A Tale Of Two IoT Security Outcomes
Ouch! Feeling The Pain Of Cybersecurity In Healthcare
Paul Vixie On DNS Security & Botnet Takedowns
Pen Testing A Smart City
Keyless Cars: A New Frontier For Bug Bounties?
News & Commentary
A Virtual Tour of IBM’s SOCs, With Roger Hellman
Dark Reading Staff, CommentaryVideo
IBM's Roger Hellman visits the Dark Reading News Desk to talk about how IBM recreated a unique security operations center experience at Black Hat.
By Dark Reading Staff , 8/27/2015
Comment0 comments  |  Read  |  Post a Comment
Catching Attackers In The Act Of Stage Two, With Gigamon
Dark Reading Staff, CommentaryVideo
Shehzad Merchant, CTO of Gigamon, visits the Dark Reading News Desk to discuss a platform for finding and containing attackers once they've broken through your perimeter defense.
By Dark Reading Staff , 8/27/2015
Comment0 comments  |  Read  |  Post a Comment
Cybersecurity Under FTC Authority: What Does it Mean?
Tom Kellermann, Chief Cybersecurity Office, Trend MicroCommentary
Consumers can now expect the same level of security and privacy in the digital realm as they do in the physical.
By Tom Kellermann Chief Cybersecurity Office, Trend Micro, 8/27/2015
Comment0 comments  |  Read  |  Post a Comment
Seeing Into Security 'Blind Spots' With Bay Dynamics' Gautam Aggarwal
Dark Reading Staff, CommentaryVideo
Gautam Aggarwal, CMO of Bay Dynamics, visits Dark Reading News Desk at Black Hat to explain that it’s important to not just develop a cybersecurity strategy, but to also better understand what your security blind spots are.
By Dark Reading Staff , 8/27/2015
Comment0 comments  |  Read  |  Post a Comment
Evolution Of The CISO And The Board: BAE Systems’ Jim Anderson Explains
Dark Reading Staff, CommentaryVideo
President of the Americas for BAE Systems Applied Intelligence, Jim Anderson, joins the Dark Reading News Desk at Black Hat to explain how the CISO has to improve communications with the corporate board and better explain overall security strategy.
By Dark Reading Staff , 8/27/2015
Comment0 comments  |  Read  |  Post a Comment
RiskIQ's Arian Evans Talks Up Hunting Down Digital Assets
Dark Reading Staff, CommentaryVideo
You can't protect what you can't find. Arian Evans, vice president of product marketing for RiskIQ, joins the Dark Reading News Desk at Black Hat to explain how to discover all your assets.
By Dark Reading Staff , 8/27/2015
Comment0 comments  |  Read  |  Post a Comment
Flash: Web Browser Plugins Are Vulnerable
Gavin Millard, Technical Director, EMEA, Tenable Network Security
Maybe it’s time to uninstall Flash for those that don’t need it and continuously monitor those that do.
By Gavin Millard Technical Director, EMEA, Tenable Network Security, 8/27/2015
Comment1 Comment  |  Read  |  Post a Comment
Consumers Want Password Alternatives
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Consumer confidence in online passwords wanes and their password hygiene remains as sketchy as ever, study finds.
By Ericka Chickowski Contributing Writer, Dark Reading, 8/27/2015
Comment0 comments  |  Read  |  Post a Comment
A Tale Of Two IoT Security Outcomes
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Commandeered Jeep gets fixed but a 'hijacked' satellite network does not? Why Internet of Things security remains a work in progress.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/26/2015
Comment0 comments  |  Read  |  Post a Comment
Getting To Yes, Cooperatively
Lysa Myers, Security Researcher, ESETCommentary
As security advocates, determining what “beneficial” means to a particular audience should be our first step in developing recommendations.
By Lysa Myers Security Researcher, ESET, 8/26/2015
Comment1 Comment  |  Read  |  Post a Comment
From Vicious To Virtuous: A Plan Of Attack For Incident Response
Torry Campbell, Chief Technical Officer of Endpoint and Management at Intel Security
How do you get there? Increase the cost and effort required by the bad guys and boost your efficiency.
By Torry Campbell Chief Technical Officer of Endpoint and Management at Intel Security, 8/26/2015
Comment0 comments  |  Read  |  Post a Comment
Kelly's Glimpse Of Black Hat
Sara Peters, Senior Editor at Dark ReadingCommentaryVideo
Dark Reading executive editor Kelly Jackson Higgins talks through the top trends and sessions, and how the industry has evolved since her first trip to Black Hat.
By Sara Peters Senior Editor at Dark Reading, 8/26/2015
Comment0 comments  |  Read  |  Post a Comment
IBM Advises Businesses To Block Tor
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
With Tor-based attacks on the rise, IBM says it's time to stop Tor in the enterprise.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/25/2015
Comment7 comments  |  Read  |  Post a Comment
What Would You Do Differently If You Knew You Were Going To Be Robbed?
Michael Sentonas, Vice President, Chief Technology Officer, Security Connected at Intel Security
Neither prevention nor detection alone is sufficient in today’s cybercrime environment.
By Michael Sentonas Vice President, Chief Technology Officer, Security Connected at Intel Security, 8/25/2015
Comment0 comments  |  Read  |  Post a Comment
Ouch! Feeling The Pain Of Cybersecurity In Healthcare
Marilyn Cohodas, Community Editor, Dark Reading
There are lots of reasons why medical data is so vulnerable but the sheer numbers at risk speak volumes about the scale of the problem.
By Marilyn Cohodas Community Editor, Dark Reading, 8/25/2015
Comment2 comments  |  Read  |  Post a Comment
Security Stands As Top Factor In Digital Brand Confidence
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Security ranked alongside marketing and IT ops concerns as important indicators of trust in online sites.
By Ericka Chickowski Contributing Writer, Dark Reading, 8/25/2015
Comment0 comments  |  Read  |  Post a Comment
What Drives A Developer To Use Security Tools -- Or Not
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
National Science Foundation (NSF)-funded research by Microsoft Research, NC State, and UNC-Charlotte sheds light on what really makes a software developer scan his or her code for security bugs.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/24/2015
Comment10 comments  |  Read  |  Post a Comment
Ruling: FTC Can Hold Wyndham Liable For Data Breach
Dark Reading Staff, Quick Hits
Appeals Court ruling solidifies Federal Trade Commission's authority to take action against companies whose data breaches expose customer information.
By Dark Reading Staff , 8/24/2015
Comment3 comments  |  Read  |  Post a Comment
Survey Says: Incident Response Is Fighting Back
Torry Campbell, Chief Technical Officer of Endpoint and Management at Intel Security
Companies appear to be recognizing the need for increased incident-response spending.
By Torry Campbell Chief Technical Officer of Endpoint and Management at Intel Security, 8/24/2015
Comment0 comments  |  Read  |  Post a Comment
Android Lock Patterns Laughably Easy To Guess
Eric Zeman, Commentary
A researcher shows that people rely on weak Android lock patterns just as they do weak passwords.
By Eric Zeman , 8/24/2015
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
What Drives A Developer To Use Security Tools -- Or Not
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/24/2015
IBM Advises Businesses To Block Tor
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/25/2015
Keyless Cars: A New Frontier For Bug Bounties?
Ken Munro, Partner & Founder, Pen Test Partners LLP,  8/24/2015
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Flash: Web Browser Plugins Are Vulnerable
Maybe it's time to uninstall Flash for those that don't need it and continuously monitor those that do. Read >>
Cartoon
Dark Reading Radio
Archived Dark Reading Radio
Another Black Hat is in the books and Dark Reading was there. Join the editors as they share their top stories, biggest lessons, and best conversations from the premier security conference.
White Papers
Current Issue
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-5367
Published: 2015-08-27
The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before 12.500.00.15.1803 on EliteBook, ElitePad, Elite, ProBook, Spectre, ZBook, and mt41 Thin Client devices allows local users to gain privileges via unspecified vectors.

CVE-2015-5368
Published: 2015-08-27
The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before 12.500.00.15.1803 on EliteBook, ElitePad, Elite, ProBook, Spectre, ZBook, and mt41 Thin Client devices allows remote attackers to modify data or cause a denial of service, or execute arbitrary code, via unspecified vectors.

CVE-2013-7424
Published: 2015-08-26
The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of service (invalid free) and possibly execute arbitrary code via unspecified vectors, as demonstrated by an internationalized domain name to pin...

CVE-2015-2139
Published: 2015-08-26
HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5403.

CVE-2015-2140
Published: 2015-08-26
HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.

10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Flash Poll
Video
Slideshows
Twitter Feed