Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint //


News & Commentary
Making Sense of EARN IT & LAED Bills' Implications for Crypto
Seth Rosenblatt, Contributing WriterNews
After Senate Judiciary Committee pushes EARN IT Act a step closer to ratification, raising further concerns for privacy advocates, here's what to know.
By Seth Rosenblatt Contributing Writer, 7/2/2020
Comment0 comments  |  Read  |  Post a Comment
Considerations for Seamless CCPA Compliance
Anurag Kahol, CTO, BitglassCommentary
Three steps to better serve consumers, ensure maximum security, and achieve compliance with the California Consumer Privacy Act.
By Anurag Kahol CTO, Bitglass, 7/2/2020
Comment1 Comment  |  Read  |  Post a Comment
Employees Say They're Working From Home Without Security Guidance
Dark Reading Staff, Quick Hits
Working from home is new for many enterprise employees, yet many say they've received little in the way of new training or technology to keep them safe.
By Dark Reading Staff , 6/22/2020
Comment2 comments  |  Read  |  Post a Comment
Zoom Changes Course on End-to-End Encryption
Dark Reading Staff, Quick Hits
The videoconferencing company now says it will offer end-to-end encryption to all users beginning in July.
By Dark Reading Staff , 6/17/2020
Comment0 comments  |  Read  |  Post a Comment
3 Things Wilderness Survival Can Teach Us About Email Security
Dean Coclin, Senior Director, Business Development at DigiCertCommentary
It's a short hop from shows like 'Naked and Afraid' and 'Alone' to your email server and how you secure it
By Dean Coclin Senior Director, Business Development at DigiCert, 6/17/2020
Comment0 comments  |  Read  |  Post a Comment
The Telehealth Attack Surface
Justine Bone, CEO, MedSecCommentary
Amid the surge in digital healthcare stemming from the coronavirus pandemic, security is taking a backseat to usability.
By Justine Bone CEO, MedSec, 6/10/2020
Comment1 Comment  |  Read  |  Post a Comment
CSO's Guide to 'Employee-First' Security Operations During COVID-19 & Beyond
George Gerchow, Chief Security Officer, Sumo LogicCommentary
As the work-at-home environment continues to inform new ways of doing business, it's important that security teams remain flexible and ready for change.
By George Gerchow Chief Security Officer, Sumo Logic, 6/9/2020
Comment0 comments  |  Read  |  Post a Comment
The Privacy & Security Outlook for Businesses Post-COVID-19
Aaron Shum, Practice Lead - Security, Privacy, Risk & Compliance, Info-Tech Research GroupCommentary
Long-term business needs -- and the ethical implications that result -- don't simply go away just because we're navigating a global health crisis.
By Aaron Shum Practice Lead - Security, Privacy, Risk & Compliance, Info-Tech Research Group, 6/5/2020
Comment0 comments  |  Read  |  Post a Comment
Google Faces $5B Lawsuit for Tracking Users in Incognito Mode
Dark Reading Staff, Quick Hits
A proposed class-action lawsuit accuses Google of collecting browser data from people who used "private" mode.
By Dark Reading Staff , 6/3/2020
Comment0 comments  |  Read  |  Post a Comment
All Links Are Safe ... Right?
Beyond the Edge, Dark Reading
Today is a perfect day for a security breach.
By Beyond the Edge Dark Reading, 5/29/2020
Comment0 comments  |  Read  |  Post a Comment
GDPR Enforcement Loosens Amid Pandemic
Seth Rosenblatt, Contributing WriterNews
The European Union has given some organizations more breathing room to remedy violations, yet no one should think regulators are planning to abandon the privacy legislation in the face of COVID-19.
By Seth Rosenblatt Contributing Writer, 5/27/2020
Comment3 comments  |  Read  |  Post a Comment
The Entertainment Biz Is Changing, but the Cybersecurity Script Is One We've Read Before
Joan Goodchild, Contributing Writer
Several A-list celebrities have found themselves at the center of a ransomware attack -- and it's certainly not the first time hackers have gone after them or the entertainment industry. What are security pros doing wrong?
By Joan Goodchild Contributing Writer, 5/15/2020
Comment0 comments  |  Read  |  Post a Comment
Biometrics in the Great Beyond
Curtis Franklin Jr., Senior Editor at Dark Reading
A thumbprint may be a good authentication factor for the living, but are you prepared to access mission-critical data and devices after an employee's death?
By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/13/2020
Comment0 comments  |  Read  |  Post a Comment
The Problem with Automating Data Privacy Technology
Chris Babel, CEO, TrustArcCommentary
Managing complex and nuanced consumer rights requests presents a unique challenge for enterprises in today's regulated world of GDPR and CCPA. Here's why.
By Chris Babel CEO, TrustArc, 5/13/2020
Comment0 comments  |  Read  |  Post a Comment
Coronavirus, Data Privacy & the New Online Social Contract
Shuman Ghosemajumder, Global Head of Artificial Intelligence, F5 NetworksCommentary
How governments can protect personal privacy in contact tracing while saving peoples' lives
By Shuman Ghosemajumder Global Head of Artificial Intelligence, F5 Networks, 5/12/2020
Comment0 comments  |  Read  |  Post a Comment
Mac RAT Rides 2FA App Onto Systems
Dark Reading Staff, Quick Hits
The new macOS remote access Trojan from the Lazarus Group uses a two-factor authentication app as its delivery mechanism.
By Dark Reading Staff , 5/7/2020
Comment0 comments  |  Read  |  Post a Comment
The Price of Fame? Celebrities Face Unique Hacking Threats
Joan Goodchild, Contributing WriterNews
Hackers are hitting the sports industry hard on social media and luring quarantined consumers with offers of free streaming services, a new report shows.
By Joan Goodchild Contributing Writer, 5/6/2020
Comment0 comments  |  Read  |  Post a Comment
Industrial Networks' Newest Threat: Remote Users
Dave Weinstein, Chief Security Officer, ClarotyCommentary
We know remote working isn't going away anytime soon, so it's crucial we be extra vigilant about security for industrial networks and critical infrastructure.
By Dave Weinstein Chief Security Officer, Claroty, 5/1/2020
Comment0 comments  |  Read  |  Post a Comment
Will Gentler HIPAA Rules on Telehealth Now Protect Us From Breach Litigation Later?
Edge Editors, Dark Reading
To enable medical care while encouraging social distancing during the COVID-19 pandemic, the Department of Health and Human Services temporarily loosened up on some of its HIPAA noncompliance enforcement on telehealth. But what happens if there's a PHI slip-up?
By Edge Editors Dark Reading, 4/14/2020
Comment0 comments  |  Read  |  Post a Comment
FBI Warns of BEC Dangers
Dark Reading Staff, Quick Hits
A new PSA warns of attacks launched against users of two popular cloud-based email systems.
By Dark Reading Staff , 4/6/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by NoahSorell
Current Conversations Really!
In reply to: Re: Not surprising
Post Your Own Reply
Posted by robeena
Current Conversations thanks for shering     
In reply to: thanks
Post Your Own Reply
More Conversations
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/9/2020
4 Security Tips as the July 15 Tax-Day Extension Draws Near
Shane Buckley, President & Chief Operating Officer, Gigamon,  7/10/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Register for Dark Reading Newsletters
White Papers
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-07-10
Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session (base64-encoded). The password is stored in the session when the user submits their username and password, and is removed once they complete authentication by entering a two-factor authenticati...
PUBLISHED: 2020-07-10
In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in...
PUBLISHED: 2020-07-10
Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director's cram-md5 challenge to...
PUBLISHED: 2020-07-10
osquery before version 4.4.0 enables a priviledge escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables l...
PUBLISHED: 2020-07-10
An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerabi...