Database Security
Authentication
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
Inside A Bug-Hunter's Head: 6 Motivators
16 Innovative Cybersecurity Technologies Of 2016
Cartoon: Cybersecurity & The Politics of Tweeting
5 Ways To Lock Down Your Login
20 Questions To Explore With Security-as-a-Service Providers
News & Commentary
80% Of IT Pros Say Users Set Up Unapproved Cloud Services
Kelly Sheridan, Associate Editor, InformationWeekNews
Shadow IT is a growing risk concern among IT pros, with most reporting users have gone behind their backs to set up unapproved cloud services.
By Kelly Sheridan Associate Editor, InformationWeek, 10/13/2016
Comment1 Comment  |  Read  |  Post a Comment
Most Small Businesses Lack Response Plan For Hacks
Rutrell Yasin, Freelance WriterNews
Half of small business owners have experienced malware, phishing, Trojans, hacking, and unauthorized access to customer data, according to Nationwide survey.
By Rutrell Yasin Freelance Writer, 10/13/2016
Comment0 comments  |  Read  |  Post a Comment
Information Security Spending Will Top $101 Billion By 2020
Jai Vijayan, Freelance writerNews
Spending on security services will drive much of the growth, IDC says in new forecast
By Jai Vijayan Freelance writer, 10/13/2016
Comment0 comments  |  Read  |  Post a Comment
Internet Routing Security Effort Gains Momentum
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
More than 40 network operators agree to filter routing information, prevent IP address-spoofing, and to work together to thwart Internet traffic abuse and problems.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 10/13/2016
Comment0 comments  |  Read  |  Post a Comment
7 Ways Electronic Voting Systems Can Be Attacked
Jai Vijayan, Freelance writer
Pre-election integrity tests and post-election audits and checks should help spot discrepancies and errors, but risks remain.
By Jai Vijayan Freelance writer, 10/13/2016
Comment0 comments  |  Read  |  Post a Comment
Access, Trust, And The Rise Of Electronic Personal Assistants
Carl Woodward, Principal Engineer and Security Technologist, Intel Security
App and device makers are working hard to deliver user control over privacy.
By Carl Woodward Principal Engineer and Security Technologist, Intel Security, 10/13/2016
Comment0 comments  |  Read  |  Post a Comment
IoT Default Passwords: Just Don't Do It
Daniel Riedel, CEO, New ContextCommentary
The rise of the Internet of Things makes the use of default passwords especially perilous. There are better options.
By Daniel Riedel CEO, New Context, 10/13/2016
Comment0 comments  |  Read  |  Post a Comment
Survey Shows Lack Of Preparation For EU�s Data Privacy Law
Dark Reading Staff, Quick Hits
More than 80% of companies know little about the 2018 General Data Protection Regulation (GDPR) -- and 97% have no plans to prepare for it.
By Dark Reading Staff , 10/13/2016
Comment0 comments  |  Read  |  Post a Comment
Vera Bradley Stores Report Payment Card Breach
Dark Reading Staff, Quick Hits
The retailer discloses security incident targeting customer payment card data at its stores between July 25 and September 23.
By Dark Reading Staff , 10/13/2016
Comment0 comments  |  Read  |  Post a Comment
Attack Uses Image Steganography For Stealthy Malware Ops On Instagram
Jai Vijayan, Freelance writerNews
Endgame details 'Instegogram' and Apple Mac OS X flaw with Instagram images.
By Jai Vijayan Freelance writer, 10/12/2016
Comment0 comments  |  Read  |  Post a Comment
Russia, Russia, Russia: What Clinton Or Trump Can Do About Nation-State Hacking Gone Wild
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
US mulls 'proportional' response to Democratic Party hacks in midst of an unprecedented presidential campaign clouded by cybersecurity concerns (among other things).
By Kelly Jackson Higgins Executive Editor at Dark Reading, 10/12/2016
Comment0 comments  |  Read  |  Post a Comment
Certifying Software: Why We�re Not There Yet
Kevin E. Greene, Cyber Security Thought LeaderCommentary
Finding a solution to the software security and hygiene problem will take more than an Underwriter�s Lab seal of approval.
By Kevin E. Greene Cyber Security Thought Leader, 10/12/2016
Comment0 comments  |  Read  |  Post a Comment
Attackers Exploit Weak IoT Security
Marcia Savage, Managing Editor, Network ComputingNews
Akamai researchers say attackers are using an old OpenSSH vulnerability to target IoT devices and launch attacks.
By Marcia Savage Managing Editor, Network Computing, 10/12/2016
Comment0 comments  |  Read  |  Post a Comment
G7 Nations Plan To Team Up To Tackle Financial Cybercrime
Dark Reading Staff, Quick Hits
Group of Seven nations� new guidelines include sharing updates by governments, private firms and regulators, plus joint address of shortfalls.
By Dark Reading Staff , 10/12/2016
Comment0 comments  |  Read  |  Post a Comment
US-CERT Cautions Against Phishing Scams In Aftermath Of Hurricane Matthew
Dark Reading Staff, Quick Hits
The government agency for cyber protection provides steps to follow before opening links or attachments with Hurricane Matthew tag.
By Dark Reading Staff , 10/12/2016
Comment0 comments  |  Read  |  Post a Comment
Executable Files, Old Exploit Kits Top Most Effective Attack Methods
Kelly Sheridan, Associate Editor, InformationWeekNews
Researchers for the new 'Hacker's Playbook' analyzed 4 million breach methods from an attacker's point of view to gauge the real risks today to enterprises.
By Kelly Sheridan Associate Editor, InformationWeek, 10/12/2016
Comment0 comments  |  Read  |  Post a Comment
Political Positions On Cybersecurity Matter To Millennials
Steve Zurier, Freelance WriterNews
New study on millennials and cybersecurity points to a growing awareness of the field, an interest in pursuing careers in security, and the influence of cybersecurity in politics.
By Steve Zurier Freelance Writer, 10/12/2016
Comment1 Comment  |  Read  |  Post a Comment
Businesses Sacrifice Security To Get Apps Released Faster
Kelly Sheridan, Associate Editor, InformationWeekNews
As the app economy continues to drive change in IT security, businesses struggle to meet customer demands while keeping their data secure.
By Kelly Sheridan Associate Editor, InformationWeek, 10/11/2016
Comment0 comments  |  Read  |  Post a Comment
Symantec Warns Of Second Group Targeting SWIFT Network
Jai Vijayan, Freelance writerNews
Those behind the Odinaff Trojan are using tools and infrastructure associated with the infamous Carbanak cybercrime group, security vendor says
By Jai Vijayan Freelance writer, 10/11/2016
Comment0 comments  |  Read  |  Post a Comment
France's TV5Monde Was Victim Of Vicious Cyberattack In 2015
Dark Reading Staff, Quick Hits
Hackers, allegedly Russians, targeted encoder systems in an attempt to destroy the network and cause major technical and financial damages.
By Dark Reading Staff , 10/11/2016
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by UK best helpw620
Current Conversations good post
In reply to: good post
Post Your Own Reply
Posted by sbynoe
Current Conversations A very good post.
In reply to: reply
Post Your Own Reply
More Conversations
Products & Releases
Phantom Announces New Product, Partners, and Playbooks
WhiteHat Security Partners with NowSecure For Mobile Application Security Testing Solution
FireMon Welcomes New President & CEO, Satin H. Mirchandani
ISAO Standards Organization To Release Initial Voluntary Guidelines For ISAOs
Trustwave Unveils Federated Global Security Operations
Lenovo, Intel, Paypal And Synaptics Announce Collaboration To Bring Fido Authentication To Laptops
White Ops Increases Market Momentum with $20 Million Series B
Symantec Endpoint Protection Cloud Secures SMBs Against Growing Threats
More Products & Releases
PR Newswire
For The Birds: Dark Reading Cartoon Caption Contest Winners
Marilyn Cohodas, Community Editor, Dark Reading,  10/8/2016
Database Breaches: An Alarming Lack Of Preparedness
John Moynihan, President, Minuteman Governance,  10/10/2016
Ransomware Raises The Bar Again
Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/10/2016
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
Access, Trust, And The Rise Of Electronic Personal Assistants
App and device makers are working hard to deliver user control over privacy. Read >>
Partner Perspectives
What's This?
Breach Defense Playbook: Cybersecurity Governance
Time to leave the island: Integrate cybersecurity into your risk management strategy. Read >>
Partner Perspectives
What's This?
Let's Get Smarter About Security By Working Together
We all need help, and only by working together can we move the needle on security. Read >>
Partner Perspectives
What's This?
Endpoint Security: Putting The Focus On What Matters
Five tips to help sift through the noise and focus on actions that can dramatically impact your endpoint security program. Read >>
Cartoon
Dark Reading Radio
Archived Dark Reading Radio
Cybercrime has become a well-organized business, complete with job specialization, funding, and online customer service. Dark Reading editors speak to cybercrime experts on the evolution of the cybercrime economy and the nature of today's attackers.
White Papers
Current Issue
Five Emerging Security Threats - And What You Can Learn From Them
At Black Hat USA, researchers unveiled some nasty vulnerabilities. Is your organization ready?
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Flash Poll
Video
Slideshows
Twitter Feed