Slideshows

Content posted in April 2016
6 Steps for Responding to a Disruptive Attack
Slideshows  |  4/29/2016  | 
Todays threat landscape dictates that companies must have a workable incident response plan.
10 Newsmakers Who Shaped Security In the Past Decade
Slideshows  |  4/28/2016  | 
In celebration of Dark Readings 10th anniversary, we profile ten people whose actions influenced and shaped the trajectory of the industry for better or for worse -- in the past ten years.
Top 10 Web Hacking Techniques For 2015
Slideshows  |  4/27/2016  | 
The most influential research on vulnerabilities and exploits, as voted on by the security community.
10 Tips for Securing Your SAP Implementation
Slideshows  |  4/23/2016  | 
Without clear ownership of security for a critical business platform like SAP, it should come as no surprise that SAP cybersecurity continues to fall through the cracks among IT, admin, security and InfoSec teams.
5 Features to Look For In A Next-Generation Firewall
Slideshows  |  4/22/2016  | 
When it comes to NGFWs, its the integration that counts.
A Brief History Of Ransomware
Slideshows  |  4/21/2016  | 
A top ten chronicle of more than a decade of notable ransomware variants and trends.
8 Active APT Groups To Watch
Slideshows  |  4/16/2016  | 
Ever wonder who's behind some of the attacks we hear about in the news? Here are eight advanced persistent threat (APT) groups that operate some of the most successful and well-known malware campaigns worldwide.
How To Prepare For A DDoS Attack: 10 Steps
Slideshows  |  4/15/2016  | 
Like a hurricane or a flood, a DDoS is a crisis. Follow these 10 steps to prepare for an attack before it hits.
10 Things Cyber Insurance Won't Cover
Slideshows  |  4/14/2016  | 
Cyber insurance policies come with some important caveats to keep in mind.
The 8 Most Convincing Phishing Schemes Of 2016
Slideshows  |  4/9/2016  | 
The year is young and high-profile phishing attacks keep coming seemingly every week. Here are eight reasons why security pros have to get serious about combating phishing.
10 Cybersecurity Twitter Profiles To Watch
Slideshows  |  4/7/2016  | 
If youre responsible for an information security program, check out these influencers to follow.
7 Biggest Trends Bubbling Up For Interop
Slideshows  |  4/6/2016  | 
CISOs and security leaders will find security is top of mind at Interop, when risk management intersects with some of the biggest themes likely to come out of the show.


5 Reasons the Cybersecurity Labor Shortfall Won't End Soon
Steve Morgan, Founder & CEO, Cybersecurity Ventures,  12/11/2017
Oracle Product Rollout Underscores Need for Trust in the Cloud
Kelly Sheridan, Associate Editor, Dark Reading,  12/11/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Gee, these virtual reality goggles work great!!! 
Current Issue
The Year in Security: 2017
A look at the biggest news stories (so far) of 2017 that shaped the cybersecurity landscape -- from Russian hacking, ransomware's coming-out party, and voting machine vulnerabilities to the massive data breach of credit-monitoring firm Equifax.
Flash Poll
[Strategic Security Report] Cloud Security's Changing Landscape
[Strategic Security Report] Cloud Security's Changing Landscape
Cloud services are increasingly becoming the platform for mission-critical apps and data. Heres how enterprises are adapting their security strategies!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.