Database Security
Authentication
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
Vulnerabilities / Threats
News & Commentary
TeslaCrypt Ransomware Group Pulls Plug, Releases Decrypt Key
Jai Vijayan, Freelance writerNews
But don�t be surprised if group revives campaign or launches another one, security researchers say.
By Jai Vijayan Freelance writer, 5/20/2016
Comment1 Comment  |  Read  |  Post a Comment
5 Tips for Protecting Firmware From Attacks
Steve Zurier, Freelance Writer
Don�t let hackers take advantage of holes in firmware. Here�s how to stop them.
By Steve Zurier Freelance Writer, 5/20/2016
Comment0 comments  |  Read  |  Post a Comment
Cyber Security A Major Risk To US Financial System: SEC Chief
Dark Reading Staff, Quick Hits
Mary Jo White believes that despite preparedness, procedures in place to fight cyberattacks are inadequate.
By Dark Reading Staff , 5/20/2016
Comment0 comments  |  Read  |  Post a Comment
Bangladesh Official�s Computer Hacked To Carry Out $81 Million Theft
Dark Reading Staff, Quick Hits
Bangladeshi diplomat shares FBI report with Philippine inquiry panel on Bangladesh Bank theft.
By Dark Reading Staff , 5/20/2016
Comment0 comments  |  Read  |  Post a Comment
OPM Breach: �Cyber Sprint� Response More Like A Marathon
Rutrell Yasin, Business Technology Writer, Tech Writers BureauNews
Sixty-five percent of federal security execs surveyed in new (ISC)2 report say that government still can�t detect ongoing cyber attacks.
By Rutrell Yasin Business Technology Writer, Tech Writers Bureau, 5/19/2016
Comment0 comments  |  Read  |  Post a Comment
5 Reasons Enterprises Still Worry About Cloud Security
Emily Johnson, Associate Editor, UBM AmericasNews
Cloud spending and adoption has been on the rise for years, but the gap in cloud security confidence still causes pause with enterprises.
By Emily Johnson Associate Editor, UBM Americas, 5/19/2016
Comment0 comments  |  Read  |  Post a Comment
Presidential Campaigns Hit By Hackers, Says US Intelligence Chief
Dark Reading Staff, Quick Hits
Clapper says hacking likely to intensify; officials working with campaigns to secure their networks.
By Dark Reading Staff , 5/19/2016
Comment0 comments  |  Read  |  Post a Comment
Time To Treat Sponsors Of Ransomware Campaigns As Terrorists, Lawmaker Says
Jai Vijayan, Freelance writerNews
Fighting ransomware at an international level will require cooperation between law enforcement and State Department, Sen. Lindsey Graham, said at a Senate hearing.
By Jai Vijayan Freelance writer, 5/18/2016
Comment2 comments  |  Read  |  Post a Comment
Domain Abuse Sinks �Anchors Of Trust�
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Georgia Tech researchers create algorithm to help detect rising DNS domain abuse by cybercriminals, nation-state actors.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/18/2016
Comment0 comments  |  Read  |  Post a Comment
Survey: Customers Lose Trust In Brands After A Data Breach
Dark Reading Staff, Quick Hits
Survey by FireEye highlights customer reluctance to continue with service providers with weak cybersecurity.
By Dark Reading Staff , 5/18/2016
Comment0 comments  |  Read  |  Post a Comment
'Skimer' Stealing Money, Card Data From ATMs Around Globe
Jai Vijayan, Freelance writerNews
Windows-based ATMs are vulnerable to this new variant of ATM malware, Kaspersky Lab says.
By Jai Vijayan Freelance writer, 5/18/2016
Comment0 comments  |  Read  |  Post a Comment
Cybercrooks Think More Like CEOs And Consultants Than You Think
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Speaking the language of the board room, and understanding things like value chain and SWOT analysis, might help you speak the language of the adversary.
By Ericka Chickowski Contributing Writer, Dark Reading, 5/17/2016
Comment0 comments  |  Read  |  Post a Comment
GhostShell Leaks Data From 32 Sites In �Light Hacktivism� Campaign
Dark Reading Staff, Quick Hits
After a few months of silence, the Romanian hacktivist is back to expose the dangers of leaving FTP ports unprotected.
By Dark Reading Staff , 5/17/2016
Comment0 comments  |  Read  |  Post a Comment
Ukrainian Pleads Guilty To Stealing Press Releases For Insider Trading
Dark Reading Staff, Quick Hits
In largest known cyber securities fraud to date, hackers and traders made $30 million from unreleased press releases.
By Dark Reading Staff , 5/17/2016
Comment0 comments  |  Read  |  Post a Comment
Surviving Infosec: Keep Calm & Make Time For Yourself
Lysa Myers, Security Researcher, ESETCommentary
Nine simple but powerful ways to break out of those painful states of mind when you can�t leave the office.
By Lysa Myers Security Researcher, ESET, 5/17/2016
Comment1 Comment  |  Read  |  Post a Comment
That Time I Got Publicly �Hacked�
Kelly Jackson Higgins, Executive Editor at Dark ReadingCommentary
In honor of Dark Reading's 10th anniversary, I embarrass myself one more time for posterity.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/16/2016
Comment0 comments  |  Read  |  Post a Comment
Dark Reading Radio: How To Get The Most Out Of Your Security Budget
Kelly Jackson Higgins, Executive Editor at Dark ReadingCommentary
Join us on Wednesday, May 18 at 1pmEDT/10am PDT, for a discussion with security executives on how to prioritize and manage your IT security budget.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/16/2016
Comment0 comments  |  Read  |  Post a Comment
Tennessee Man Found Guilty Of Mitt Romney Tax Return Hack Scheme
Dark Reading Staff, Quick Hits
Convicted for attempt to blackmail PwC accounting firm with release of former U.S. Presidential candidate's pre-2010 tax returns.
By Dark Reading Staff , 5/16/2016
Comment0 comments  |  Read  |  Post a Comment
CISO Playbook: Games Of War & Cyber Defenses
Danelle Au, VP Strategy, SafeBreachCommentary
Limiting incident response planning to hypothetical table-top scenarios is far too risky in today�s threat environment. But with cyberwar gaming, you can simulate the experience of a real attack.
By Danelle Au VP Strategy, SafeBreach, 5/16/2016
Comment0 comments  |  Read  |  Post a Comment
Bangladesh Bank Theft: New York Fed Stands By Transfer Procedures
Dark Reading Staff, Quick Hits
Bank replies to US lawmaker query whether transfer of funds should have been blocked.
By Dark Reading Staff , 5/16/2016
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Products & Releases
K2 Intelligence Announces Partnership with BitVoyant
Pwnie Express Announces $12.9 Million in Series B Funding
FireEye Enhances its Threat Management Platform with Security Orchestration
Splunk Releases Closer Integration of Enterprise Security and User Behavior Analytics
IRS Warns of Continued Scams, Varied Tactics as the Tax Deadline Nears
DHS, NASA PARTNER IN SEARCH OF INNOVATION IN HOMELAND SECURITY
TECHNICAL EXPERTS AT BAE SYSTEMS REVEAL DETAILS OF NEW STRAIN OF VIRULENT CYBER THREAT
KnowBe4 Unveils Kevin Mitnick Security Awareness Training Spring 2016
More Products & Releases
PR Newswire
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
8 Key Building Blocks for Enterprise Network Defense
Networks are changing rapidly -- and so are strategies for protecting them. This Tech Digest looks at the fundamentals for the next-gen environment.
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
In this episode of Dark Reading Radio, veteran CISOs will share their experience and insight into how organizations can get the best bang for their security buck.