Slideshows
Latest Content
Page 1 / 2   >   >>
The Phishie Awards: (Dis)Honoring The Best Of The Worst Phishing Attacks
Slideshows  |  2/10/2016  | 
From the costly to the clever to the just plain creepy, here are the recent phishing campaigns that have earned our reluctant recognition.
10 Shocking New Facts About Ransomware
Slideshows  |  2/8/2016  | 
Ransomware has taken over the cybercriminal world in the last few years and there's no end in sight.
7 Signs of Infosec's Groundhog Day Syndrome
Slideshows  |  2/2/2016  | 
Irritations that plague security pros day in and day out.
The Internet of Private ‘Things:’ 7 Privacy Missteps
Slideshows  |  1/15/2016  | 
A cautionary tale about the rules of ‘Privacy by Design’ and seven IoT companies that broke them in recent years.
Boldest Cybersecurity Predictions For 2016
Slideshows  |  12/31/2015  | 
Forget the boring, safe predictions -- here instead are the most interesting, cringe-worthy, humorous, or otherwise shocking predictions for the coming year.
Tech Gifts That Security Pros Will Probably Return
Slideshows  |  12/28/2015  | 
Insecure gifts that CISOs and other security pros are likely returning as we speak.
2015 Ransomware Wrap-Up
Slideshows  |  12/22/2015  | 
Here's a rundown of the innovative ransomware that frightened users and earned attackers big bucks this year.
10 Funny Twitter Feeds For Security Geeks
Slideshows  |  12/18/2015  | 
These must-follow Twitter feeds offer plenty of cybersecurity humor to keep infosec pros giggling even when the attacks keep coming.
The Employee Password Habits That Could Hurt Enterprises
Slideshows  |  12/9/2015  | 
While education and efforts around online credentials are improving, password hygiene still has problems
Security Geek Gift Guide
Slideshows  |  11/30/2015  | 
Whether you're looking for a gift to give at the IT department's holiday party, for your science-loving kids, or for a genuine friend in the cube beside you, these gifts are sure winners.
7 Elements Of Modern Endpoint Security
Slideshows  |  10/31/2015  | 
What it takes to secure and tap into the 'source of the truth' in today's threatscape.
Passing the Sniff Test: Security Metrics and Measures
Slideshows  |  10/23/2015  | 
Cigital dishes dirt on top security metrics that don’t work well, why they’re ineffective and which measurable to consider instead.
The State of Apple Security
Slideshows  |  10/14/2015  | 
A small market share and a trusted development environment protected Apple a long time, but will that last? Plus, EXCLUSIVE: more data on who's behind XCodeGhost.
10 Security Certifications To Boost Your Career
Slideshows  |  10/5/2015  | 
Earning a security credential can help you open the door to a great job. But you need to know which certification is the right one for you.
10 Password Managers For Business Use
Slideshows  |  9/28/2015  | 
Beyond helping end users keep track of their logins, some password managers can integrate with Active Directory and generate compliance reports.
Comic Con, Dark Reading Version
Slideshows  |  9/14/2015  | 
Our graphic novel illustrating a typical day in the life of a security super hero, as imagined by cartoonist John Klossner.
5 Free Security Analytics Tools
Slideshows  |  9/8/2015  | 
It's getting tougher to stay on top of the growing volume of security data generated. Take a look at some analytics tools for budget-conscious organizations.
Sights & Sounds Of Black Hat USA And DEF CON
Slideshows  |  8/31/2015  | 
Some hackers call the week of Black Hat USA and DEF CON 'security summer camp' -- a look at some of the highlights of the two shows.
Ouch! Feeling The Pain Of Cybersecurity In Healthcare
Slideshows  |  8/25/2015  | 
There are lots of reasons why medical data is so vulnerable but the sheer numbers at risk speak volumes about the scale of the problem.
View From The Top: Government’s Role In Cybersecurity
Slideshows  |  8/14/2015  | 
At the DarkReading News Desk, live from Black Hat, industry experts Dan Kaminsky, Richard Bejtlich, Katie Moussouris, Paul Kurtz, and Rod Beckstrom talked about how government is hurting and could be helping infosec.
Cyber Boot Camp: Lessons Learned
Slideshows  |  7/31/2015  | 
What happens when 50 young people spend a week in the trenches with cybersecurity researchers from ESET? One picture is worth a thousand words. Here are seven.
Emerging Web Infrastructure Threats
Slideshows  |  7/23/2015  | 
A secure cloud relies on some weak Internet infrastructure with some new BGP vulnerabilities that will be disclosed at Black Hat USA.
10 Trends In Infosec Careers And Staffing
Slideshows  |  7/16/2015  | 
Employment stable for job-seekers, but staffing gaps persist for employers who need better security teams to counter threats
6 Emerging Android Threats
Slideshows  |  7/7/2015  | 
A peek at some of the Android vulnerabilities and malware that will be revealed at Black Hat USA next month.
5 Things You Probably Missed In The Verizon DBIR
Slideshows  |  6/25/2015  | 
A look at a few of the lesser-noticed but meaty nuggets in the annual Verizon Data Breach Investigations Report (DBIR).
7 Top Security Quotes From London Technology Week
Slideshows  |  6/19/2015  | 
Tech events across the city hit on IoT, smart cities, mobility and Legos.
Quantifying Shadow Data In The Cloud
Slideshows  |  6/8/2015  | 
Report shows how much data users really are exposing on SaaS services.
10 Security Questions To Ask A Cloud Service Provider
Slideshows  |  5/12/2015  | 
Help the business assess the risks of cloud services with these handy questions.
Twitter's Top 10 Social CISOs
Slideshows  |  4/27/2015  | 
If you work in information security today, you're on Twitter. Or are you?
7 Deadly Sins That Get Users Hacked
Slideshows  |  4/16/2015  | 
How users and their endpoints are leveraged by the bad guys to eventually find their way to critical data
8 Identity & Access Metrics To Manage Breach Risks
Slideshows  |  4/2/2015  | 
Measurables for improving security posture around access controls.
7 Bugs, Breaches, & Compromises To Rock 2015 (So Far)
Slideshows  |  3/30/2015  | 
The year's started off with a bang; will we hear risk management pros whimper?
The 7 Best Social Engineering Attacks Ever
Slideshows  |  3/17/2015  | 
Seven reminders of why technology alone isn't enough to keep you secure.
10 Ways To Measure IT Security Program Effectiveness
Slideshows  |  3/16/2015  | 
The right metrics can make or break a security program (or a budget meeting).
Mobile Security By The Numbers
Slideshows  |  3/2/2015  | 
Rounding up the latest research on mobile malware and security practices.
7 Things You Should Know About Secure Payment Technology
Slideshows  |  2/24/2015  | 
Despite the existence of EMV and Apple Pay, we're a long way from true payment security, especially in the US.
20 Startups To Watch In 2015
Slideshows  |  12/29/2014  | 
Check our list of security startups sure to start (or continue) making waves in the coming year.
CISO Holiday Bookshelf
Slideshows  |  12/22/2014  | 
A selection of interesting security reads perfect as gifts from and to the typical CISO.
Stocking Stuffers For Happy Hacking
Slideshows  |  12/15/2014  | 
Find that perfect gift for your co-workers and much-loved white hats without breaking the bank.
How To Become a CISO: Top Tips
Slideshows  |  12/8/2014  | 
A look at the best career advice for aspiring CISOs from people who've reached the top.
Why We Need Better Cyber Security: A Graphical Snapshot
Slideshows  |  11/28/2014  | 
By 2022, demand for security industry professionals will grow 37%.
Cloud Security By The Numbers
Slideshows  |  11/21/2014  | 
Quantifying the perceptions around cloud security practices.
The Year Of The Retailer Data Breach
Slideshows  |  11/17/2014  | 
This year's wave of attacks was more dramatic in its widespread scope and seemingly constant battering of more than a dozen big box chains.
10 Cool Security Tools Open-Sourced By The Internet's Biggest Innovators
Slideshows  |  11/3/2014  | 
Google, Facebook, Netflix, and others have all offered up tools they've developed in-house to the community at large.
The Internet of Things: 7 Scary Security Scenarios
Slideshows  |  10/16/2014  | 
The IoT can be frightening when viewed from the vantage point of information security.
Be Aware: 8 Tips for Security Awareness Training
Slideshows  |  9/29/2014  | 
Hint: One giant security training session to rule them all is not the way to go.
7 Reasons To Love Passwords
Slideshows  |  9/17/2014  | 
Passwords are often ridiculed, but there are some reasons they should be your nearest and dearest authentication factor.
InfoSec Book Club: What’s On Your Fall Reading List?
Slideshows  |  9/9/2014  | 
Dark Reading community members share the books that inform and inspire their decisions and interactions as security professionals.
Hacker Couture: As Seen At Black Hat USA, BSides, DEF CON
Slideshows  |  8/18/2014  | 
'Leet tattoos, piercings, mega-beards, (the real) John McAfee, and even a cute puppy were among the colorful sights in Las Vegas this month.
6 Biometric Factors That Are Working Today
Slideshows  |  8/12/2014  | 
From fingerprints to wearable ECG monitors, there are real options in the market that may relegate the despised password to the dustbin of history.
Page 1 / 2   >   >>


Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
E-Commerce Security: What Every Enterprise Needs to Know
The mainstream use of EMV smartcards in the US has experts predicting an increase in online fraud. Organizations will need to look at new tools and processes for building better breach detection and response capabilities.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Join Dark Reading community editor Marilyn Cohodas in a thought-provoking discussion about the evolving role of the CISO.