Why China Wants Your Sensitive Data
Social Engineering & Black Hat: Do As I Do Not As I Say
What Do You Mean My Security Tools Don't Work on APIs?!!
The Dark Web: An Untapped Source For Threat Intelligence
5 Things You Probably Missed In The Verizon DBIR
News & Commentary
Italian Surveillance Software Maker Falls Victim To Doxing Attack
Sara Peters, Senior Editor at Dark ReadingNews
Milan-based Hacking Team tells customers to stop using its products after leaked documents reveal product source code, and that the company has sold to governments with records of human rights abuses.
By Sara Peters Senior Editor at Dark Reading, 7/6/2015
Comment0 comments  |  Read  |  Post a Comment
IoT Flaw Discoveries Not Impactful--Yet
Ericka Chickowski, Contributing Writer, Dark ReadingNews
As flaws announced at Black Hat USA and elsewhere highlight IoT weaknesses, the impact of these vulns still remains low in the face of vast distribution. But that could change with market consolidation.
By Ericka Chickowski Contributing Writer, Dark Reading, 7/6/2015
Comment0 comments  |  Read  |  Post a Comment
Cloud & The Security Skills Gap
David Holmes, World-Wide Security Evangelist, F5CommentaryVideo
F5 Network security evangelist David Holmes tells how cloud outsourcing can help companies fill the talent gap in three critical areas of enterprise security.
By David Holmes World-Wide Security Evangelist, F5, 7/6/2015
Comment0 comments  |  Read  |  Post a Comment
FBI Offering $4.3 Million For Help Finding Cyber Most-Wanted
Sara Peters, Senior Editor at Dark ReadingQuick Hits
Big prize still going to whomever can help find Gameover ZeuS mastermind.
By Sara Peters Senior Editor at Dark Reading, 7/2/2015
Comment3 comments  |  Read  |  Post a Comment
Harvard Suffers Data Breach Spanning Multiple Schools, Administration Networks
Jai Vijayan, Freelance writerNews
Investigation so far shows email and system login info may have been compromised, university says.
By Jai Vijayan Freelance writer, 7/2/2015
Comment1 Comment  |  Read  |  Post a Comment
In The Cyber Realm, Letís Be Knights Not Blacksmiths
Jeff Schilling, CSO, FirehostCommentary
Why the Internet of Things is our chance to finally get information security right.
By Jeff Schilling CSO, Firehost, 7/2/2015
Comment2 comments  |  Read  |  Post a Comment
Smart Cities' 4 Biggest Security Challenges
Sara Peters, Senior Editor at Dark ReadingNews
The messiness of politics and the vulnerability of the Internet of Things in one big, unwieldy package.
By Sara Peters Senior Editor at Dark Reading, 7/1/2015
Comment4 comments  |  Read  |  Post a Comment
PCI Update Paves Way For Expanding Point-to-Point Encryption
Jai Vijayan, Freelance writerNews
Move appears designed mainly for large organizations and big-box retailers looking to lock down payment card security.
By Jai Vijayan Freelance writer, 7/1/2015
Comment4 comments  |  Read  |  Post a Comment
iOS 8.4, Mac OS X Updates Plug Vulnerabilities
Eric Zeman, Commentary
Apple released its iOS 8.4 and Mac OS X 10.10.4 updates that add Apple Music and tackle a range of security problems.
By Eric Zeman , 7/1/2015
Comment1 Comment  |  Read  |  Post a Comment
Franchising Ransomware
Vincent Weafer, Senior Vice President, Intel Security
Ransomware-as-a-service is fueling cyberattacks. Is your organization prepared?
By Vincent Weafer Senior Vice President, Intel Security, 7/1/2015
Comment2 comments  |  Read  |  Post a Comment
Why We Need In-depth SAP Security Training
Juan Pablo Perez-Etchegoyen, CTO, OnapsisCommentary
SAP and Oracle are releasing tons of patches every month, but are enterprises up to this complex task? I have my doubts.
By Juan Pablo Perez-Etchegoyen CTO, Onapsis, 7/1/2015
Comment2 comments  |  Read  |  Post a Comment
DDoS Attackers Exploiting '80s-Era Routing Protocol
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Latest wave of DDoS attacks abuses small office-home routers via the 27-year-old, outdated Routing Information Protocol Version 1 (RIPv1).
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/1/2015
Comment2 comments  |  Read  |  Post a Comment
Android Malware On The Rise
Sara Peters, Senior Editor at Dark ReadingNews
By the end of 2015, researchers expect the number of new Android malware strains to hit 2 million.
By Sara Peters Senior Editor at Dark Reading, 7/1/2015
Comment0 comments  |  Read  |  Post a Comment
Securing Critical Infrastructure
Lorie Wigle, Vice President, General Manager IOT Security Solutions, Intel Security Group
Protecting the Industrial Internet of Things from cyberthreats is a national priority.
By Lorie Wigle Vice President, General Manager IOT Security Solutions, Intel Security Group, 6/30/2015
Comment1 Comment  |  Read  |  Post a Comment
Cisco 'Everywhere': Networking Giant To Buy OpenDNS For $635 Million
Dark Reading Staff, Quick Hits
OpenDNS, which provides threat intelligence via a software-as-a-service offering, expected to enhance Cisco's existing cloud security offerings.
By Dark Reading Staff , 6/30/2015
Comment0 comments  |  Read  |  Post a Comment
Getting To Yes: Negotiating Technology Innovation & Security Risk
Tsion Gonen , Chief Strategy Office, Gemalto, Identity & Data ProtectionCommentary
As enterprises look for ways to leverage the cloud, mobility, Big Data, and social media for competitive advantage, CISOs can no longer give blanket refusals to IT experimentation.
By Tsion Gonen Chief Strategy Office, Gemalto, Identity & Data Protection, 6/30/2015
Comment0 comments  |  Read  |  Post a Comment
4 Signs Your Board Thinks Security Readiness Is Better Than It Is
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Ponemon Institute survey shows a gap in perception between boards of directors and IT executives when it comes to IT risk posture.
By Ericka Chickowski Contributing Writer, Dark Reading, 6/30/2015
Comment1 Comment  |  Read  |  Post a Comment
Gas Stations In the Bullseye
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
White hats at Black Hat USA will release free honeypot tool for monitoring attacks against gas tank monitoring systems.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 6/29/2015
Comment6 comments  |  Read  |  Post a Comment
Clever CryptoWall Spreading Via New Attacks
Sara Peters, Senior Editor at Dark ReadingNews
Top ransomware doesn't waste time jumping on the latest Flash zero-day, and hops rides on click fraud campaigns, too.
By Sara Peters Senior Editor at Dark Reading, 6/29/2015
Comment4 comments  |  Read  |  Post a Comment
CSA Announces New Working Group For Cloud Security API Standards
Ericka Chickowski, Contributing Writer, Dark ReadingNews
CipherCloud, Deloitte, InfoSys, Intel Security and SAP all on board to start developing vendor-neutral guidelines that could further accelerate CASB growth
By Ericka Chickowski Contributing Writer, Dark Reading, 6/29/2015
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by Blog Voyage
Current Conversations What an offer !
In reply to: Wow
Post Your Own Reply
More Conversations
PR Newswire
Gas Stations In the Bullseye
Kelly Jackson Higgins, Executive Editor at Dark Reading,  6/29/2015
PCI Update Paves Way For Expanding Point-to-Point Encryption
Jai Vijayan, Freelance writer,  7/1/2015
Smart Cities' 4 Biggest Security Challenges
Sara Peters, Senior Editor at Dark Reading,  7/1/2015
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
Franchising Ransomware
Ransomware-as-a-service is fueling cyberattacks. Is your organization prepared? Read >>
Partner Perspectives
What's This?
Cartoon
Dark Reading Radio
Archived Dark Reading Radio
Marc Spitler, co-author of the Verizon DBIR will share some of the lesser-known but most intriguing tidbits from the massive report
White Papers
Current Issue
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3653
Published: 2015-07-06
Cross-site scripting (XSS) vulnerability in the template preview function in Foreman before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted provisioning template.

CVE-2014-9737
Published: 2015-07-06
Open redirect vulnerability in the Language Switcher Dropdown module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a block.

CVE-2014-9738
Published: 2015-07-06
Multiple cross-site scripting (XSS) vulnerabilities in the Tournament module 7.x-1.x before 7.x-1.2 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via an (1) account username, a (2) node title, or a (3) team entity title.

CVE-2014-9739
Published: 2015-07-06
Cross-site scripting (XSS) vulnerability in the Node Field module 7.x-2.x before 7.x-2.45 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors involving internal fields.

CVE-2014-9740
Published: 2015-07-06
Cross-site scripting (XSS) vulnerability in the Rules Link module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer rules links" permission to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in the (1) question and (2...

10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Flash Poll
Video
Slideshows
Twitter Feed