Slideshows

Latest Content
Page 1 / 2   >   >>
Insider Threats: Red Flags and Best Practices
Slideshows  |  11/15/2017  | 
Security pros list red flags indicating an insider attack and best practices to protect against accidental and malicious exposure.
Emerging IT Security Technologies: 13 Categories, 26 Vendors
Slideshows  |  11/13/2017  | 
A rundown of some of the hottest security product areas, and vendors helping to shape them.
6 Steps for Sharing Threat Intelligence
Slideshows  |  11/10/2017  | 
Industry experts offer specific reasons to share threat information, why it's important - and how to get started.
Inhospitable: Hospitality & Dinings Worst Breaches in 2017
Slideshows  |  11/8/2017  | 
Hotels and restaurants are in the criminal crosshairs this year.
8 Older Companies Doing New Things in Security
Slideshows  |  11/6/2017  | 
These organizations have been around for a while but aren't slowing down on security releases.
10 Mistakes End Users Make That Drive Security Managers Crazy
Slideshows  |  11/2/2017  | 
Here's a list of common, inadvertent missteps end users make that can expose company data.
How to Make a Ransomware Payment - Fast
Slideshows  |  10/31/2017  | 
Paying ransom in a ransomware attack isn't recommended, but sometimes, it's necessary. Here's how to pay by cryptocurrency.
Security Gets Social: 10 of Dark Reading's Most Shared Stories
Slideshows  |  10/30/2017  | 
We scared up our most popular stories on Facebook, Twitter, and LinkedIn.
Windows 10 Update: 10 Key New Security Features
Slideshows  |  10/25/2017  | 
Microsoft is tightening its focus on Windows 10 security with several new security tools in its latest major OS update.
10 Steps for Stretching Your IT Security Budget
Slideshows  |  10/24/2017  | 
When the budget gods decline your request for an increase, here are 10 ways to stretch that dollar.
10 Social Engineering Attacks Your End Users Need to Know About
Slideshows  |  10/19/2017  | 
It's Cybersecurity Awareness Month. Make sure your users are briefed on these 10 attacker techniques that are often overlooked.
Game Change: Meet the Mach37 Fall Startups
Slideshows  |  10/18/2017  | 
CEOs describe how they think their fledgling ventures will revolutionize user training, privacy, identity management and embedded system security.
GDPR Compliance: 5 Early Steps to Get Laggards Going
Slideshows  |  10/16/2017  | 
If you're just getting on the EU General Data Protection Regulation bandwagon, here's where you should begin.
10 Major Cloud Storage Security Slip-Ups (So Far) this Year
Slideshows  |  10/13/2017  | 
Accenture is the latest in a string of major companies to expose sensitive cloud data this year, following Verizon, Deloitte, and Dow Jones.
Key New Security Features in Android Oreo
Slideshows  |  10/10/2017  | 
Android 8.0 Oreo marks a major revamp of Google's mobile operating system, putting in a number of new security-hardening measures.
10 Steps for Writing a Secure Mobile App
Slideshows  |  10/5/2017  | 
Best practices to avoid the dangers of developing vulnerability-ridden apps.
Best and Worst Security Functions to Outsource
Slideshows  |  9/29/2017  | 
Which security functions are best handled by third parties, and which should be kept in-house? Experts weigh in.
7 SIEM Situations That Can Sack Security Teams
Slideshows  |  9/27/2017  | 
SIEMs are considered an important tool for incident response, yet a large swath of users find seven major problems when working with SIEMs.
10 Security Product Flaw Scares
Slideshows  |  9/22/2017  | 
CCleaner compromise puts the crown on several years' worth of headlines about cybersecurity product weaknesses.
10 Hot Cybersecurity Funding Rounds in Q3
Slideshows  |  9/20/2017  | 
The first two quarters of 2017 have been the most active ever in five years from a cybersecurity investment standpoint. Here's how the third quarter has shaped up.
10 Ways to Prevent Your Mobile Devices From Becoming Bots
Slideshows  |  9/13/2017  | 
Enterprises may not notice a huge impact on their network's bandwidth, but other repercussions may loom in the background.
7 Takeaways From The Equifax Data Breach
Slideshows  |  9/11/2017  | 
The exposure of PII belonging to 143 million US consumers raises questions about the continued use of SSNs as identifiers, breach liability and app sec spending.
7 Tips to Fight Gmail Phishing Attacks
Slideshows  |  9/8/2017  | 
Popular email platforms like Gmail are prime phishing targets. Admins can adopt these steps to keep attackers at bay.
7 Things to Know About Today's DDoS Attacks
Slideshows  |  8/30/2017  | 
DDoS attacks are no longer something that just big companies in a few industries need to worry about. They have become a threat to every business.
10 Time-Consuming Tasks Security People Hate
Slideshows  |  8/28/2017  | 
Whether it is dealing with false positives, reporting to auditors, or patching software, here's the scut work security people dread.
14 Social Media-Savvy CISOs to Follow on Twitter
Slideshows  |  8/18/2017  | 
A roundup of some of the more social media-engaged security leaders to follow for updates on industry news, trends, and events.
9 of the Biggest Bug Bounty Programs
Slideshows  |  8/11/2017  | 
These programs stand out for the size of their rewards and how much they have paid in total to security researchers in bounties over the last several years.
2017 Pwnie Awards: Who Won, Lost, and Pwned
Slideshows  |  8/3/2017  | 
Security pros corralled the best and worst of cybersecurity into an award show highlighting exploits, bugs, achievements, and attacks from the past year.
7 Hardware & Firmware Hacks Highlighted at Black Hat 2017
Slideshows  |  7/24/2017  | 
Researchers will hammer home potentially devastating attacks, and demo a range of vulnerabilities, techniques and tools.
Best of Black Hat: 20 Epic Talks in 20 Years
Slideshows  |  7/19/2017  | 
In celebration of Black Hat's 20th birthday, we take a look back at the most memorable presentations and demos since the show's inception in 1997.
IoT Security Incidents Rampant and Costly
Slideshows  |  7/18/2017  | 
New research offers details about the hidden and not so hidden costs of defending the Internet of Things.
Desperately Seeking Security: 6 Skills Most In Demand
Slideshows  |  7/8/2017  | 
When people say there's a security skills gap, this is what they really mean.
NotPetya: How to Prep and Respond if You're Hit
Slideshows  |  7/7/2017  | 
Security pros share practices to prepare and handle advanced malware attacks like NotPetya.
8 Things Every Security Pro Should Know About GDPR
Slideshows  |  6/30/2017  | 
Organizations that handle personal data on EU citizens will soon need to comply with new privacy rules. Are you ready?
How To (And Not To) Make the Online Trust Honor Roll
Slideshows  |  6/29/2017  | 
Five websites generated the highest score in their sector for the 2017 Online Trust Audit & Honor Roll. Here is what it takes to get there and be listed among the Online Trust Alliance's Top 50
9 Ways to Protect Your Cloud Environment from Ransomware
Slideshows  |  6/27/2017  | 
The same technology driving faster collaboration and data transfer also enables cybercriminals to quickly spread ransomware.
8 Hot Hacking Tools to Come out of Black Hat USA
Slideshows  |  6/23/2017  | 
High-impact tools for white hats that will be revealed and released next month at Black Hat USA in Las Vegas.
Android Security Apps for BYOD Users
Slideshows  |  6/16/2017  | 
A look at 8 security apps that experts recommend for Android.
The Rising Tide of Crimeware-as-a-Service
Slideshows  |  6/13/2017  | 
Malware, botnets, phishing and backdoors are all offered on the cheap as subscription. These days even crime is in the cloud.
How End-User Devices Get Hacked: 8 Easy Ways
Slideshows  |  6/9/2017  | 
Security experts share the simplest and most effective methods bad guys employ to break into end-user devices.
8 Most Overlooked Security Threats
Slideshows  |  5/26/2017  | 
Businesses know the obvious security threats to watch for, but some of the biggest dangers may not at top-of-mind.
9 Ways Organizations Sabotage Their Own Security: Lessons from the Verizon DBIR
Slideshows  |  5/23/2017  | 
Mistakes and missteps plague enterprise security. The Verizon 2017 Data Breach Investigations Report (DBIR) offers nuggets on what organizations must stop doing now.
8 Notorious Russian Hackers Arrested in the Past 8 Years
Slideshows  |  5/12/2017  | 
Lesson learned by Russian cybercriminals: Don't go on vacation, it's bad for your freedom to scam.
10 Free or Low-Cost Security Tools
Slideshows  |  5/9/2017  | 
At a time when many organizations struggle with security funding, open-source tools can help cut costs for certain businesses.
6 Steps to Find Your Next Dozen Cloud Security Experts
Slideshows  |  4/26/2017  | 
There's stiff competition for cloud security experts, but finding yours may actually be easier than you think.
The Hidden Dangers of Component Vulnerabilities
Slideshows  |  4/21/2017  | 
Dangerous flaws in open source components and dependencies lurk within most applications today.
6 Times Hollywood Got Security Right
Slideshows  |  4/20/2017  | 
Hollywood has struggled to portray cybersecurity in a realistic and engaging way. Here are films and TV shows where it succeeded.
6 New Security Startups Named to MACH37 Spring Cohort
Slideshows  |  4/15/2017  | 
The companies selected this year include technical talent that draws from Silicon Valley to Hungary and Western Europe.
Forget the Tax Man: Time for a DNS Security Audit
Slideshows  |  4/11/2017  | 
Here's a 5-step DNS security review process that's not too scary and will help ensure your site availability and improve user experience.
7 Ways Hackers Target Your Employees
Slideshows  |  4/6/2017  | 
One employee under reconnaissance by cyberattackers can put your whole business at risk. Where are they being targeted, and what should they know?
Page 1 / 2   >   >>


Microsoft Word Vuln Went Unnoticed for 17 Years: Report
Kelly Sheridan, Associate Editor, Dark Reading,  11/14/2017
Companies Blindly Believe They've Locked Down Users' Mobile Use
Dawn Kawamoto, Associate Editor, Dark Reading,  11/14/2017
121 Pieces of Malware Flagged on NSA Employee's Home Computer
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/16/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Managing Cyber-Risk
An online breach could have a huge impact on your organization. Here are some strategies for measuring and managing that risk.
Flash Poll
[Strategic Security Report] Cloud Security's Changing Landscape
[Strategic Security Report] Cloud Security's Changing Landscape
Cloud services are increasingly becoming the platform for mission-critical apps and data. Heres how enterprises are adapting their security strategies!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.