How To Stay Safe On The Black Hat Network: 'Don't Connect To It'
7 Ways To Charm Users Out of Their Passwords
Dark Reading News Desk Coming Back To Black Hat, Live
10 Hottest Talks at Black Hat USA 2016
Locking Down Windows 10: 6 New Features
News & Commentary
Second Democratic Party Website Hacked
Jai Vijayan, Freelance writerNews
In a DNC-like attack, pro-Russian hackers broke into a website belonging to the Democratic Congressional Campaign Committee -- and reportedly also the Clinton campaign website.
By Jai Vijayan Freelance writer, 7/29/2016
Comment0 comments  |  Read  |  Post a Comment
5 Things We Know So Far About The DNC Hack
Steve Zurier, Freelance Writer
The plot thickens this week as Donald Trump openly calls on Russia to release Hillary Clinton’s emails. All roads appear to lead to Russia in the DNC -- and now possibly the DCCC -- hacks.
By Steve Zurier Freelance Writer, 7/29/2016
Comment1 Comment  |  Read  |  Post a Comment
South Korea: Cyberattack By North Korea Exposed Data Of 10 Million Consumers
Dark Reading Staff, Quick Hits
Personal data visitors to online shopping portal stolen, says South Korea police.
By Dark Reading Staff , 7/29/2016
Comment2 comments  |  Read  |  Post a Comment
DNC Leak: US Intel Chief Says It's Too Soon To Attribute Blame
Dark Reading Staff, Quick Hits
James Clapper suggests the email leak was an act by a nation-state and not some hacking group.
By Dark Reading Staff , 7/29/2016
Comment4 comments  |  Read  |  Post a Comment
How to Roll Your Own Threat Intelligence Team
Adam Meyers, VP of Intelligence, CrowdStrikeCommentary
A lot of hard work needs to go into effectively implementing an intelligence-driven security model. It starts with five critical factors.
By Adam Meyers VP of Intelligence, CrowdStrike, 7/29/2016
Comment1 Comment  |  Read  |  Post a Comment
Google Adds New Kernel-Level Protections For Android
Jai Vijayan, Freelance writerNews
Measures include kernel memory controls and features to reduce attack surface.
By Jai Vijayan Freelance writer, 7/28/2016
Comment1 Comment  |  Read  |  Post a Comment
Multiple Major Security Products Open To Big Vulns Via 'Hooking Engines'
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Black Hat USA talk will show how flawed implementation of hooking techniques are putting security and other software at risk.
By Ericka Chickowski Contributing Writer, Dark Reading, 7/28/2016
Comment2 comments  |  Read  |  Post a Comment
KPMG Study: Breaches Up, Security Spending Down
Terry Sweeney, Contributing EditorNews
81 percent admitted to a recent breach but less than half said they'd invested more in security as a result
By Terry Sweeney Contributing Editor, 7/28/2016
Comment16 comments  |  Read  |  Post a Comment
How To Stay Safe On The Black Hat Network: ‘Don’t Connect To It’
Neil R. Wyler (Grifter), Threat Hunting and Incident Response Specialist, RSACommentary
Black Hat attendees may have changed their titles and now carry business cards but hackers gotta hack and there’s no better place to do it than Black Hat.
By Neil R. Wyler (Grifter) Threat Hunting and Incident Response Specialist, RSA, 7/28/2016
Comment5 comments  |  Read  |  Post a Comment
Ex-Citibank Worker Jailed For Sabotage Of Network
Dark Reading Staff, Quick Hits
Revenge motive behind employee's actions that disrupted the network of 110 Citibank branches across the US.
By Dark Reading Staff , 7/28/2016
Comment1 Comment  |  Read  |  Post a Comment
Legal Sector's Threat Intel-Sharing Group Grows
Dark Reading Staff, Quick Hits
HHS Penalizes Philadelphia Healthcare Organization For HIPAA Violation
Jai Vijayan, Freelance writerNews
Catholic Health Care Services of the Archdiocese of Philadelphia agrees to pay $650,000 fine over 2014 data breach.
By Jai Vijayan Freelance writer, 7/27/2016
Comment0 comments  |  Read  |  Post a Comment
7 Ways To Charm Users Out of Their Passwords
Terry Sweeney, Contributing Editor
While the incentives have changed over time, it still takes remarkably little to get users to give up their passwords.
By Terry Sweeney Contributing Editor, 7/27/2016
Comment10 comments  |  Read  |  Post a Comment
Dark Reading News Desk Coming Back To Black Hat, Live
Sara Peters, Senior Editor at Dark ReadingNews
Live from Las Vegas: 40 video interviews with Black Hat USA conference speakers and sponsors. Wednesday Aug. 3, Thursday Aug, 4, 2 p.m. - 6:10 p.m. ET.
By Sara Peters Senior Editor at Dark Reading, 7/27/2016
Comment0 comments  |  Read  |  Post a Comment
The Internet Of Tiny Things: What Lurks Inside
Dan Cuddeford, Director of Sales Engineering, WanderaCommentary
Hackers can now use a tiny $2 embedded chip -- at scale -- to launch thousands of infected 'things' out into the ether to capture data and soften consumers up for an attack.
By Dan Cuddeford Director of Sales Engineering, Wandera, 7/27/2016
Comment0 comments  |  Read  |  Post a Comment
Vixie’s Farsight Rolls Out Its First Enterprise DNS Security Service
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
DNS expert aims for proactive protection, defense of organizations' online domains.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/27/2016
Comment0 comments  |  Read  |  Post a Comment
Russia Rejects DNC Breach Allegations As 'Old Trick'
Dark Reading Staff, Quick Hits
Kremlin dubs US charges of its involvement in hack of Democratic National Committee email system as mere attempts to exploit Russia during US election season.
By Dark Reading Staff , 7/27/2016
Comment5 comments  |  Read  |  Post a Comment
Kimpton Hotel Chain Investigating Possible Payment Card Breach
Dark Reading Staff, Quick Hits
Around 24 properties of Kimpton Hotels across US likely affected.
By Dark Reading Staff , 7/27/2016
Comment0 comments  |  Read  |  Post a Comment
Cybersecurity Skills Shortage Puts Organizations At Risk, Study Shows
Emily Johnson, Associate Editor, UBM AmericasNews
The oft-discussed and lamented cybersecurity skills gap isn’t just a hiring issue, it’s putting your organization at risk, Intel Security-CSIS study finds.
By Emily Johnson Associate Editor, UBM Americas, 7/27/2016
Comment1 Comment  |  Read  |  Post a Comment
Obama Issues Federal Government Policy For Cyberattack Response
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
New Presidential Policy Directive, PPD-41, solidifies just how key federal agencies coordinate, respond to cyberattacks on federal and private networks.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/26/2016
Comment6 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
KPMG Study: Breaches Up, Security Spending Down
Terry Sweeney, Contributing Editor,  7/28/2016
7 Ways To Charm Users Out of Their Passwords
Terry Sweeney, Contributing Editor,  7/27/2016
In Security, Know That You Know Nothing
Michael Sutton, Chief Information Security Office, Zscaler,  7/26/2016
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
Five Ingredients Of An Intelligence-Driven Security Operations Center: Part 3 In A Series
As enterprises adopt new ways of thinking about security, they also must make changes in their operations centers to support the new mindset. Here's what's needed. Read >>
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Endpoint Security: Putting The Focus On What Matters
Five tips to help sift through the noise and focus on actions that can dramatically impact your endpoint security program. Read >>
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Dark Reading Radio
Archived Dark Reading Radio

The cybersecurity profession struggles to retain women (figures range from 10 to 20 percent). It's particularly worrisome for an industry with a rapidly growing number of vacant positions.

So why does the shortage of women continue to be worse in security than in other IT sectors? How can men in infosec be better allies for women; and how can women be better allies for one another? What is the industry doing to fix the problem -- what's working, and what isn't?

Is this really a problem at all? Are the low numbers simply an indication that women do not want to be in cybersecurity, and is it possible that more women will never want to be in cybersecurity? How many women would we need to see in the industry to declare success?

Join Dark Reading senior editor Sara Peters and guests Angela Knox of Cloudmark, Barrett Sellers of Arbor Networks, Regina Wallace-Jones of Facebook, Steve Christey Coley of MITRE, and Chris Roosenraad of M3AAWG on Wednesday, July 13 at 1 p.m. Eastern Time to discuss all this and more.

White Papers
Current Issue
The Changing Face of Identity Management
Mobility and cloud services are altering the concept of user identity. Here are some ways to keep up.
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Flash Poll
Video
Slideshows
Twitter Feed