Cyberspies Impersonate Security Researcher
Valasek Not Done With Car Hacking Just Yet
Sights & Sounds Of Black Hat USA And DEF CON
A Tale Of Two IoT Security Outcomes
Pen Testing A Smart City
News & Commentary
Baby Monitors Expose Home -- And Business -- Networks
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Researchers find major security flaws in popular networked video baby monitor products that could allow attackers to snoop on babies and businesses.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 9/2/2015
Comment0 comments  |  Read  |  Post a Comment
Cyberspies Impersonate Security Researcher
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
'Rocket Kitten' pro-Iranian regime hackers focusing more on targeting individuals for geopolitical espionage.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 9/1/2015
Comment0 comments  |  Read  |  Post a Comment
Report: Ransomware Jumped 58 Percent in Q2
Sara Peters, Senior Editor at Dark ReadingNews
McAfee Threat Labs Report also zooms in on GPU malware and looks back on the first five years of the Intel-McAfee marriage.
By Sara Peters Senior Editor at Dark Reading, 9/1/2015
Comment0 comments  |  Read  |  Post a Comment
Malware Pre-Installed On Over Two-Dozen Android Smartphone Brands
Jai Vijayan, Freelance writerNews
Threat affects several smartphones shipping from Asia including some popular ones such as Lenovo, Huawei, and Xiaomi, says G Data.
By Jai Vijayan Freelance writer, 9/1/2015
Comment0 comments  |  Read  |  Post a Comment
We Can Allow Cybersecurity Research Without Stifling Innovation
Gavin Reid, Vice President, Threat Intelligence, Lancope IncCommentary
The U.S. government is in a unique position to become a global leader in cybersecurity. But only if it retains the open spirit of the Internet that kick-started the Information Age.
By Gavin Reid Vice President, Threat Intelligence, Lancope Inc, 9/1/2015
Comment0 comments  |  Read  |  Post a Comment
Your Worst Day In IT
David Spark, Veteran Tech journalist and founder of Spark Media Solutions
Turns out the most common culprits aren't what you might think.
By David Spark Veteran Tech journalist and founder of Spark Media Solutions, 9/1/2015
Comment0 comments  |  Read  |  Post a Comment
Sights & Sounds Of Black Hat USA And DEF CON
Kelly Jackson Higgins, Executive Editor at Dark Reading
Some hackers call the week of Black Hat USA and DEF CON 'security summer camp' -- a look at some of the highlights of the two shows.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/31/2015
Comment0 comments  |  Read  |  Post a Comment
Biggest Apple Account Theft Ever Hits Only JailBroken iOS Devices
Sara Peters, Senior Editor at Dark ReadingNews
KeyRaider stole 225,000 legitimate Apple accounts and slammed devices with ransomware and phony purchases, but only jailbroken gear, mostly in China, is affected.
By Sara Peters Senior Editor at Dark Reading, 8/31/2015
Comment2 comments  |  Read  |  Post a Comment
A CISO's View of Mobile Security Strategy, With Stacey Halota
Sara Peters, Senior Editor at Dark ReadingCommentaryVideo
CISO of Graham Holdings visits Dark Reading News Desk at Black Hat to discuss why mobile security is a top priority and how to use mobile devices as a security tool.
By Sara Peters Senior Editor at Dark Reading, 8/31/2015
Comment0 comments  |  Read  |  Post a Comment
10 Best Practices For BYOD Policy
Dark Reading Staff, News
Bring-your-own device doesn't have to mean bring your own security problems.
By Dark Reading Staff , 8/31/2015
Comment0 comments  |  Read  |  Post a Comment
Top Infosec Execs Will Eventually Report To CEOs, CISOs Say
Kevin West, CEO & founder, K logixCommentary
But becoming a trusted resource to the executive suite will demand major changes in the traditional chief information security officer role.
By Kevin West CEO & founder, K logix, 8/31/2015
Comment1 Comment  |  Read  |  Post a Comment
Ashley Madison CEO Resigns
Dark Reading Staff, Quick Hits
Once again, a security breach claims an executive's job, but the business plans to continue operating.
By Dark Reading Staff , 8/28/2015
Comment6 comments  |  Read  |  Post a Comment
FBI Sounds Alarm Again On Business Email Compromise Threat
Jai Vijayan, Freelance writerNews
Over 7,000 US business have been victimized by so-called BEC fraud between October 2013 and August 2015 alone, the FBI said in an alert this week.
By Jai Vijayan Freelance writer, 8/28/2015
Comment2 comments  |  Read  |  Post a Comment
The 7 ‘Most Common’ RATS In Use Today
Udi Shamir, Chief Security Officer, SentinelOneCommentary
Sniffing out RATS -- remote access Trojans -- is a challenge for even the most hardened cyber defender. Here’s a guide to help you in the hunt.
By Udi Shamir Chief Security Officer, SentinelOne, 8/28/2015
Comment3 comments  |  Read  |  Post a Comment
Valasek Not Done With Car Hacking Just Yet
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Security Pro File: Chris Valasek chats up the daunting challenge of topping the Jeep Cherokee hack, '80s Adidas tracksuits, his loathing of coding, and his love for Windows -- and Hall & Oates.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/28/2015
Comment10 comments  |  Read  |  Post a Comment
Thousands Of Potentially Malicious Android Apps Unearthed In Google Play
Jai Vijayan, Freelance writerNews
Indiana University researchers develop a new scanning technique dubbed 'MassVet' for vetting mobile app stores at scale.
By Jai Vijayan Freelance writer, 8/27/2015
Comment2 comments  |  Read  |  Post a Comment
The Security Of Applications And CISOs' Sanity, With Veracode's Chris Wysopal
Sara Peters, Senior Editor at Dark ReadingCommentaryVideo
Veracode's Chris Wysopal visits the Dark Reading News Desk at Black Hat to discuss application security, what CISOs' top priorities are, and what they should be.
By Sara Peters Senior Editor at Dark Reading, 8/27/2015
Comment0 comments  |  Read  |  Post a Comment
A Virtual Tour of IBM’s SOCs, With Roger Hellman
Dark Reading Staff, CommentaryVideo
IBM's Roger Hellman visits the Dark Reading News Desk to talk about how IBM recreated a unique security operations center experience at Black Hat.
By Dark Reading Staff , 8/27/2015
Comment0 comments  |  Read  |  Post a Comment
Catching Attackers In The Act Of Stage Two, With Gigamon
Dark Reading Staff, CommentaryVideo
Shehzad Merchant, CTO of Gigamon, visits the Dark Reading News Desk to discuss a platform for finding and containing attackers once they've broken through your perimeter defense.
By Dark Reading Staff , 8/27/2015
Comment1 Comment  |  Read  |  Post a Comment
Cybersecurity Under FTC Authority: What Does it Mean?
Tom Kellermann, Chief Cybersecurity Office, Trend MicroCommentary
Consumers can now expect the same level of security and privacy in the digital realm as they do in the physical.
By Tom Kellermann Chief Cybersecurity Office, Trend Micro, 8/27/2015
Comment8 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Valasek Not Done With Car Hacking Just Yet
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/28/2015
Cybersecurity Under FTC Authority: What Does it Mean?
Tom Kellermann, Chief Cybersecurity Office, Trend Micro,  8/27/2015
Ashley Madison CEO Resigns
Dark Reading Staff 8/28/2015
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Partner Perspectives
What's This?
Cartoon
Dark Reading Radio
Archived Dark Reading Radio
Another Black Hat is in the books and Dark Reading was there. Join the editors as they share their top stories, biggest lessons, and best conversations from the premier security conference.
White Papers
Current Issue
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7444
Published: 2015-09-01
The Special:Contributions page in MediaWiki before 1.22.0 allows remote attackers to determine if an IP is autoblocked via the "Change block" text.

CVE-2015-2807
Published: 2015-09-01
Cross-site scripting (XSS) vulnerability in js/window.php in the Navis DocumentCloud plugin before 0.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter.

CVE-2015-6520
Published: 2015-09-01
IPPUSBXD before 1.22 listens on all interfaces, which allows remote attackers to obtain access to USB connected printers via a direct request.

CVE-2015-6727
Published: 2015-09-01
The Special:DeletedContributions page in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to determine if an IP is autoblocked via the "Change block" text.

CVE-2015-6728
Published: 2015-09-01
The ApiBase::getWatchlistUser function in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 does not perform token comparison in constant time, which allows remote attackers to guess the watchlist token and bypass CSRF protection via a timing attack.

10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Flash Poll
Video
Slideshows
Twitter Feed