Cyberspies Impersonate Security Researcher
Microsoft's Remarkable Pivot: Windows 10 Abandons Privacy
Cartoon: Security Moment Of Zen
Sights & Sounds Of Black Hat USA And DEF CON
Valasek Not Done With Car Hacking Just Yet
News & Commentary
RSA's Ex-CEO Coviello Back In The Game
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Art Coviello, former head of RSA Security, has returned to the security industry after retiring from RSA for health reasons.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 9/3/2015
Comment0 comments  |  Read  |  Post a Comment
Stealing Data By 'Living Off The Land'
Rutrell Yasin, Business Technology Writer, Tech Writers BureauNews
Hackers latest tactic involves a malware-free attack using a company’s own system credentials and admin tools to gain access.
By Rutrell Yasin Business Technology Writer, Tech Writers Bureau, 9/3/2015
Comment0 comments  |  Read  |  Post a Comment
VMware Expands NSX Platform Security
Marcia Savage, Managing Editor, Network ComputingNews
VMware is working to add network encryption as a distributed service via its network virtualization platform.
By Marcia Savage Managing Editor, Network Computing, 9/3/2015
Comment0 comments  |  Read  |  Post a Comment
China's Great Cannon: The Great Firewall's More Aggressive Partner
Sara Peters, Senior Editor at Dark ReadingCommentaryVideo
Crowdstrike researchers visit Dark Reading News Desk at Black Hat to describe how China went on the offensive and extended its Internet censorship efforts beyond Chinese borders.
By Sara Peters Senior Editor at Dark Reading, 9/3/2015
Comment0 comments  |  Read  |  Post a Comment
New Shifu Banking Trojan An ‘Uber Patchwork’ Of Malware Tools
Jai Vijayan, Freelance writerNews
Sophisticated threat hitting banks in Japan combines best features of multiple previous banking malware, new IBM research says.
By Jai Vijayan Freelance writer, 9/2/2015
Comment0 comments  |  Read  |  Post a Comment
Malware Author Stamped Code 'For Targeted Attacks Only'
Sara Peters, Senior Editor at Dark ReadingNews
When the Microsoft Word Intruder Office malware creation kit got too high-profile, the developer changed terms of service, Sophos report says.
By Sara Peters Senior Editor at Dark Reading, 9/2/2015
Comment0 comments  |  Read  |  Post a Comment
Microsoft, Google, Mozilla Abandon RC4 Cryptographic Standard
Larry Loeb, Blogger, InformationweekCommentary
With Microsoft, Google, and Mozilla turning against the RC4 cryptographic suite, the standard will likely die in 2016.
By Larry Loeb Blogger, Informationweek, 9/2/2015
Comment0 comments  |  Read  |  Post a Comment
Endpoint Security Firm Tanium Valued At $3.5 Billion
Dark Reading Staff, Quick Hits
Highest-valued venture-backed cybersecurity company worldwide closes $120 million venture capital round.
By Dark Reading Staff , 9/2/2015
Comment1 Comment  |  Read  |  Post a Comment
Microsoft's Remarkable Pivot: Windows 10 Abandons Privacy
Mark Weinstein, CEO, MeWe.comCommentary
You can read all you want about Windows 10 powerful new privacy features, but that doesn’t mean you have them.
By Mark Weinstein CEO, MeWe.com, 9/2/2015
Comment5 comments  |  Read  |  Post a Comment
Baby Monitors Expose Home -- And Business -- Networks
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Researchers find major security flaws in popular networked video baby monitor products that could allow attackers to snoop on babies and businesses.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 9/2/2015
Comment2 comments  |  Read  |  Post a Comment
Cyberspies Impersonate Security Researcher
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
'Rocket Kitten' pro-Iranian regime hackers focusing more on targeting individuals for geopolitical espionage.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 9/1/2015
Comment1 Comment  |  Read  |  Post a Comment
Report: Ransomware Jumped 58 Percent in Q2
Sara Peters, Senior Editor at Dark ReadingNews
McAfee Threat Labs Report also zooms in on GPU malware and looks back on the first five years of the Intel-McAfee marriage.
By Sara Peters Senior Editor at Dark Reading, 9/1/2015
Comment1 Comment  |  Read  |  Post a Comment
Malware Pre-Installed On Over Two-Dozen Android Smartphone Brands
Jai Vijayan, Freelance writerNews
Threat affects several smartphones shipping from Asia including some popular ones such as Lenovo, Huawei, and Xiaomi, says G Data.
By Jai Vijayan Freelance writer, 9/1/2015
Comment1 Comment  |  Read  |  Post a Comment
We Can Allow Cybersecurity Research Without Stifling Innovation
Gavin Reid, Vice President, Threat Intelligence, Lancope IncCommentary
The U.S. government is in a unique position to become a global leader in cybersecurity. But only if it retains the open spirit of the Internet that kick-started the Information Age.
By Gavin Reid Vice President, Threat Intelligence, Lancope Inc, 9/1/2015
Comment0 comments  |  Read  |  Post a Comment
Your Worst Day In IT
David Spark, Veteran Tech journalist and founder of Spark Media Solutions
Turns out the most common culprits aren't what you might think.
By David Spark Veteran Tech journalist and founder of Spark Media Solutions, 9/1/2015
Comment0 comments  |  Read  |  Post a Comment
Sights & Sounds Of Black Hat USA And DEF CON
Kelly Jackson Higgins, Executive Editor at Dark Reading
Some hackers call the week of Black Hat USA and DEF CON 'security summer camp' -- a look at some of the highlights of the two shows.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/31/2015
Comment0 comments  |  Read  |  Post a Comment
Biggest Apple Account Theft Ever Hits Only JailBroken iOS Devices
Sara Peters, Senior Editor at Dark ReadingNews
KeyRaider stole 225,000 legitimate Apple accounts and slammed devices with ransomware and phony purchases, but only jailbroken gear, mostly in China, is affected.
By Sara Peters Senior Editor at Dark Reading, 8/31/2015
Comment2 comments  |  Read  |  Post a Comment
A CISO's View of Mobile Security Strategy, With Stacey Halota
Sara Peters, Senior Editor at Dark ReadingCommentaryVideo
CISO of Graham Holdings visits Dark Reading News Desk at Black Hat to discuss why mobile security is a top priority and how to use mobile devices as a security tool.
By Sara Peters Senior Editor at Dark Reading, 8/31/2015
Comment0 comments  |  Read  |  Post a Comment
10 Best Practices For BYOD Policy
Dark Reading Staff, News
Bring-your-own device doesn't have to mean bring your own security problems.
By Dark Reading Staff , 8/31/2015
Comment0 comments  |  Read  |  Post a Comment
Top Infosec Execs Will Eventually Report To CEOs, CISOs Say
Kevin West, CEO & founder, K logixCommentary
But becoming a trusted resource to the executive suite will demand major changes in the traditional chief information security officer role.
By Kevin West CEO & founder, K logix, 8/31/2015
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Valasek Not Done With Car Hacking Just Yet
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/28/2015
Ashley Madison CEO Resigns
Dark Reading Staff 8/28/2015
Microsoft's Remarkable Pivot: Windows 10 Abandons Privacy
Mark Weinstein, CEO, MeWe.com,  9/2/2015
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Cartoon
Dark Reading Radio
Archived Dark Reading Radio
Another Black Hat is in the books and Dark Reading was there. Join the editors as they share their top stories, biggest lessons, and best conversations from the premier security conference.
White Papers
Current Issue
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-1516
Published: 2015-09-03
Cross-site scripting (XSS) vulnerability in Polycom RealPresence CloudAXIS Suite before 1.7.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

CVE-2015-4077
Published: 2015-09-03
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allows local users to read arbitrary kernel memory via a 0x22608C ioctl call.

CVE-2015-4552
Published: 2015-09-03
Cross-site scripting (XSS) vulnerability in the quick edit function in xmlhttp.php in MyBB (aka MyBulletinBoard) before 1.8.5 allows remote attackers to inject arbitrary web script or HTML via the content of a post.

CVE-2015-5189
Published: 2015-09-03
Race condition in pcsd in PCS 0.9.139 and earlier uses a global variable to validate usernames, which allows remote authenticated users to gain privileges by sending a command that is checked for security after another user is authenticated.

CVE-2015-5190
Published: 2015-09-03
The pcsd web UI in PCS 0.9.139 and earlier allows remote authenticated users to execute arbitrary commands via "escape characters" in a URL.

10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Flash Poll
Video
Slideshows
Twitter Feed