Valentine's Day Inspires DDoS Attacks Against Online Florists
The Phishie Awards: (Dis)Honoring The Best Of The Worst Phishing Attacks
3 Flavors of Machine Learning:  Who, What & Where
Cybercrime Gangs Blend Cyber Espionage And Old-School Hacks In Bank Heists
Cybersecurity Smackdown: What Side Are You On?
News & Commentary
Name That Toon: Dark Reading Caption Contest
Marilyn Cohodas, Community Editor, Dark ReadingCommentary
Take part in our brand new cartoon caption contest. Join the fun and maybe you’ll win a prize.
By Marilyn Cohodas Community Editor, Dark Reading, 2/13/2016
Comment0 comments  |  Read  |  Post a Comment
Valentine's Day Inspires DDoS Attacks Against Online Florists
Jai Vijayan, Freelance writerNews
Security vendor Imperva says it has observed a sharp increase in automated bot traffic directed at florist sites.
By Jai Vijayan Freelance writer, 2/13/2016
Comment0 comments  |  Read  |  Post a Comment
Quick Guide To Cyber Insurance Shopping
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Experts offer their opinions on important due diligence tasks when procuring cyber insurance.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/12/2016
Comment0 comments  |  Read  |  Post a Comment
Ukraine Railway, Mining Company Attacked With BlackEnergy
Jai Vijayan, Freelance writerNews
Weeks after the malware played a role in a massive power outage in the Ukraine, BlackEnergy and its cohort KillDisk were used in other attacks as well, Trend Micro says.
By Jai Vijayan Freelance writer, 2/12/2016
Comment0 comments  |  Read  |  Post a Comment
Perceptions Of IT Risk Changing In Business Ranks
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Business leaders increasingly see IT risk as huge, but policy making and visibility still lag.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/12/2016
Comment0 comments  |  Read  |  Post a Comment
Man Admits To Laundering $19.6 Million in Hacking, Telecom Fraud Scam
Dark Reading Staff, Quick Hits
Hacking increasingly being used as a way to enhance a variety of other criminal endeavors.
By Dark Reading Staff , 2/12/2016
Comment0 comments  |  Read  |  Post a Comment
Cybersecurity & Healthcare: Does Cybersecurity Act Help or Hurt?
Jay Trinckes, Senior Practice Lead, Healthcare & Life Sciences, CoalfireCommentary
Without adequate resources, the new Cybersecurity Act of 2015 Act is merely a snapshot in time that does little to safeguard sensitive medical information.
By Jay Trinckes Senior Practice Lead, Healthcare & Life Sciences, Coalfire, 2/12/2016
Comment2 comments  |  Read  |  Post a Comment
Congress Passes Judicial Redress Act, UK Snoopers' Charter Gets Closer Look
Dark Reading Staff, Quick Hits
European citizens win right to sue the Americans over privacy violations, while Britain ponders new ways to commit privacy violations.
By Dark Reading Staff , 2/11/2016
Comment1 Comment  |  Read  |  Post a Comment
3 Flavors of Machine Learning: Who, What & Where
Giora Engel, VP Product & Strategy, LightCyberCommentary
To get beyond the jargon of ML, you have to consider who (or what) performs the actual work of detecting advanced attacks: vendor, product or end-user.
By Giora Engel VP Product & Strategy, LightCyber, 2/11/2016
Comment0 comments  |  Read  |  Post a Comment
5 Reveals About Today's Attack M.O.s From Skype Spying Malware
Ericka Chickowski, Contributing Writer, Dark ReadingNews
T9000 backdoor is built with many of today's cybercriminal tricks up its sleeves.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/11/2016
Comment0 comments  |  Read  |  Post a Comment
5 Big Incident Response Mistakes
Jai Vijayan, Freelance writerNews
Failing to have a formal incident response plan is just one of the mistakes organizations make.
By Jai Vijayan Freelance writer, 2/11/2016
Comment0 comments  |  Read  |  Post a Comment
The Phishie Awards: (Dis)Honoring The Best Of The Worst Phishing Attacks
Sara Peters, Senior Editor at Dark Reading
From the costly to the clever to the just plain creepy, here are the recent phishing campaigns that have earned our reluctant recognition.
By Sara Peters Senior Editor at Dark Reading, 2/10/2016
Comment3 comments  |  Read  |  Post a Comment
Over 100,000 E-File PINs Fraudulently Accessed In Automated Attack On IRS App
Jai Vijayan, Freelance writerNews
Personal data stolen from other sources was used in attack agency says
By Jai Vijayan Freelance writer, 2/10/2016
Comment0 comments  |  Read  |  Post a Comment
IoT Next Surveillance Frontier, Says US Spy Chief
Dawn Kawamoto, Freelance Writer and EditorNews
US Director of National Intelligence James Clapper delivers chilling remarks regarding the Internet of Things, noting there may come a day when spy agencies may tap into IoT for surveillance, network access, and more.
By Dawn Kawamoto Freelance Writer and Editor, 2/10/2016
Comment0 comments  |  Read  |  Post a Comment
Bipartisan House Bill Will Seek To Prevent States From Mandating Encryption Backdoors
Sara Peters, Senior Editor at Dark ReadingQuick Hits
ENCRYPT Act aims to stave off efforts being made in California and New York legislatures.
By Sara Peters Senior Editor at Dark Reading, 2/10/2016
Comment0 comments  |  Read  |  Post a Comment
Simplifying Application Security: 4 Steps
Chris Wysopal, CTO, CISO and co-founder, VeracodeCommentary
It’s time to leave behind the misconceptions about the cost and effort required by effective application security. Here’s how.
By Chris Wysopal CTO, CISO and co-founder, Veracode, 2/10/2016
Comment1 Comment  |  Read  |  Post a Comment
Is The Cybersecurity Bubble About To Burst?
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Cybersecurity stocks are way down in 2016 so far, but venture capital money still flows.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/10/2016
Comment5 comments  |  Read  |  Post a Comment
As Dyre Goes Quiet, Focus Turns On Other Banking Trojans
Jai Vijayan, Freelance writerNews
Dridex, Gozi, and Shifu are just three of the many malware tools that could replace Dyre, security researchers say.
By Jai Vijayan Freelance writer, 2/9/2016
Comment0 comments  |  Read  |  Post a Comment
New White House Cybersecurity Plan Creates Federal CISO
Sara Peters, Senior Editor at Dark ReadingNews
Cybersecurity National Action Plan aims to increase federal cybersecurity spending by 35 percent to modernize IT and address skills shortage, IoT.
By Sara Peters Senior Editor at Dark Reading, 2/9/2016
Comment1 Comment  |  Read  |  Post a Comment
How (And Why) AppSec Is Important To Your Business
Kunal Anand, co-founder and CTO, PrevotyCommentary
WhiteHat founder Jeremiah Grossman and Prevoty founder & CTO Kunal Anand share their perspectives on the past and future of application security.
By Kunal Anand co-founder and CTO, Prevoty, 2/9/2016
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by saiopen
Current Conversations nice post
In reply to: Re: interesting video
Post Your Own Reply
Posted by Manyanti
Current Conversations i appreciate your comments
In reply to: Re: Flash
Post Your Own Reply
More Conversations
PR Newswire
Is The Cybersecurity Bubble About To Burst?
Ericka Chickowski, Contributing Writer, Dark Reading,  2/10/2016
The Phishie Awards: (Dis)Honoring The Best Of The Worst Phishing Attacks
Sara Peters, Senior Editor at Dark Reading,  2/10/2016
10 Shocking New Facts About Ransomware
Ericka Chickowski, Contributing Writer, Dark Reading,  2/8/2016
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Endpoint Security: Putting The Focus On What Matters
Five tips to help sift through the noise and focus on actions that can dramatically impact your endpoint security program. Read >>
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Dark Reading Radio
Archived Dark Reading Radio
Join Dark Reading community editor Marilyn Cohodas in a thought-provoking discussion about the evolving role of the CISO.
White Papers
Current Issue
E-Commerce Security: What Every Enterprise Needs to Know
The mainstream use of EMV smartcards in the US has experts predicting an increase in online fraud. Organizations will need to look at new tools and processes for building better breach detection and response capabilities.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Flash Poll
Video
Slideshows
Twitter Feed