10 Hottest Talks at Black Hat USA 2016
5 'Mr. Robot' Hacks That Could Happen in Real Life
7 Ways To Lock Down Your Privileged Accounts
Meet The Teams In DARPA's All-Machine Hacking Tournament
What SMBs Need To Know About Security But Are Afraid To Ask
News & Commentary
In Security, Know That You Know Nothing
Michael Sutton, Chief Information Security Office, ZscalerCommentary
Only when security professionals become aware of what they don’t know, can they start asking the right questions and implementing the right security controls.
By Michael Sutton Chief Information Security Office, Zscaler, 7/26/2016
Comment1 Comment  |  Read  |  Post a Comment
Russia Likely Behind DNC Breach, Says FBI
Dark Reading Staff, Quick Hits
Motive behind DNC hack and leak is possibly to tilt election in favor of Trump, say US officials.
By Dark Reading Staff , 7/26/2016
Comment0 comments  |  Read  |  Post a Comment
Report Finds Healthcare Most Targeted By Ransomware
Dark Reading Staff, Quick Hits
Top ransomware variant Cryptowall accounts for almost 94% of all detected attacks, says Solutionary.
By Dark Reading Staff , 7/26/2016
Comment0 comments  |  Read  |  Post a Comment
Security Holes Exposed In Smart Lighting System
Steve Zurier, Freelance WriterNews
Sylvania Osram Lightify vulnerabilities could allow an attacker to turn out the lights or ultimately infiltrate the corporate network.
By Steve Zurier Freelance Writer, 7/26/2016
Comment0 comments  |  Read  |  Post a Comment
'MouseJack' Researchers Uncover Major Wireless Keyboard Vulnerability
Ericka Chickowski, Contributing Writer, Dark ReadingNews
KeySniffer attack shows two-thirds of low-cost wireless keyboards prone to keystroke capture and malicious keystroke injection.
By Ericka Chickowski Contributing Writer, Dark Reading, 7/26/2016
Comment0 comments  |  Read  |  Post a Comment
SentinelOne Offers $1 Million Guarantee To Stop Ransomware
Sara Peters, Senior Editor at Dark ReadingNews
Jeremiah Grossman continues his crusade to make security vendors take responsibility for their own gear.
By Sara Peters Senior Editor at Dark Reading, 7/26/2016
Comment0 comments  |  Read  |  Post a Comment
New Portal Offers Decryption Tools For Some Ransomware Victims
Jai Vijayan, Freelance writerNews
Nomoreransom.org, a joint initiative between Europol, the Dutch National Police, Kaspersky Lab and Intel Security, offers help in getting encrypted data back.
By Jai Vijayan Freelance writer, 7/25/2016
Comment0 comments  |  Read  |  Post a Comment
10 Hottest Talks at Black Hat USA 2016
Sean Martin, CISSP | President, imsmartin
The impressive roll call of speakers offers a prime opportunity to learn from the very best of the information security world.
By Sean Martin CISSP | President, imsmartin, 7/25/2016
Comment0 comments  |  Read  |  Post a Comment
Edward Snowden Designs Anti-Spying Smartphone Device
Dark Reading Staff, Quick Hits
'Introspection engine' will reportedly protect journalists, others, from revealing locations through unauthorized radio signals.
By Dark Reading Staff , 7/25/2016
Comment0 comments  |  Read  |  Post a Comment
Three Arrested For Cell Phone Hacking Scam
Dark Reading Staff, Quick Hits
Defendants accused of using stolen phone details to make international calls charged to victims’ accounts.
By Dark Reading Staff , 7/25/2016
Comment0 comments  |  Read  |  Post a Comment
Building Black Hat: Locking Down One Of The World’s Biggest Security Conferences
Aamir Lakhani, Senior Security Strategist & Hacker, Fortinet, FortiGuard Advanced LabsCommentary
For security pros, being asked to help secure Black Hat is like being asked to play on the Olympic basketball team.
By Aamir Lakhani Senior Security Strategist & Hacker, Fortinet, FortiGuard Advanced Labs, 7/25/2016
Comment0 comments  |  Read  |  Post a Comment
How Jihadists Operate Online And Under The Radar: Report
Jai Vijayan, Freelance writerNews
Secure browsers, VPNs, protected email apps, and mobile security apps are just tip of iceberg, Flashpoint report shows.
By Jai Vijayan Freelance writer, 7/22/2016
Comment2 comments  |  Read  |  Post a Comment
5 Ways To Protect HR From Ransomware
Steve Zurier, Freelance WriterNews
Bad actors are now looking to hold for ransom sensitive information stored in personnel records in the human resources department and other highly sensitive corporate operations.
By Steve Zurier Freelance Writer, 7/22/2016
Comment0 comments  |  Read  |  Post a Comment
7 Ways To Lock Down Your Privileged Accounts
Steve Zurier, Freelance Writer
Admin passwords contained within privileged accounts can open up the keys to the kingdom to determined attackers. Here's how to stop them.
By Steve Zurier Freelance Writer, 7/22/2016
Comment0 comments  |  Read  |  Post a Comment
5 Failsafe Techniques For Interviewing Security Candidates
Joshua Goldfarb, VP & CTO - Emerging Technologies, FireEyeCommentary
Filling critical information security roles with the right people is never easy. But learning how to separate the 'wheat from the chaff' is a smart step in the right direction.
By Joshua Goldfarb VP & CTO - Emerging Technologies, FireEye, 7/22/2016
Comment3 comments  |  Read  |  Post a Comment
Asia Mulls Europol-Style Agency To Fight Cybercrime
Dark Reading Staff, Quick Hits
Asian ministers hold closed-door meeting in Singapore to chalk out strategy for such an organization.
By Dark Reading Staff , 7/22/2016
Comment0 comments  |  Read  |  Post a Comment
Auto Industry ISAC Releases Best Practices For Connected Vehicle Cybersecurity
Jai Vijayan, Freelance writerNews
Goal is to provide car manufactures with guidelines for protecting modern vehicles against emerging cyber threats
By Jai Vijayan Freelance writer, 7/21/2016
Comment0 comments  |  Read  |  Post a Comment
Tools & Training To ‘Hack Yourself’ Into Better Security
Ofer Israeli, Founder & VP, R&D, illusive networksCommentary
How to teach your blue team to think like the red team when your network is under attack and time is your most valuable asset.
By Ofer Israeli Founder & VP, R&D, illusive networks, 7/21/2016
Comment3 comments  |  Read  |  Post a Comment
Majority Of Companies Say Trade Secrets Likely Compromised
Jai Vijayan, Freelance writerNews
About 60 percent of companies in a survey by Ponemon and Kilpatrick Townsend say at least some of their trade secrets are likely in the hands of rivals
By Jai Vijayan Freelance writer, 7/21/2016
Comment0 comments  |  Read  |  Post a Comment
Tesla’s Data Collection May Help In Autopilot Defense
Dark Reading Staff, Quick Hits
The automotive company can use its data collection software to fight liability if involved in Florida crash case, say lawyers.
By Dark Reading Staff , 7/21/2016
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by XavierM159
Current Conversations You go skiing, eh?
In reply to: You go skiing, eh?
Post Your Own Reply
More Conversations
PR Newswire
Tools & Training To 'Hack Yourself' Into Better Security
Ofer Israeli, Founder & VP, R&D, illusive networks,  7/21/2016
5 Failsafe Techniques For Interviewing Security Candidates
Joshua Goldfarb, VP & CTO - Emerging Technologies, FireEye,  7/22/2016
How Jihadists Operate Online And Under The Radar: Report
Jai Vijayan, Freelance writer,  7/22/2016
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
Five Ingredients Of An Intelligence-Driven Security Operations Center: Part 3 In A Series
As enterprises adopt new ways of thinking about security, they also must make changes in their operations centers to support the new mindset. Here's what's needed. Read >>
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Endpoint Security: Putting The Focus On What Matters
Five tips to help sift through the noise and focus on actions that can dramatically impact your endpoint security program. Read >>
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: It's a tough job but someone has to test the links.
Dark Reading Radio
Archived Dark Reading Radio

The cybersecurity profession struggles to retain women (figures range from 10 to 20 percent). It's particularly worrisome for an industry with a rapidly growing number of vacant positions.

So why does the shortage of women continue to be worse in security than in other IT sectors? How can men in infosec be better allies for women; and how can women be better allies for one another? What is the industry doing to fix the problem -- what's working, and what isn't?

Is this really a problem at all? Are the low numbers simply an indication that women do not want to be in cybersecurity, and is it possible that more women will never want to be in cybersecurity? How many women would we need to see in the industry to declare success?

Join Dark Reading senior editor Sara Peters and guests Angela Knox of Cloudmark, Barrett Sellers of Arbor Networks, Regina Wallace-Jones of Facebook, Steve Christey Coley of MITRE, and Chris Roosenraad of M3AAWG on Wednesday, July 13 at 1 p.m. Eastern Time to discuss all this and more.

White Papers
Current Issue
The Changing Face of Identity Management
Mobility and cloud services are altering the concept of user identity. Here are some ways to keep up.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Flash Poll
Video
Slideshows
Twitter Feed