Slide-Show
Latest Content
Page 1 / 2   >   >>
Be Aware: 8 Tips for Security Awareness Training
Slideshows  |  9/29/2014  | 
Hint: One giant security training session to rule them all is not the way to go.
7 Reasons To Love Passwords
Slideshows  |  9/17/2014  | 
Passwords are often ridiculed, but there are some reasons they should be your nearest and dearest authentication factor.
InfoSec Book Club: What’s On Your Fall Reading List?
Slideshows  |  9/9/2014  | 
Dark Reading community members share the books that inform and inspire their decisions and interactions as security professionals.
Hacker Couture: As Seen At Black Hat USA, BSides, DEF CON
Slideshows  |  8/18/2014  | 
'Leet tattoos, piercings, mega-beards, (the real) John McAfee, and even a cute puppy were among the colorful sights in Las Vegas this month.
6 Biometric Factors That Are Working Today
Slideshows  |  8/12/2014  | 
From fingerprints to wearable ECG monitors, there are real options in the market that may relegate the despised password to the dustbin of history.
10 Dramatic Moments In Black Hat History
Slideshows  |  7/31/2014  | 
From Google hacking to ATM "jackpotting" to the NSA -- Black Hat has had some memorable moments over the years.
7 Black Hat Sessions Sure To Cause A Stir
Slideshows  |  7/22/2014  | 
At Black Hat, researchers will point out the weaknesses in everything from the satellites in outer space to the thermostat in your home.
Ransomware: 5 Threats To Watch
Slideshows  |  7/17/2014  | 
Cyber criminals have kicked it up a notch with nasty malware that locks you out of your machine and holds it for ransom.
6 Things That Stink About SSL
Slideshows  |  7/9/2014  | 
Users might not care to trust the very mechanism that's supposed to provide online trust.
Hacker Movies We Love & Hate
Slideshows  |  7/1/2014  | 
Check out Dark Reading community members' favorite hacker movie hits and misses. Then add your picks in the comments section.
Privacy, Cybercrime Headline the Infosecurity Europe Conference
Slideshows  |  5/2/2014  | 
Attendees debate NSA surveillance, privacy reforms, cybercrime defenses, and sharpen their CISO skills.
Slide Show: 20 Security Startups To Watch
Slideshows  |  1/31/2014  | 
Cloud security, mobile security, advanced behavioral detection, and a few other surprises mark this latest crop of newcomers
10 Free Or Low-Cost Network Discovery And Mapping Tools
Slideshows  |  1/17/2014  | 
Understand your network so you can defend it better
Slide Show: 8 Effective Data Visualization Methods For Security Teams
Slideshows  |  12/31/2013  | 
Getting the most out of security analytics data sets, large or small, by visualizing the information
9 Notorious Hackers Of 2013
Slideshows  |  12/27/2013  | 
This year's hacking hall of shame includes members of Anonymous and the Blackhole cybercrime gang, plus state-sponsored groups.
Slide Show: The Coolest Hacks Of 2013
Slideshows  |  12/23/2013  | 
A look back at some of the year's most extreme, creative, and -- in some cases -- just plain bizarre hacks by security researchers
Android Security: 8 Signs Hackers Own Your Smartphone
Slideshows  |  11/29/2013  | 
Security experts share tips on how to tell if attackers are in control of your Android smartphone.
Slide Show: 10 Free Network Defense Tools
Slideshows  |  10/28/2013  | 
Affordably protect the perimeter and beyond with these handy network security utilities and toolkits
Iris Scans: Security Technology In Action
Slideshows  |  8/28/2013  | 
Iris-based security scans are the stuff of sci-fi movies, but NIST research shows how the technology can now be used in the real world to reliably identify individuals.
Slide Show: The Sights Of Black Hat
Slideshows  |  8/6/2013  | 
A photo recap of a week of research, crowds and parties at Black Hat USA 2013
Slide Show: 10 Ways Attackers Automate Malware Production
Slideshows  |  6/18/2013  | 
Peeking into an attacker's toolbox to see how malware production is automated and the Internet is flooded with millions of unique malware applications
Who Is Syrian Electronic Army: 9 Facts
Slideshows  |  5/16/2013  | 
Syrian hackers claim to battle American imperialism, media bias and Angelina Jolie.
10 Top Password Managers
Slideshows  |  4/30/2013  | 
Tired of being stuck in password hell? Consider these password managers that balance security with convenience.
Slide Show: 8 Egregious Examples Of Insider Threats
Slideshows  |  4/9/2013  | 
Real-world case studies from the CERT Insider Threat Center
Slide Show: 10 Password Database Fails
Slideshows  |  3/12/2013  | 
Evernote's most recent password breach is the same refrain from a song the industry has been singing for a while -- check out some of the worst password cache compromises
Anonymous: 10 Things We've Learned In 2013
Slideshows  |  2/28/2013  | 
The Anonymous hacker group continues to seek equal measures of revenge, justice and reform -- preferably through chaotic means -- for perceived wrongdoings.
10 Free SMB Security Tools
Slideshows  |  2/1/2013  | 
This slide show features an assortment of solutions that SMBs can use to minimize their security spend
Military Drones Present And Future: Visual Tour
Slideshows  |  12/14/2012  | 
The Pentagon's growing fleet of unmanned aerial vehicles ranges from hand-launched machines to the Air Force's experimental X-37B space plane.
Slide Show: 10 Security-Service Startups To Remember In 2012
Slideshows  |  12/11/2012  | 
With the security services market growing by more than 23 percent per year, it's no wonder that 2012 had its share of startup launches and young companies taking off
Slide Show: Top 10 Malware Advances In 2012
Slideshows  |  12/6/2012  | 
Blackhole's business model, Flashback's Mac fetish, ransomware's resurgence with Reveton, and Gauss' ability to guard against analysis among the game-changers this year
Spy Tech: 10 CIA-Backed Investments
Slideshows  |  11/21/2012  | 
Check out some of the latest technologies to win funding from In-Q-Tel, the venture investment arm of the CIA and other intelligence agencies. That's the first step toward use by agents and analysts.
Slide Show: 2012 Pastebin Pinups
Slideshows  |  11/20/2012  | 
Some of the most embarrassing dumps of leaked databases, exposed corporate IP and breached customer records in 2012
Slide Show: The Vulnerability 'Usual Suspects' Of 2012
Slideshows  |  11/16/2012  | 
Here's the list of applications, companies, and targets that dominated vulnerability and exploit headlines in 2012
Who Is Hacking U.S. Banks? 8 Facts
Slideshows  |  10/22/2012  | 
Hackers have labeled the bank website disruptions as grassroots-level reprisal for an anti-Islamic film. But is the Iranian government really backing the attacks?
14 Amazing DARPA Technologies On Tap
Slideshows  |  9/27/2012  | 
Go inside the labs of the Defense Advanced Research Projects Agency for a look at some of the most intriguing technologies they're developing in computing, electronics, communications, and more.
Slide Show: 10 Free Governance Risk And Compliance Tools
Slideshows  |  9/27/2012  | 
While expensive risk management products can certainly help a GRC program, any organization can get started measuring risk and making more disciplined decisions using these tools and templates
Slide Show: Memorable Moments From Black Hat 2012
Slideshows  |  8/13/2012  | 
A look at some of the demos, hacks, awards, and parties at this year's Black Hat USA 2012 convention
Slide Show: 10 Free Database Security Tools
Slideshows  |  7/11/2012  | 
While many database protection suites are an expensive proposition, there are a number of free tools available to organizations seeking cost-effective ways to begin securing their databases
Secret Spy Satellite Takes Off: Stunning Images
Slideshows  |  6/20/2012  | 
The National Reconnaissance Office provides satellite imagery for intelligence operations and national defense. Here's a look at the agency's most recent rocket launches.
Facebook's History: From Dorm To IPO Darling
Slideshows  |  5/17/2012  | 
Facebook's IPO brings the world's most popular social network into Wall Street's big league. After a wild ride, Facebook's future depends on profiting from an increasingly mobile user base.
Military Transformers: 20 Innovative Defense Technologies
Slideshows  |  5/14/2012  | 
Department of Defense technologies under development, from brainy microchips to battlefield transformer vehicles, promise to make the U.S. military more nimble. Here's a visual tour of 20 breakthrough ideas.
U.S. Military Robots Of The Future: Visual Tour
Slideshows  |  4/24/2012  | 
Meet robots that fight fires, climb ladders, search for bombs, and race across the battlefield. The technological singularity is near, say military strategists.
Slide Show: 10 SQL Injection Tools For Database Pwnage
Slideshows  |  4/11/2012  | 
Black hat hackers and pen testers alike use these tools to dump data, perform privilege escalations, and effectively take over sensitive databases
Slide Show: The (Not-So) Elite Eight In Higher Ed Breach Madness
Slideshows  |  3/14/2012  | 
Basketball has March Madness, but higher ed IT should be competing to stay out of the brackets for last year's worst breaches
Slide Show: 10 Movie Scenes Of Authentication Worth Rewatching
Slideshows  |  3/6/2012  | 
From the prophetic to the downright silly, these scenes are sure to entertain any security pro
Who Is Anonymous: 10 Key Facts
Slideshows  |  2/6/2012  | 
Anonymous 'hacktivists' aim to expose what they call government and establishment hypocrisy. Take a closer look at the group, its offshoots, and its infamous attacks.
7 Tools To Tighten Healthcare Data Security
Slideshows  |  1/24/2012  | 
Most of the largest healthcare data security and privacy breaches have involved lost or stolen mobile computing devices. Consider these tools and tips for protecting patient data and managing breaches.
Slide Show: Top 10 Holiday Phishing Scams
Slideshows  |  11/30/2011  | 
The following scams demonstrate the ways attackers are crafting their messages during the holidays
Ten Big Breaches In 2011
Slideshows  |  11/29/2011  | 
No one was immune: not social networks, not financial institutions, and not even security firms
Slide Show: 10 Tips And Best Practices For Becoming A Data Security Detective
Slideshows  |  11/28/2011  | 
Tips from security insiders on gathering and analyzing security intelligence and identifying new threats, as well as APT attacks
Page 1 / 2   >   >>


Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Must Reads - September 25, 2014
Dark Reading's new Must Reads is a compendium of our best recent coverage of identity and access management. Learn about access control in the age of HTML5, how to improve authentication, why Active Directory is dead, and more.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-5485
Published: 2014-09-30
registerConfiglet.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via unspecified vectors, related to the admin interface.

CVE-2012-5486
Published: 2014-09-30
ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character.

CVE-2012-5487
Published: 2014-09-30
The sandbox whitelisting function (allowmodule.py) in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain privileges to bypass the Python sandbox restriction and execute arbitrary Python code via vectors related to importing.

CVE-2012-5488
Published: 2014-09-30
python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to createObject.

CVE-2012-5489
Published: 2014-09-30
The App.Undo.UndoSupport.get_request_var_or_attr function in Zope before 2.12.21 and 3.13.x before 2.13.11, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote authenticated users to gain access to restricted attributes via unspecified vectors.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
In our next Dark Reading Radio broadcast, we’ll take a close look at some of the latest research and practices in application security.