Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

News & Commentary
What Happens If Time Gets Hacked
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Renowned hardware security expert raises alarm on the risk and dangers of cyberattackers targeting the current time-synchronization infrastructure.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 11/11/2021
Comment0 comments  |  Read  |  Post a Comment
Who's In Your Wallet? Exploring Mobile Wallet Security
Kelly Sheridan, Staff Editor, Dark ReadingNews
Security flaws in contactless payments for transportation systems could lead to fraud for stolen devices, researchers find.
By Kelly Sheridan Staff Editor, Dark Reading, 10/25/2021
Comment0 comments  |  Read  |  Post a Comment
Research Highlights Significant Evolution in Email Security
Rik Turner, Principal Analyst, Emerging Technologies, OmdiaCommentary
Email security is in transition, from on-premises to the cloud, from inline to API-based, and from stand-alone to integrated into XDR. New research from Omdia highlights where the market is today, and where it is heading.
By Rik Turner Principal Analyst, Emerging Technologies, Omdia, 9/27/2021
Comment0 comments  |  Read  |  Post a Comment
Why Supply Chain Attacks Are Destined to Escalate
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
In his keynote address at Black Hat USA on Wednesday, Matt Tait, chief operating officer at Corellium, called for software platform vendors and security researchers to do their part to thwart the fallout of software supply chain compromises.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/5/2021
Comment0 comments  |  Read  |  Post a Comment
NSO Group Spyware Used On Journalists & Activists Worldwide
Dark Reading Staff, Quick Hits
An investigation finds Pegasus spyware, intended for use on criminals and terrorists, has been used in targeted campaigns against others around the world.
By Dark Reading Staff , 7/19/2021
Comment0 comments  |  Read  |  Post a Comment
Microsoft: Israeli Firm's Tools Used to Target Activists, Dissidents
Kelly Sheridan, Staff Editor, Dark ReadingNews
Candiru sold spyware that exploited Windows vulnerabilities and had been used in attacks against dissidents, activists, and journalists.
By Kelly Sheridan Staff Editor, Dark Reading, 7/15/2021
Comment0 comments  |  Read  |  Post a Comment
IoT-Specific Malware Infections Jumped 700% Amid Pandemic
Dark Reading Staff, Quick Hits
Gafgyt and Mirai malware represented majority of IoT malware, new data from Zscaler shows.
By Dark Reading Staff , 7/15/2021
Comment0 comments  |  Read  |  Post a Comment
Why We Need to Raise the Red Flag Against FragAttacks
Amichai Shulman, CTO and Co-founder of AirEyeCommentary
Proliferation of wireless devices increases the risk that corporate networks will be attacked with this newly discovered breed of Wi-Fi-based cyber assault.
By Amichai Shulman CTO and Co-founder of AirEye, 7/13/2021
Comment0 comments  |  Read  |  Post a Comment
Cartoon Caption Winner: Sight Unseen
John Klossner, CartoonistCommentary
And the winner of Dark Reading's June contest is ...
By John Klossner Cartoonist, 7/9/2021
Comment0 comments  |  Read  |  Post a Comment
Fake Android Apps Promise Cryptomining Services to Steal Funds
Dark Reading Staff, Quick Hits
Researchers discover more than 170 Android apps that advertise cloud cryptocurrency mining services and fail to deliver.
By Dark Reading Staff , 7/7/2021
Comment0 comments  |  Read  |  Post a Comment
Secured-Core PCs May Mitigate Firmware Attacks, but Adoption Lags
Robert Lemos, Contributing WriterNews
Microsoft maintains that exploitation of recent Dell vulnerabilities would be blocked on ultra-secure PCs - but most systems do not have the technology yet.
By Robert Lemos Contributing Writer, 7/2/2021
Comment0 comments  |  Read  |  Post a Comment
Amazon Acquires Secure Messaging Platform Wickr
Dark Reading Staff, Quick Hits
AWS CISO Stephen Schmidt says the acquisition is strategic amid the proliferation of remote work.
By Dark Reading Staff , 6/25/2021
Comment0 comments  |  Read  |  Post a Comment
Survey Seeks to Learn How 2020 Changed Security
Dark Reading Staff, Quick Hits
Respondents to a new Dark Reading/Omdia survey will be entered into a drawing for a Black Hat Black Card.
By Dark Reading Staff , 6/23/2021
Comment0 comments  |  Read  |  Post a Comment
Name That Toon: Sight Unseen
John Klossner, CartoonistCommentary
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
By John Klossner Cartoonist, 6/14/2021
Comment11 comments  |  Read  |  Post a Comment
Many Mobile Apps Intentionally Using Insecure Connections for Sending Data
Jai Vijayan, Contributing WriterNews
A new analysis of iOS and Android apps released to Apple's and Google's app stores over the past five years found many to be deliberately breaking HTTPS protections.
By Jai Vijayan Contributing Writer, 6/11/2021
Comment0 comments  |  Read  |  Post a Comment
Healthcare Device Security Firm COO Charged With Hacking Medical Center
Dark Reading Staff, Quick Hits
Vikas Singla, chief operating officer of security firm that provides products and services to the healthcare industry, faces charges surrounding a cyberattack he allegedly conducted against Duluth, Ga.-based Gwinnett Medical Center.
By Dark Reading Staff , 6/10/2021
Comment0 comments  |  Read  |  Post a Comment
New Security Event @Hack to Take Place in Saudi Arabia
Dark Reading Staff, Quick Hits
The Saudi Federation of Cybersecurity, Programming, and Drones (SAFCSP) and Informa Tech will launch a multi-day event in Riyadh this November.
By Dark Reading Staff , 6/9/2021
Comment0 comments  |  Read  |  Post a Comment
FBI Issued Encrypted Devices to Capture Criminals
Dark Reading Staff, Quick Hits
A sting operation delivered devices into the hands of global criminals and used the intelligence gathered to stop drug crimes.
By Dark Reading Staff , 6/8/2021
Comment0 comments  |  Read  |  Post a Comment
Cartoon Caption Winner: Road Trip
John Klossner, CartoonistCommentary
And the winner of Dark Reading's cartoon caption contest is ...
By John Klossner Cartoonist, 6/7/2021
Comment0 comments  |  Read  |  Post a Comment
Most Mobile Apps Can Be Compromised in 15 Minutes or Less
Alan Bavosa, VP, Security Products, at AppdomeCommentary
In the name of releasing apps quickly and delivering a smooth user experience, mobile app security is often given short shrift.
By Alan Bavosa VP, Security Products, at Appdome, 5/28/2021
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Developing and Testing an Effective Breach Response Plan
Whether or not a data breach is a disaster for the organization depends on the security team's response and that is based on how the team developed a breach response plan beforehand and if it was thoroughly tested. Inside this report, experts share how to: -understand the technical environment, -determine what types of incidents would trigger the plan, -know which stakeholders need to be notified and how to do so, -develop steps to contain the breach, collect evidence, and initiate recovery.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-46411
PUBLISHED: 2022-12-04
An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. A default password is persisted after installation and may be discovered and used to escalate privileges.
CVE-2022-46412
PUBLISHED: 2022-12-04
An issue was discovered in Veritas NetBackup Flex Scale through 3.0. A non-privileged user may escape a restricted shell and execute privileged commands.
CVE-2022-46413
PUBLISHED: 2022-12-04
An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. Authenticated remote command execution can occur via the management portal.
CVE-2022-46414
PUBLISHED: 2022-12-04
An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. Unauthenticated remote command execution can occur via the management portal.
CVE-2022-44721
PUBLISHED: 2022-12-04
CrowdStrike Falcon 6.44.15806 allows an administrative attacker to uninstall Falcon Sensor, bypassing the intended protection mechanism in which uninstallation requires possessing a one-time token. (The sensor is managed at the kernel level.)