Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

News & Commentary
Project Zero Turns 5: How Google's Zero-Day Hunt Has Grown
Kelly Sheridan, Staff Editor, Dark ReadingNews
At Black Hat USA, Project Zero's team lead shared details of projects it has accomplished and its influence on the security community.
By Kelly Sheridan Staff Editor, Dark Reading, 8/16/2019
Comment1 Comment  |  Read  |  Post a Comment
Behind the Scenes at ICS Village
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
ICS Village co-founder Bryson Bort reveals plans for research-dedicated events that team independent researchers, critical infrastructure owners, and government specialists.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/16/2019
Comment0 comments  |  Read  |  Post a Comment
NSA Researchers Talk Development, Release of Ghidra SRE Tool
Kelly Sheridan, Staff Editor, Dark ReadingNews
NSA researchers took the Black Hat stage to share details of how they developed and released the software reverse-engineering framework.
By Kelly Sheridan Staff Editor, Dark Reading, 8/15/2019
Comment0 comments  |  Read  |  Post a Comment
Adware, Trojans Hit Education Sector Hard
Robert Lemos, Contributing WriterNews
Students continue to be weak links for schools and universities, according to data from security firm Malwarebytes.
By Robert Lemos Contributing Writer, 8/15/2019
Comment0 comments  |  Read  |  Post a Comment
7 Biggest Cloud Security Blind Spots
Ericka Chickowski, Contributing Writer
Cloud computing boon is for innovation, yet security organizations find themselves running into obstacles.
By Ericka Chickowski Contributing Writer, 8/15/2019
Comment0 comments  |  Read  |  Post a Comment
5 Things to Know About Cyber Insurance
Joan Goodchild, Contributing Writer
More businesses are recognizing the need for cyber insurance as part of an overall security strategy. Here are some key points to consider when evaluating, purchasing, and relying on a policy.
By Joan Goodchild Contributing Writer, 8/15/2019
Comment1 Comment  |  Read  |  Post a Comment
Financial Phishing Grows in Volume and Sophistication in First Half of 2019
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Criminals are using the tools intended to protect consumers to attack them through techniques that are becoming more successful with each passing month.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/14/2019
Comment0 comments  |  Read  |  Post a Comment
Stronger Defenses Force Cybercriminals to Rethink Strategy
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers see the rise of new relationships and attack techniques as criminals put companies' resilience to the test.
By Kelly Sheridan Staff Editor, Dark Reading, 8/14/2019
Comment0 comments  |  Read  |  Post a Comment
BioStar 2 Leak Exposes 23GB Data, 1M Fingerprints
Dark Reading Staff, Quick Hits
Thousands of organizations, including banks, governments, and the UK Metropolitan Police, use the biometric security tool to authenticate users.
By Dark Reading Staff , 8/14/2019
Comment2 comments  |  Read  |  Post a Comment
You Gotta Reach Em to Teach Em
Kacy Zurkus, Contributing Writer
As threats continue to evolve and cybercriminals become more sophisticated, organizations that lack a mature security awareness and training program place themselves at serious risk.
By Kacy Zurkus Contributing Writer, 8/14/2019
Comment2 comments  |  Read  |  Post a Comment
Does Personality Make You Vulnerable to Cybercrime?
Kelly Sheridan, Staff Editor, Dark ReadingNews
A new study explores the connections between personality traits and susceptibility to different cyberattacks.
By Kelly Sheridan Staff Editor, Dark Reading, 8/13/2019
Comment0 comments  |  Read  |  Post a Comment
Microsoft Patches Wormable RCE Vulns in Remote Desktop Services
Kelly Sheridan, Staff Editor, Dark ReadingNews
Similar to the now-patched 'BlueKeep' vulnerability, two flaws fixed today could let malware spread across vulnerable computers.
By Kelly Sheridan Staff Editor, Dark Reading, 8/13/2019
Comment3 comments  |  Read  |  Post a Comment
Barracuda Buys Bot-Battling Tech from InfiSecure
Dark Reading Staff, Quick Hits
The intellectual property acquired will add to Barracuda's bot-detection capabilities.
By Dark Reading Staff , 8/13/2019
Comment0 comments  |  Read  |  Post a Comment
700K Guest Records Stolen in Choice Hotels Breach
Dark Reading Staff, Quick Hits
Cybercriminals reportedly stole the information from an exposed MongoDB database on a third-party server.
By Dark Reading Staff , 8/13/2019
Comment2 comments  |  Read  |  Post a Comment
2019 Pwnie Award Winners (And Those Who Wish They Weren't)
Jai Vijayan, Contributing Writer
This year's round-up includes awards into two new categories: most under-hyped research and epic achievement.
By Jai Vijayan Contributing Writer, 8/13/2019
Comment0 comments  |  Read  |  Post a Comment
FBI Plans to Monitor Social Media May Spark Privacy Issues
Dark Reading Staff, Quick Hits
A new initiative to pull data from social media platforms may clash with policies prohibiting the use of information for mass surveillance.
By Dark Reading Staff , 8/12/2019
Comment1 Comment  |  Read  |  Post a Comment
Hackers Can Hurt Victims with Noise
Dark Reading Staff, Quick Hits
Research presented at DEF CON shows that attackers can hijack Wi-Fi and Bluetooth-connected speakers to produce damaging sounds.
By Dark Reading Staff , 8/12/2019
Comment0 comments  |  Read  |  Post a Comment
Security Pros, Congress Reps Talk National Cybersecurity at DEF CON
Kelly Sheridan, Staff Editor, Dark ReadingNews
Cybersecurity and government leaders discussed why Congress is unprepared for a major cyberattack and how the two parties can collaborate.
By Kelly Sheridan Staff Editor, Dark Reading, 8/12/2019
Comment0 comments  |  Read  |  Post a Comment
More Focus on Security as Payment Technologies Proliferate
Robert Lemos, Contributing WriterNews
Banks and merchants are expanding their payment offerings but continue to be wary of the potential fraud risk.
By Robert Lemos Contributing Writer, 8/12/2019
Comment0 comments  |  Read  |  Post a Comment
Modern-Day SOCs: People, Process & Technology
Kacy Zurkus, Contributing Writer
As businesses look to the future and invest in next-generation tools, here are some considerations for more effective planning.
By Kacy Zurkus Contributing Writer, 8/12/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Microsoft Patches Wormable RCE Vulns in Remote Desktop Services
Kelly Sheridan, Staff Editor, Dark Reading,  8/13/2019
The Mainframe Is Seeing a Resurgence. Is Security Keeping Pace?
Ray Overby, Co-Founder & President at Key Resources, Inc.,  8/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-15160
PUBLISHED: 2019-08-19
The SweetXml (aka sweet_xml) package through 0.6.6 for Erlang and Elixir allows attackers to cause a denial of service (resource consumption) via an XML entity expansion attack with an inline DTD.
CVE-2019-15150
PUBLISHED: 2019-08-19
In the OAuth2 Client extension before 0.4 for MediaWiki, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function.
CVE-2017-18550
PUBLISHED: 2019-08-19
An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aac_get_hba_info does not initialize the hbainfo structure.
CVE-2017-18551
PUBLISHED: 2019-08-19
An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated.
CVE-2017-18552
PUBLISHED: 2019-08-19
An issue was discovered in net/rds/af_rds.c in the Linux kernel before 4.11. There is an out of bounds write and read in the function rds_recv_track_latency.