News & Commentary
Commercial IoT: Big Trouble in Small Devices
Stuart Bailey, CTO, Open Data Group, Board Member, Tempered NetworksCommentary
There are endless scenarios where hackers could wreak havoc on the industrial Internet of Things. Theres also a readily available solution called HIP.
By Stuart Bailey CTO, Open Data Group, Board Member, Tempered Networks, 3/28/2017
Comment0 comments  |  Read  |  Post a Comment
Intro to Cyber Insurance: 7 Questions to Ask
Kelly Sheridan, Associate Editor, InformationWeek
Buying a cyber insurance policy can be complex and difficult. Make sure you're asking these questions as you navigate the process.
By Kelly Sheridan Associate Editor, InformationWeek, 3/24/2017
Comment9 comments  |  Read  |  Post a Comment
Future of the SIEM
Kelly Sheridan, Associate Editor, InformationWeekNews
Current SIEM systems have flaws. Here's how the SIEM's role will change as mobile, cloud, and IoT continue to grow.
By Kelly Sheridan Associate Editor, InformationWeek, 3/22/2017
Comment2 comments  |  Read  |  Post a Comment
New Metasploit Extension Available for Testing IoT Device Security
Jai Vijayan, Freelance writerNews
RFTransceiver extension for the Metasploit Hardware Bridge API will let organizations detect and scan wireless devices operating outside 802.11 spec.
By Jai Vijayan Freelance writer, 3/21/2017
Comment0 comments  |  Read  |  Post a Comment
Cisco Issues Advisory on Flaw in Hundreds of Switches
Dark Reading Staff, Quick Hits
Vulnerability was discovered in WikiLeaks recent data dump on CIAs secret cyber-offensive unit.
By Dark Reading Staff , 3/21/2017
Comment1 Comment  |  Read  |  Post a Comment
Sound Waves Used to Hack Common Data Sensors
Terry Sweeney, Contributing EditorNews
Though the immediate threat to your smartphone or Fitbit is slight, University of Michigan researchers show command-and-control capability with spoofed signaling on a variety of MEMS accelerometers.
By Terry Sweeney Contributing Editor, 3/16/2017
Comment0 comments  |  Read  |  Post a Comment
Trust Begins With Layer 1 Encryption
Hector Menendez, Product Marketing Manager, IP/Optical Networks, NokiaCommentary
In todays distributed environment, cloud and communication service providers can play a key role in providing organizations with a scalable and secure platform for the connection of everything to everything. Heres how.
By Hector Menendez Product Marketing Manager, IP/Optical Networks, Nokia, 3/15/2017
Comment0 comments  |  Read  |  Post a Comment
IoT & Liability: How Organizations Can Hold Themselves Accountable
Richard Henderson, Global Security Strategist, AbsoluteCommentary
To avoid a lawsuit, your company needs to better understand the state of your infrastructure and the devices and applications within it. Here are five areas on which to focus.
By Richard Henderson Global Security Strategist, Absolute, 3/10/2017
Comment0 comments  |  Read  |  Post a Comment
Mobile (In)security: Dark Reading Cartoon Caption Contest Winners
Marilyn Cohodas, Community Editor, Dark ReadingCommentary
Clever word play on mobile ransomware, cloud and the Internet of Things. And the winners are
By Marilyn Cohodas Community Editor, Dark Reading, 3/9/2017
Comment2 comments  |  Read  |  Post a Comment
Securing Todays 'Elastic Attack Surface'
Amit Yoran, Chairman & CEO, Tenable Network SecurityCommentary
The foundation of good cybersecurity is knowing your network. But as organizations embrace new technologies, that simple task has gotten incredibly difficult.
By Amit Yoran Chairman & CEO, Tenable Network Security, 3/9/2017
Comment1 Comment  |  Read  |  Post a Comment
A Real-Life Look into Responsible Disclosure for Security Vulnerabilities
Marc Laliberte, Information Security Threat Analyst, WatchGuard TechnologiesCommentary
A researcher gives us a glimpse into what happened when he found a problem with an IoT device.
By Marc Laliberte Information Security Threat Analyst, WatchGuard Technologies, 3/7/2017
Comment2 comments  |  Read  |  Post a Comment
Consumer Reports to Grade Products on Cybersecurity
Dark Reading Staff, Quick Hits
The ratings group will begin to consider products' cybersecurity following a rise in attacks on IoT devices.
By Dark Reading Staff , 3/7/2017
Comment3 comments  |  Read  |  Post a Comment
Threats Converge: IoT Meets Ransomware
Javvad Malik, Security Advocate at AlienVaultCommentary
Ransomware is already a problem. The Internet of Things has had a number of security issues. What happens when the two combine?
By Javvad Malik Security Advocate at AlienVault, 3/6/2017
Comment0 comments  |  Read  |  Post a Comment
Zones of Trust: A New Way of Thinking about IoT Security
Vince Ricco, Technology Partner Manager, Axis CommunicationsCommentary
Recent attacks have focused attention on how to safely add "things"to enterprise networks, a topic that straddles IT and physical security. A zones-of-trust approach may be the answer.
By Vince Ricco Technology Partner Manager, Axis Communications, 2/28/2017
Comment0 comments  |  Read  |  Post a Comment
Blockchains New Role In The Internet of Things
Mance Harmon, Co-founder & CEO, SwirldsCommentary
With next gen distributed consensus algorithms that combine both security and performance, organizations can defend against DDoS attacks, even those that leverage IoT devices
By Mance Harmon Co-founder & CEO, Swirlds, 2/23/2017
Comment1 Comment  |  Read  |  Post a Comment
Tunneling Through The "Walls" Of IoT In The Enterprise
Jose Nazario, Director of Security Research at FastlyCommentary
The movie "Die Hard" has a thing or two to teach us about the pitfalls of the Internet of Things.
By Jose Nazario Director of Security Research at Fastly, 2/22/2017
Comment1 Comment  |  Read  |  Post a Comment
Stolen Health Record Databases Sell For $500,000 In The Deep Web
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Electronic health record databases proving to be some of the most lucrative stolen data sets in cybercrime underground.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/21/2017
Comment1 Comment  |  Read  |  Post a Comment
After Election Interference, RSA Conference Speakers Ask What Comes Next
Sara Peters, Senior Editor at Dark ReadingNews
Election-tampering called 'a red line we should not allow anyone to cross.'
By Sara Peters Senior Editor at Dark Reading, 2/17/2017
Comment1 Comment  |  Read  |  Post a Comment
IoT Security: A Ways To Go, But Some Interim Steps For Safety
Terry Sweeney, Contributing EditorNews
The Internet of Things remains vulnerable to botnets and malware, but Cisco's Anthony Grieco offers some tips to keep networks and users more secure
By Terry Sweeney Contributing Editor, 2/15/2017
Comment0 comments  |  Read  |  Post a Comment
The 10 Most Cyber-Exposed Cities In The US
Ericka Chickowski, Contributing Writer, Dark ReadingNews
At RSAC, Trend Micro researchers showcase municipalities with the highest percentage of discoverable devices and systems connected via the public Internet.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/15/2017
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by cracks4apk
Current Conversations Cool
In reply to: Nice
Post Your Own Reply
Posted by mhkang589
Current Conversations garbage in garbage out
In reply to: gigo
Post Your Own Reply
More Conversations
Register for Dark Reading Newsletters
White Papers
Current Issue
5 Security Technologies to Watch in 2017
Emerging tools and services promise to make a difference this year. Are they on your company's list?
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.