The Wayback Machine - https://web.archive.org/web/20170711174822/http://www.darkreading.com/
Database Security
Authentication
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
How To (And Not To) Make the Online Trust Honor Roll
9 Ways to Protect Your Cloud Environment from Ransomware
8 Hot Hacking Tools to Come out of Black Hat USA
Dark Reading Launches New Conference on Cyber Defense
Android Security Apps for BYOD Users
News & Commentary
Securing your Cloud Stack from Ransomware
Tim Prendergast, Founder & CEO, Evident.io
Poor configuration, lack of policies, and permissive behaviors are three factors that can leave your cloud infrastructure vulnerable to ransomware threats.
By Tim Prendergast Founder & CEO, Evident.io, 7/11/2017
Comment0 comments  |  Read  |  Post a Comment
HyTrust Raises $36M, Buys DataGravity for Policy Enforcement
Dark Reading Staff, Quick Hits
Cloud security firm HyTrust closed $36 million in Series E funding and purchased DataGravity to automate policy enforcement for workload data.
By Dark Reading Staff , 7/11/2017
Comment0 comments  |  Read  |  Post a Comment
The High Costs of GDPR Compliance
Chris Babel, CEO, TrustArcCommentary
Looming, increasingly strict EU privacy regulations are pushing privacy spending to the top of IT priorities and budgets.
By Chris Babel CEO, TrustArc, 7/11/2017
Comment0 comments  |  Read  |  Post a Comment
Symantec Snaps Up Skycure in Mobile Security Move
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Acquisition fills gap in Symantec's Apple iOS mobile security strategy - and addresses the future of 'mobile first,' Symantec CEO says.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/11/2017
Comment0 comments  |  Read  |  Post a Comment
IoT Devices Plagued by Lesser-Known Security Hole
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Internet of Things devices are security-challenged enough, but they're also being massively exposed on the public Internet � this time via MQTT communications, a researcher will show at Black Hat USA.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/10/2017
Comment0 comments  |  Read  |  Post a Comment
Trump Suggests, Then Pulls Back on Joint Russian Cybersecurity Unit
Kelly Sheridan, Associate Editor, Dark ReadingNews
President Donald Trump proposed, and quickly rescinded, the idea of a joint cybersecurity unit with Russian President Vladimir Putin during this week's G20 summit.
By Kelly Sheridan Associate Editor, Dark Reading, 7/10/2017
Comment0 comments  |  Read  |  Post a Comment
Cybercriminal with Ties to Exclusive Russian Hacking Forums Sentenced to Prison
Dark Reading Staff, Quick Hits
L.A. resident is sentenced to 110 months in prison for stealing and trafficking sensitive information on exclusive Russian-speaking cybercriminal forums.
By Dark Reading Staff , 7/10/2017
Comment0 comments  |  Read  |  Post a Comment
How Code Vulnerabilities Can Lead to Bad Accidents
Jeff Williams, CTO, Contrast SecurityCommentary
The software supply chain is broken. To prevent hackers from exploiting vulnerabilities, organizations need to know where their applications are, and whether they are built using trustworthy components.
By Jeff Williams CTO, Contrast Security, 7/10/2017
Comment0 comments  |  Read  |  Post a Comment
Two Members of Massive Call Center Scam Operation Plead Guilty
Dark Reading Staff, Quick Hits
Some 54 members facing charges for targeting US victims.
By Dark Reading Staff , 7/10/2017
Comment0 comments  |  Read  |  Post a Comment
Desperately Seeking Security: 6 Skills Most In Demand
Ericka Chickowski, Contributing Writer, Dark Reading
When people say there's a security skills gap, this is what they really mean.
By Ericka Chickowski Contributing Writer, Dark Reading, 7/8/2017
Comment0 comments  |  Read  |  Post a Comment
NotPetya: How to Prep and Respond if You're Hit
Kelly Sheridan, Associate Editor, Dark Reading
Security pros share practices to prepare and handle advanced malware attacks like NotPetya.
By Kelly Sheridan Associate Editor, Dark Reading, 7/7/2017
Comment1 Comment  |  Read  |  Post a Comment
IoT Physical Attack Exploit to be Revealed at Black Hat
Dawn Kawamoto, Associate Editor, Dark ReadingNews
Security researcher Billy Rios plans to demonstrate how an exploit can cause an IoT device to launch a physical attack against a human.
By Dawn Kawamoto Associate Editor, Dark Reading, 7/7/2017
Comment1 Comment  |  Read  |  Post a Comment
IRS to Launch Educational Phishing Series
Dark Reading Staff, Quick Hits
The Internal Revenue Service is preparing to launch an educational series on phishing attacks and related warning signs.
By Dark Reading Staff , 7/7/2017
Comment0 comments  |  Read  |  Post a Comment
The SOC Is Dead�Long Live the SOC
Dan Koloski, Vice President, Oracle's Systems Management and Security products groupCommentary
The traditional security operations center can't deal with present reality. We must rethink the concept in a way that prepares for the future.
By Dan Koloski Vice President, Oracle's Systems Management and Security products group, 7/7/2017
Comment1 Comment  |  Read  |  Post a Comment
Telecom Hacker Sentenced for Laundering Millions
Dark Reading Staff, Quick Hits
Pakistani man sentenced to prison for hacking into PBX systems and generating millions of dollars via bogus premium phone calls and laundering the money.
By Dark Reading Staff , 7/6/2017
Comment0 comments  |  Read  |  Post a Comment
Hacking the State of the ISIS Cyber Caliphate
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Researchers say Islamic State's United Cyber Caliphate remains in its infancy when it comes to cyberattack expertise.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/6/2017
Comment0 comments  |  Read  |  Post a Comment
New Google Security Controls Tighten Third-Party Data Access
Kelly Sheridan, Associate Editor, Dark ReadingNews
Google adds OAuth app whitelisting to G Suite so admins can vet third-party applications before users can grant them authorized data access.
By Kelly Sheridan Associate Editor, Dark Reading, 7/6/2017
Comment0 comments  |  Read  |  Post a Comment
Sabre Breach Investigation Concludes with Impact Limited
Dark Reading Staff, Quick Hits
The travel company finds that attackers gained limited access to a subset of its bookings in its reservation system.
By Dark Reading Staff , 7/6/2017
Comment0 comments  |  Read  |  Post a Comment
CopyCat Malware Infects 14 Million Android Devices
Dawn Kawamoto, Associate Editor, Dark ReadingNews
A new malware strain is discovered with a novel approach to infecting Android handheld devices with adware.
By Dawn Kawamoto Associate Editor, Dark Reading, 7/6/2017
Comment0 comments  |  Read  |  Post a Comment
Black Hat Survey: Security Pros Expect Major Breaches in Next Two Years
Tim Wilson, Editor in Chief, Dark Reading, News
Significant compromises are not just feared, but expected, Black Hat attendees say
By Tim Wilson, Editor in Chief, Dark Reading , 7/6/2017
Comment3 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Products & Releases
IBM, Ponemon: Business Continuity Management Helps Save Time and Cost Post-Breach
FIRST Releases Practices for Multi-Party Vulnerability Coordination and Disclosure
Cloud Security Vendor, ShieldX, Emerges From Stealth
Global Commission on the Stability of Cyberspace Holds First Full Commission Meeting
Retail Cyber Intelligence Sharing Center Names New Executive Director
Cloud Identity Leader Auth0 Adds $30 Million Series C
Security Summit Warns of New Phishing Email Targeting Tax Pros
Critical Vulnerability Found in Avaya AES Management Console
More Products & Releases
PR Newswire
Black Hat Survey: Security Pros Expect Major Breaches in Next Two Years
Tim Wilson, Editor in Chief, Dark Reading 7/6/2017
IoT Physical Attack Exploit to be Revealed at Black Hat
Dawn Kawamoto, Associate Editor, Dark Reading,  7/7/2017
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
A Cybersecurity Christmas Story
Automation and orchestration will be essential components of security in 2017. Read >>
Partner Perspectives
What's This?
'Insider Sabotage' among Top 3 Threats CISOs Can't yet Handle
These five steps can help your organizations limit the risks from disgruntled employees and user errors. Read >>
Partner Perspectives
What's This?
Securing your Cloud Stack from Ransomware
Poor configuration, lack of policies, and permissive behaviors are three factors that can leave your cloud infrastructure vulnerable to ransomware threats. Read >>
Partner Perspectives
What's This?
Doxing, DoS & Defacement: Today's Mainstream Hacktivism Tools
Anyone can get angry at you and become a hacktivist. Here's how to protect your organization from these increasingly common cyber attacks. Read >>
Partner Perspectives
What's This?
Breach Defense Playbook: Cybersecurity Governance
Time to leave the island: Integrate cybersecurity into your risk management strategy. Read >>
Partner Perspectives
What's This?
Let's Get Smarter About Security By Working Together
We all need help, and only by working together can we move the needle on security. Read >>
Partner Perspectives
What's This?
WanaCrypt0r Hits Worldwide
Consumers and businesses should be sure their Windows systems and software are updated with all current patches in order to stop the spread of this dangerous ransomware attack. Read >>
Partner Perspectives
What's This?
Endpoint Security: Putting The Focus On What Matters
Five tips to help sift through the noise and focus on actions that can dramatically impact your endpoint security program. Read >>
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Execute candymountain.sh as the root user, Charlie!
Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.
White Papers
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

[Strategic Security Report] Assessing Cybersecurity Risk
[Strategic Security Report] Assessing Cybersecurity Risk
As cyber attackers become more sophisticated and enterprise defenses become more complex, many enterprises are faced with a complicated question: what is the risk of an IT security breach? This report delivers insight on how today's enterprises evaluate the risks they face. This report also offers a look at security professionals' concerns about a wide variety of threats, including cloud security, mobile security, and the Internet of Things.
Flash Poll
Video
Slideshows
Twitter Feed