News & Commentary

Latest Content tagged with Risk
Page 1 / 2   >   >>
7 Tools for Stronger IoT Security, Visibility
Slideshows  |  5/16/2018  | 
If you don't know what's on your IoT network, you don't know what to protect -- or protect from. These tools provide visibility into your network so you can be safe with (and from) what you see.
Why Enterprises Can't Ignore Third-Party IoT-Related Risks
Commentary  |  5/14/2018  | 
There's a major disconnect between Internet of Things governance and risk management, according to a new report. Follow these five steps to address the risks.
Ready or Not: Transport Layer Security 1.3 Is Coming
Commentary  |  5/10/2018  | 
Better encryption could mean weaker security if you're not careful.
Phishing Threats Move to Mobile Devices
News  |  5/9/2018  | 
Mobile devices are emerging as a primary gateway for phishing attacks aimed at stealing data.
Calculating Cloud Cost: 8 Factors to Watch
Slideshows  |  5/9/2018  | 
If you're not careful and don't regularly assess the impact of your usage, moving to the cloud could have a negative impact on your bottom line.
Compliance Complexity: The (Avoidable) Risks of Not Playing by the Rules
Commentary  |  5/9/2018  | 
Achieving compliance is a challenging process, but with the right systems and customized data management policy, your organization can stay ahead of the next data breach -- and the regulators.
APT Attacks on Mobile Rapidly Emerging
News  |  5/8/2018  | 
Mobile devices are becoming a 'primary' enterprise target for attackers.
Breakout Time: A Critical Key Cyber Metric
Commentary  |  5/8/2018  | 
Why organizations need to detect an intrusion in under a minute, understand it in under 10 minutes, and eject the adversary in under an hour.
US Extradites Romanian Hackers Charged with Vishing, Smishing
Quick Hits  |  5/7/2018  | 
Suspects fraudulently obtained more than $18 million through fraud by voice and SMS.
Encryption is Necessary, Tools and Tips Make It Easier
News  |  5/3/2018  | 
In the InteropITX conference, a speaker provided tips, tools, and incentives for moving to pervasive encryption in the enterprise.
6 Enterprise Password Managers That Lighten the Load for Security
Slideshows  |  5/3/2018  | 
EPMs offer the familiar password wallet with more substantial administrative management and multiple deployment models.
Survey Shows Sensitive Data Goes Astray in Email
Quick Hits  |  5/2/2018  | 
Many employees have trouble controlling the release of sensitive information in email.
A Data Protection Officer's Guide to GDPR 'Privacy by Design'
Commentary  |  5/1/2018  | 
These five steps can show you how to start building your foundational privacy program for the EU's General Data Protection Regulation.
Slack Releases Open Source SDL Tool
News  |  4/30/2018  | 
After building an SDL tool for their own use, Slack has released it on Github under an open source license.
3 Ways to Maximize Security and Minimize Business Challenges
Partner Perspectives  |  4/30/2018  | 
The best strategy for choosing security tools and architecting networks is to focus on staffing and resources, risk tolerance, and business change.
MyEtherWallet DNS Attack Offers Opt-In Lessons
News  |  4/26/2018  | 
Attackers poisoned BGP route tables to redirect Amazon's Route 53 name servers to their malicious servers.
Why Hackers Love Healthcare
Commentary  |  4/26/2018  | 
The migration of valuable data to the cloud is piquing the interest of cybercrimimals. But there are ways to fight back.
The Default SAP Configuration That Every Enterprise Needs to Fix
News  |  4/26/2018  | 
Nine out of ten organizations are vulnerable to a 13-year-old flaw that puts their most critical business systems at risk of complete criminal takeover.
Despite Risks, Nearly Half of IT Execs Don't Rethink Cybersecurity after an Attack
Commentary  |  4/25/2018  | 
A recent survey reveals a troubling degree of security inertia lurking among scores of organizations. But there are a few bright spots.
Coviello: Modern Security Threats are 'Less About the Techniques'
News  |  4/24/2018  | 
Today's attack surface is broader, more open, and demands a proactive approach to security, according to former RSA chairman Art Coviello.
Golden Galleon Raids Maritime Shipping Firms
News  |  4/24/2018  | 
A new Nigerian criminal gang is launching attacks on the maritime industry.
Threat Intel: Finding Balance in an Overcrowded Market
News  |  4/23/2018  | 
Industry insiders discuss how threat intelligence has changed and what may happen as the market becomes increasingly saturated.
New Survey Shows Hybrid Cloud Confidence
Quick Hits  |  4/23/2018  | 
Executives are mostly confident in their hybrid cloud security, according to the results of a new survey.
Firms More Likely to Tempt Security Pros With Big Salaries than Invest in Training
Quick Hits  |  4/19/2018  | 
Booz Allen survey shows most organizations' answer to the security skills shortage may be unsustainable.
Securing Social Media: National Safety, Privacy Concerns
News  |  4/19/2018  | 
It's a critical time for social media platforms and the government agencies and private businesses and individuals using them.
Cyber War Game Shows How Federal Agencies Disagree on Incident Response
News  |  4/18/2018  | 
Former officials at DHS, DOJ, and DOD diverge on issues of attribution and defining what constitutes an act of cyber war.
2018 RSA Conference: Execs Push Cooperation, Culture & Civilian Safety
News  |  4/17/2018  | 
On the keynote stage, execs from Microsoft and McAfee introduced a new Cybersecurity Tech Accord.
8 Ways Hackers Monetize Stolen Data
Slideshows  |  4/17/2018  | 
Hackers are craftier than ever, pilfering PII piecemeal so bad actors can combine data to set up schemes to defraud medical practices, steal military secrets and hijack R&D product information.
Why We Need Privacy Solutions That Scale Across Borders
Commentary  |  4/17/2018  | 
New privacy solutions are becoming scalable, smarter, and easier to address compliance across industries and geographies.
New Malware Adds RAT to a Persistent Loader
News  |  4/17/2018  | 
A newly discovered variant of a long-known malware loader adds the ability to control the victim from afar.
INsecurity Conference Seeks Security Pros to Speak on Best Practices
News  |  4/16/2018  | 
Dark Reading's second annual data defense conference will be held Oct. 23-25 in Chicago; call for speakers is issued.
How GDPR Forces Marketers to Rethink Data & Security
Commentary  |  4/16/2018  | 
The European regulation is making marketing technology companies re-examine their security, and that's a good thing.
7 Steps to a Smooth, Secure Cloud Transition
Slideshows  |  4/13/2018  | 
Security leaders share their top steps to keep in mind as your organization moves data and applications to the cloud.
Businesses Calculate Cost of GDPR as Deadline Looms
News  |  4/12/2018  | 
Surveys highlight the financial burden of GDPR as companies scramble to meet the May 25 deadline.
Facebook Rolls Out 'Data Abuse Bounty' Program
News  |  4/11/2018  | 
The social media giant also got hit with a lawsuit the day before unveiling its new reward program.
2.6 Billion-Plus Data Records Breached Last Year
News  |  4/11/2018  | 
Most exposed data records caused by human error.
Hack Back: An Eye for an Eye Could Make You Blind
Commentary  |  4/11/2018  | 
Attackers have had almost zero consequences or cost for stealing data from innocent victims. But what if we could hack their wallets, not their systems?
'SirenJack' Vulnerability Lets Hackers Hijack Emergency Warning System
News  |  4/10/2018  | 
Unencrypted radio protocol that controls sirens left alert system at risk.
Businesses Fear 'Catastrophic Consequences' of Unsecured IoT
News  |  4/6/2018  | 
Only 29% of respondents in a new IoT security survey say they actively monitor the risk of connected devices used by third parties.
Protect Yourself from Online Fraud This Tax Season
Commentary  |  4/6/2018  | 
Use these tips to stay safe online during everyone's least-favorite time of the year.
Mirai Variant Botnet Takes Aim at Financials
News  |  4/5/2018  | 
In January, a botnet based on Mirai was used to attack at least three European financial institutions.
Facebook: Most Profiles Likely Scraped by Third Parties
Quick Hits  |  4/5/2018  | 
Facebook announces plans to restrict data access after 87 million users' data was improperly shared with Cambridge Analytica.
Misconfigured Clouds Compromise 424% More Records in 2017
News  |  4/4/2018  | 
Cybercriminals are increasingly aware of misconfigured systems and they're taking advantage, report IBM X-Force researchers.
How Gamers Could Save the Cybersecurity Skills Gap
News  |  4/4/2018  | 
McAfee shares its firsthand experience on training in-house cybersecurity pros and publishes new data on how other organizations deal with filling security jobs.
New DARPA Contract Looks to Avoid Another 'Meltdown'
Quick Hits  |  4/4/2018  | 
A new DARPA contract with Tortuga Logic intends to field chip emulation systems to test security before processors hit manufacturing.
Active Cyber Defense Is an Opportunity, Not a Threat
Commentary  |  4/4/2018  | 
If honest citizens can be tracked online with cookies and beacons that share where we are and what we are doing, then why should security professionals restrict their ability to hack attackers?
One-Third of Internal User Accounts Are 'Ghost Users'
News  |  4/4/2018  | 
Attackers and malware can easily move laterally through an organization, thanks to inadequate access controls on file systems and a proliferation of inactive but enabled users.
Medical Device Security Startup Launches
Quick Hits  |  4/3/2018  | 
Cynerio lands multi-million dollar funding round.
Panera Bread Leaves Millions of Customer Records Exposed Online
News  |  4/3/2018  | 
Personal information exposed in plain text for months on Panerabread.com and the company's response failed to rise to the challenge.
3 Security Measures That Can Actually Be Measured
Commentary  |  4/3/2018  | 
The massive budgets devoted to cybersecurity need to come with better metrics.
Page 1 / 2   >   >>


Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
Don't Roll the Dice When Prioritizing Vulnerability Fixes
Ericka Chickowski, Contributing Writer, Dark Reading,  5/15/2018
Why Enterprises Can't Ignore Third-Party IoT-Related Risks
Charlie Miller, Senior Vice President, The Santa Fe Group,  5/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Security through obscurity"
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11232
PUBLISHED: 2018-05-18
The etm_setup_aux function in drivers/hwtracing/coresight/coresight-etm-perf.c in the Linux kernel before 4.10.2 allows attackers to cause a denial of service (panic) because a parameter is incorrectly used as a local variable.
CVE-2017-15855
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, the camera application triggers "user-memory-access" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in u...
CVE-2018-3567
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing the HTT_T2H_MSG_TYPE_PEER_MAP or HTT_T2H_MSG_TYPE_PEER_UNMAP messages.
CVE-2018-3568
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, in __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur.
CVE-2018-5827
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing an extscan hotlist event.