var _hmt = _hmt || []; (function() { var hm = document.createElement("script"); hm.src = "https://hm.baidu.com/hm.js?d387e539c1f2d34f09a9afbac8032280"; var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(hm, s); })();

Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

News & Commentary
Google Lets iPhone Users Turn Device into Security Key
Kelly Sheridan, Staff Editor, Dark ReadingNews
The iPhone can now be used in lieu of a physical security key as a means of protecting Google accounts.
By Kelly Sheridan Staff Editor, Dark Reading, 1/15/2020
Comment0 comments  |  Read  |  Post a Comment
Why Firewalls Aren't Going Anywhere
Ruvi Kitov, Chairman, CEO and Co-Founder, TufinCommentary
Written off multiple times as obsolete, firewalls continue to elude demise by adding features and ensuring that VPNs keep humming.
By Ruvi Kitov Chairman, CEO and Co-Founder, Tufin, 1/15/2020
Comment0 comments  |  Read  |  Post a Comment
Microsoft Patches Windows Vuln Discovered by the NSA
Kelly Sheridan, Staff Editor, Dark ReadingNews
The National Security Agency is publicly acknowledged for its finding and reporting of CVE-2020-0601, marking the start of what it says is a new approach to security.
By Kelly Sheridan Staff Editor, Dark Reading, 1/14/2020
Comment1 Comment  |  Read  |  Post a Comment
Consumer Reports Calls for IoT Manufacturers to Raise Security Standards
Dark Reading Staff, Quick Hits
A letter to 25 companies says Consumer Reports will change ratings to reflect stronger security and privacy standards.
By Dark Reading Staff , 1/14/2020
Comment0 comments  |  Read  |  Post a Comment
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark ReadingNews
Windows 7 and Server 2008 will continue to work after Jan. 14, 2020, but will no longer receive security updates.
By Kelly Sheridan Staff Editor, Dark Reading, 1/13/2020
Comment1 Comment  |  Read  |  Post a Comment
Texas School District Loses $2.3M to Phishing Attack
Dark Reading Staff, Quick Hits
The Manor Independent School District is investigating a phishing email scam that led to three separate fraudulent transactions.
By Dark Reading Staff , 1/13/2020
Comment0 comments  |  Read  |  Post a Comment
TikTok Bugs Put Users' Videos, Personal Data At Risk
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers found it was possible to spoof SMS messages from TikTok and exploit an API flaw that could grant access to users' personal data.
By Kelly Sheridan Staff Editor, Dark Reading, 1/8/2020
Comment0 comments  |  Read  |  Post a Comment
The Discovery and Implications of 'MDB Leaker'
Kelly Sheridan, Staff Editor, Dark ReadingNews
The "MDB Leaker" vulnerability in the Microsoft Access Database could lead to a memory leak if left unpatched.
By Kelly Sheridan Staff Editor, Dark Reading, 1/7/2020
Comment0 comments  |  Read  |  Post a Comment
Accenture to Buy Symantec's Cyber Security Services
Dark Reading Staff, Quick Hits
The purchase, for an undisclosed amount, is scheduled to close in March.
By Dark Reading Staff , 1/7/2020
Comment0 comments  |  Read  |  Post a Comment
Insight Partners Acquires Armis at $1.1B Valuation
Dark Reading Staff, Quick Hits
This deal marks the largest-ever acquisition of a private Israeli cybersecurity company, Armis' co-founders report.
By Dark Reading Staff , 1/7/2020
Comment0 comments  |  Read  |  Post a Comment
New Standards Set to Reshape Future of Email Security
Seth Blank, Director of Industry Initiatives, ValimailCommentary
Emerging specs and protocols expected to make the simple act of opening an email a less risky proposition
By Seth Blank Director of Industry Initiatives, Valimail, 1/7/2020
Comment0 comments  |  Read  |  Post a Comment
Malicious Google Play Apps Linked to SideWinder APT
Kelly Sheridan, Staff Editor, Dark ReadingNews
The active attack involving three malicious Android applications is the first exploiting CVE-2019-2215, Trend Micro researchers report.
By Kelly Sheridan Staff Editor, Dark Reading, 1/6/2020
Comment0 comments  |  Read  |  Post a Comment
Mimecast Acquires Segasec to Boost Phishing Defense
Dark Reading Staff, Quick Hits
Segasec's technology will be integrated into Mimecast's email and Web security services to identify malicious domains.
By Dark Reading Staff , 1/6/2020
Comment0 comments  |  Read  |  Post a Comment
Client-Side JavaScript Risks & the CCPA
Ido Safruti, Co-founder & CTO, PerimeterXCommentary
How California's new privacy law increases the liability for securing Web-facing user data, and what enterprises can do to mitigate their risk.
By Ido Safruti Co-founder & CTO, PerimeterX, 1/6/2020
Comment0 comments  |  Read  |  Post a Comment
Ransomware Victim Southwire Sues Maze Operators
Kelly Sheridan, Staff Editor, Dark ReadingNews
Attackers demanded $6 million from the wire and cable manufacturer when they launched a December ransomware campaign.
By Kelly Sheridan Staff Editor, Dark Reading, 1/3/2020
Comment0 comments  |  Read  |  Post a Comment
Malware Hits Travelex Currency Exchange Service
Dark Reading Staff, Quick Hits
The New Year's Eve malware attack forced Travelex employees to resort to manual operations.
By Dark Reading Staff , 1/3/2020
Comment1 Comment  |  Read  |  Post a Comment
CCPA Kickoff: What Businesses Need to Know
Kelly Sheridan, Staff Editor, Dark ReadingNews
The California Consumer Privacy Act is in full effect, prompting organizations to think about how they'll remain compliant.
By Kelly Sheridan Staff Editor, Dark Reading, 1/2/2020
Comment0 comments  |  Read  |  Post a Comment
Mechanics of a Crypto Heist: How SIM Swappers Can Steal Cryptocurrency
Nicole Sette, Director in the Cyber Risk practice of Kroll, a division of Duff & PhelpsCommentary
The true vulnerability at the heart of SIM-swap attacks on crypto accounts lies in crypto exchanges' and email providers' variable implementation of 2FA.
By Nicole Sette Director in the Cyber Risk practice of Kroll, a division of Duff & Phelps, 1/2/2020
Comment0 comments  |  Read  |  Post a Comment
Operational Technology: Why Old Networks Need to Learn New Tricks
Derek Manky, Chief, Security Insights & Global Threat Alliances at Fortinet--Office of CISOCommentary
Cybercriminals are maximizing their opportunity by targeting older vulnerabilities in OT environments. It's time to fight back.
By Derek Manky Chief, Security Insights & Global Threat Alliances at Fortinet--Office of CISO, 12/31/2019
Comment0 comments  |  Read  |  Post a Comment
As Hackers Target Mobile Payment Apps, Here's How to Keep Them at Bay
Carlos Asuncion, Solutions Engineer Manager at Shape SecurityCommentary
A little vigilance helps retailers reduce and prevent three of the most common kinds of mobile app fraud
By Carlos Asuncion Solutions Engineer Manager at Shape Security, 12/27/2019
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Major Brazilian Bank Tests Homomorphic Encryption on Financial Data
Kelly Sheridan, Staff Editor, Dark Reading,  1/10/2020
7 Free Tools for Better Visibility Into Your Network
Curtis Franklin Jr., Senior Editor at Dark Reading,  1/9/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
7x彩票网app Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

PUBLISHED: 2020-01-15
The repair operation of VMware Tools for Windows 10.x.y has a race condition which may allow for privilege escalation in the Virtual Machine where Tools is installed. This vulnerability is not present in VMware Tools 11.x.y since the affected functionality is not present in VMware Tools 11.

PUBLISHED: 2020-01-15
A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in ...

PUBLISHED: 2020-01-15
OSIsoft PI Vision, PI Vision 2017 R2, PI Vision 2017 R2 SP1, PI Vision 2019. The affected product records the service account password in the installation log files when a non-default service account and password are specified during installation or upgrade.

PUBLISHED: 2020-01-15
OSIsoft PI Vision, All versions of PI Vision prior to 2019. The affected product is vulnerable to a cross-site request forgery that may be introduced on the PI Vision administration site.

PUBLISHED: 2020-01-15
OSIsoft PI Vision, PI Vision 2017 R2 and PI Vision 2017 R2 SP1. The affected product is vulnerable to cross-site scripting, which may allow invalid input to be introduced.
66?????? 7072???? 7073???? 689????? 963???? 66????? 7073???? 7073???? 66???app 8????app