
Marc Laliberte, Senior Security Analyst, WatchGuard TechnologiesCommentary
Infosec vigilantism can cause serious harm in the era of industrial IoT and connected medical devices.
By Marc Laliberte Senior Security Analyst, WatchGuard Technologies, 10/15/2019
Comment0 comments  |  Read  |  Post a Comment
Sophos for Sale: Thoma Bravo Offers $3.9B
Kelly Sheridan, Staff Editor, Dark ReadingNews
Sophos' board of directors plans to unanimously recommend the offer to the company's shareholders.
By Kelly Sheridan Staff Editor, Dark Reading, 10/14/2019
Comment0 comments  |  Read  |  Post a Comment
Tamper Protection Arrives for Microsoft Defender ATP
Dark Reading Staff, Quick Hits
The feature, designed to block unauthorized changes to security features, is now generally available.
By Dark Reading Staff , 10/14/2019
Comment0 comments  |  Read  |  Post a Comment
7 SMB Security Tips That Will Keep Your Company Safe
Steve Zurier, Contributing Writer
With National Cybersecurity Awareness Month as a backdrop, industry leaders weigh in on how SMBs can more effectively protect themselves from cyberattacks.
By Steve Zurier Contributing Writer, 10/11/2019
Comment1 Comment  |  Read  |  Post a Comment
iTunes Zero-Day Exploited to Deliver BitPaymer
Kelly Sheridan, Staff Editor, Dark ReadingNews
The ransomware operators targeted an "unquoted path" vulnerability in iTunes for Windows to evade detection and install BitPaymer.
By Kelly Sheridan Staff Editor, Dark Reading, 10/10/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Tor Weaponized to Steal Bitcoin
Dark Reading Staff 10/18/2019
Data Privacy Protections for the Most Vulnerable -- Children
Dimitri Sirota, Founder & CEO of BigID,  10/17/2019
State of SMB Insecurity by the Numbers
Ericka Chickowski, Contributing Writer,  10/17/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-9501
PUBLISHED: 2019-10-22
The Artificial Intelligence theme before 1.2.4 for WordPress has XSS because Genericons HTML files are unnecessarily placed under the web root.
CVE-2019-16971
PUBLISHED: 2019-10-22
In FusionPBX up to 4.5.7, the file app\messages\messages_thread.php uses an unsanitized "contact_uuid" variable coming from the URL, which is reflected on 3 occasions in HTML, leading to XSS.
CVE-2019-16972
PUBLISHED: 2019-10-22
In FusionPBX up to 4.5.7, the file app\contacts\contact_addresses.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.
CVE-2019-16973
PUBLISHED: 2019-10-22
In FusionPBX up to 4.5.7, the file app\contacts\contact_edit.php uses an unsanitized "query_string" variable coming from the URL, which is reflected in HTML, leading to XSS.
CVE-2015-9496
PUBLISHED: 2019-10-22
The freshmail-newsletter plugin before 1.6 for WordPress has shortcode.php SQL Injection via the 'FM_form id=' substring.