var _hmt = _hmt || []; (function() { var hm = document.createElement("script"); hm.src = "https://hm.baidu.com/hm.js?d387e539c1f2d34f09a9afbac8032280"; var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(hm, s); })();

Dark Reading is part of the Informa Tech Division of Informa PLC

7x彩票网appThis site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

News & Commentary
Third-Party Breaches ? and the Number of Records Exposed ? Increased Sharply in 2019
Jai Vijayan, Contributing WriterNews
Each breach exposed an average of 13 million records, Risk Based Security found.
By Jai Vijayan Contributing Writer, 2/12/2020
Comment0 comments  |  Read  |  Post a Comment
FBI: Business Email Compromise Cost Businesses $1.7B in 2019
Kelly Sheridan, Staff Editor, Dark ReadingNews
BEC attacks comprised nearly half of cybercrime losses last year, which totaled $3.5 billion overall as Internet-enabled crimes ramped up.
By Kelly Sheridan Staff Editor, Dark Reading, 2/12/2020
Comment0 comments  |  Read  |  Post a Comment
5 Common Errors That Allow Attackers to Go Undetected
Matt Middleton-Leal, General Manager and Chief Security Strategist, NetwrixCommentary
Make these mistakes and invaders might linger in your systems for years.
By Matt Middleton-Leal General Manager and Chief Security Strategist, Netwrix, 2/12/2020
Comment1 Comment  |  Read  |  Post a Comment
Healthcare Ransomware Damage Passes $157M Since 2016
Dark Reading Staff, Quick Hits
Researchers found the total cost far exceeded the amount of ransom paid to attackers.
By Dark Reading Staff , 2/11/2020
Comment0 comments  |  Read  |  Post a Comment
Why Ransomware Will Soon Target the Cloud
Corey Nachreiner, Chief Technology Officer, WatchGuard TechnologiesCommentary
As businesses' daily operations become more dependent on cloud services, ransomware authors will follow to maximize profits. The good news: Many of the best practices for physical servers also apply to the cloud.
By Corey Nachreiner Chief Technology Officer, WatchGuard Technologies, 2/11/2020
Comment0 comments  |  Read  |  Post a Comment
Cybercriminals Swap Phishing for Credential Abuse, Vuln Exploits
Kelly Sheridan, Staff Editor, Dark ReadingNews
Infection vectors were evenly divided among phishing, vulnerability exploitation, and unauthorized credential use in 2019.
By Kelly Sheridan Staff Editor, Dark Reading, 2/11/2020
Comment0 comments  |  Read  |  Post a Comment
Macs See More Adware, Unwanted Apps Than PCs
Robert Lemos, Contributing WriterNews
The latest data from Malwarebytes show the average Mac sees almost twice as many bad apps as Windows systems, but actual malware continues to be scarce.
By Robert Lemos Contributing Writer, 2/11/2020
Comment0 comments  |  Read  |  Post a Comment
Keeping a Strong Security Metrics Framework Strong
Joshua 7x彩票网appfarb, Independent ConsultantCommentary
Don't just report metrics -- analyze, understand, monitor, and adjust them. These 10 tips will show you how.
By Joshua 7x彩票网appfarb Independent Consultant, 2/11/2020
Comment1 Comment  |  Read  |  Post a Comment
How North Korea's Senior Leaders Harness the Internet
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers learn how North Korea is expanding its Internet use in order to generate revenue and bypass international sanctions.
By Kelly Sheridan Staff Editor, Dark Reading, 2/10/2020
Comment0 comments  |  Read  |  Post a Comment
China's Military Behind 2017 Equifax Breach: DoJ
Robert Lemos, Contributing WriterNews
Four members of China's People Liberation Army hacked the information broker, leading to the theft of sensitive data on approximately 145 million citizens.
By Robert Lemos Contributing Writer, 2/10/2020
Comment0 comments  |  Read  |  Post a Comment
Day in the Life of a Bot
Steve Winterfeld, Advisory CISO at AkamaiCommentary
A typical workday for a bot, from its own point of view.
By Steve Winterfeld Advisory CISO at Akamai, 2/10/2020
Comment0 comments  |  Read  |  Post a Comment
RobbinHood Kills Security Processes Before Dropping Ransomware
Kelly Sheridan, Staff Editor, Dark ReadingNews
Attackers deploy a legitimate, digitally signed hardware driver to delete security software from machines before encrypting files.
By Kelly Sheridan Staff Editor, Dark Reading, 2/7/2020
Comment0 comments  |  Read  |  Post a Comment
From 1s & 0s to Wobbly Lines: The Radio Frequency (RF) Security Starter Guide
Curtis Franklin Jr., Senior Editor at Dark Reading
Although radio frequency energy (RF) communications are increasingly essential to modern wireless networking and IoT, the security of RF is notoriously lax.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 2/7/2020
Comment0 comments  |  Read  |  Post a Comment
5 Measures to Harden Election Technology
Ari Singer, CTO at TrustPhiCommentary
Voting machinery needs hardware-level security. The stakes are the ultimate, and the attackers among the world's most capable.
By Ari Singer CTO at TrustPhi, 2/7/2020
Comment2 comments  |  Read  |  Post a Comment
90% of CISOs Would Cut Pay for Better Work-Life Balance
Kelly Sheridan, Staff Editor, Dark ReadingNews
Businesses receive $30,000 of 'free' CISO time as security leaders report job-related stress taking a toll on their health and relationships.
By Kelly Sheridan Staff Editor, Dark Reading, 2/6/2020
Comment0 comments  |  Read  |  Post a Comment
Cybersecurity Vendor Landscape Transforming as Symantec, McAfee Enter New Eras
Eric Parizo, Senior Analyst, OvumCommentary
Two years ago, Symantec and McAfee were both primed for a comeback. Today, both face big questions about their future.
By Eric Parizo Senior Analyst, Ovum, 2/6/2020
Comment0 comments  |  Read  |  Post a Comment
7x彩票网app Tops Imitated Brands as Attackers Target Tech
Dark Reading Staff, Quick Hits
Brand impersonators favor 7x彩票网app, Yahoo, Network, and PayPal in phishing attempts to steal credentials from victims.
By Dark Reading Staff , 2/6/2020
Comment0 comments  |  Read  |  Post a Comment
Invisible Pixel Patterns Can Communicate Data Covertly
Robert Lemos, Contributing WriterNews
University researchers show that changing the brightness of monitor pixels can communicate data from air-gapped systems in a way not visible to human eyes.
By Robert Lemos Contributing Writer, 2/6/2020
Comment0 comments  |  Read  |  Post a Comment
How Can We Make Election Technology Secure?
Ari Singer, CTO at TrustPhiCommentary
In Iowa this week, a smartphone app for reporting presidential caucus results debuted. It did not go well.
By Ari Singer CTO at TrustPhi, 2/6/2020
Comment0 comments  |  Read  |  Post a Comment
Majority of Network, App-Layer DDoS Attacks in 2019 Were Small
Jai Vijayan, Contributing WriterNews
Attacks turned to cheaper, shorter attacks to try and disrupt targets, Imperva analysis shows.
By Jai Vijayan Contributing Writer, 2/5/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by chirurgieesthetiqutunisie
Current Conversations wonderful article
In reply to: reading
Post Your Own Reply
Posted by gif-washco
Current Conversations
In reply to: Not all states have polls...
Post Your Own Reply
Posted by sourcenepal
Current Conversations
In reply to: Coronavirus threatening even Nepal
Post Your Own Reply
More Conversations
PR Newswire
5 Measures to Harden Election Technology
Ari Singer, CTO at TrustPhi,  2/7/2020
Researchers Reveal How Smart Lightbulbs Can Be Hacked to Attack
Jai Vijayan, Contributing Writer,  2/6/2020
Keeping a Strong Security Metrics Framework Strong
Joshua 7x彩票网appfarb, Independent Consultant,  2/11/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: The secure cloud access project budget got cut.
Current Issue
IT 2020: A Look Ahead
Are you ready for the critical changes that will occur in 2020? We've compiled editor insights from the best of our network (Dark Reading, Data Center Knowledge, InformationWeek, ITPro Today and Network Computing) to deliver to you a look at the trends, technologies, and threats that are emerging in the coming year. Download it today!
Flash Poll
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
7x彩票网app Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

PUBLISHED: 2020-02-13
explorer.js in Amazon AWS JavaScript S3 Explorer (aka aws-js-s3-explorer) v2 alpha before 2019-08-02 allows XSS in certain circumstances.

PUBLISHED: 2020-02-13
A stack-based buffer overflow was found on the D-Link DIR-842 REVC with firmware v3.13B09 HOTFIX due to the use of strcpy for 7x彩票网appPASSWORD when handling a POST request to the /MTFWU endpoint.

PUBLISHED: 2020-02-13
OpenVPN Access Server 2.8.x before 2.8.1 allows LDAP authentication bypass (except when a user is enrolled in two-factor authentication).

PUBLISHED: 2020-02-13
TimeTools SC7105 1.0.007, SC9205 1.0.007, SC9705 1.0.007, SR7110 1.0.007, SR9210 1.0.007, SR9750 1.0.007, SR9850 1.0.007, T100 1.0.003, T300 1.0.003, and T550 1.0.003 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the t3.cgi srmodel or srtime parameter.

PUBLISHED: 2020-02-13
TimeTools SC7105 1.0.007, SC9205 1.0.007, SC9705 1.0.007, SR7110 1.0.007, SR9210 1.0.007, SR9750 1.0.007, SR9850 1.0.007, T100 1.0.003, T300 1.0.003, and T550 1.0.003 devices allow remote attackers to bypass authentication by placing t3axs=TiMEtOOlsj7G3xMm52wB in a t3.cgi request, aka a "hardco...
66?????? 7072???? 7073???? 689????? 963???? 66????? 7073???? 7073???? 66???app 8????app