DRTV

The Uncertain Fate of WHOIS, & Other Matters of Internet Accountability
The Uncertain Fate of WHOIS, & Other Matters of Internet Accountability
Dark Reading Videos  |  8/20/2018  | 
Paul Vixie discusses the uncertain fate of WHOIS in the age of GDPR, the risks of domain name homographs, and other underpinnings of the Internet that are hard to trust and harder to fix.
Ensuring Web Applications Are Hardened, Secure
Ensuring Web Applications Are Hardened, Secure
Dark Reading Videos  |  8/17/2018  | 
Ofer Maor of Synopsys Software Integrity Group describes how automated testing can non-intrusively pinpoint where developers may be inadvertently exposing data and/or violating compliance mandates.
Simplifying Endpoint Hardening, Defense & Response
Simplifying Endpoint Hardening, Defense & Response
Dark Reading Videos  |  8/17/2018  | 
Ziften CEO Mike Hamilton advocates taking complexity, time, and cost out of multi-faceted endpoint protection, with a single-agent solution for laptops, desktops, servers, and cloud VMs.
Attacking Developers Using 'Shadow Containers'
Attacking Developers Using 'Shadow Containers'
Dark Reading Videos  |  9/15/2017  | 
Sagie Dulce describes why developers are such attractive targets and how the Docker API can be exploited to use one of developers' favorite tools against them in sneaky, obfuscated attacks.
Paul Vixie: How CISOs Can Use DNS to Up Security
Paul Vixie: How CISOs Can Use DNS to Up Security
Dark Reading Videos  |  9/11/2017  | 
FarSight CEO and DNS master Paul Vixie explains how enterprises, not just telecoms and infrastructure providers, can use DNS to improve cybersecurity.
Dino Dai Zovi Dives Into Container Security, SecDevOps
Dino Dai Zovi Dives Into Container Security, SecDevOps
Dark Reading Videos  |  8/23/2017  | 
Dino Dai Zovi discusses the under-explored security aspects of Docker, data center orchestration, and containers.
Preparing For Government Data Requests After Apple Vs. FBI
Preparing For Government Data Requests After Apple Vs. FBI
Dark Reading Videos  |  10/31/2016  | 
Jennifer Granick and Riana Pfefferkorn discuss lessons learned from the Apple-FBI case, and how security pros should be prepared if government data requests hit closer to home.
Partners In The Battle Against Cyberthreats
Partners In The Battle Against Cyberthreats
Dark Reading Videos  |  10/6/2016  | 
George Karidis of CompuCom and Rodel Alejo from Intel stop by the Dark Reading News Desk.
D-FENSE! Using Research To Craft Effective Cyber Defenses
D-FENSE! Using Research To Craft Effective Cyber Defenses
Dark Reading Videos  |  9/23/2016  | 
A pair of experts from Imperva stops by the Dark Reading News Desk to chat.
Keep It Simple: Security For A Complex Enterprise
Keep It Simple: Security For A Complex Enterprise
Dark Reading Videos  |  9/14/2016  | 
Michelle Cobb of Skybox Security talks to Dark Reading about security management.
Wisdom From A Thought Leader: AppSec Best Practices
Wisdom From A Thought Leader: AppSec Best Practices
Dark Reading Videos  |  9/14/2016  | 
The Black Hat News Desk chats with Jeff Williams, CTO at Contrast Security.
Don't Trust That Trust Mechanism: Vulnerabilities In Digital Certificates
Don't Trust That Trust Mechanism: Vulnerabilities In Digital Certificates
Dark Reading Videos  |  9/14/2016  | 
Tom Nipravsky, security researcher at Deep Instinct, explains how to tell the difference between a digital certificate that's worth your trust and one that isn't.
Dan Kaminsky On How Not To Lose The Internet As We Know It
Dan Kaminsky On How Not To Lose The Internet As We Know It
Dark Reading Videos  |  9/12/2016  | 
Dan Kaminsky discusses how to improve the security and privacy of the Internet without destroying the openness and freedom to innovate that it has always provided.
More Reasons To Drop The War On Encryption
More Reasons To Drop The War On Encryption
Dark Reading Videos  |  10/9/2015  | 
Rod Beckstrom, founding director of the US National Cybersecurity Center visits the Dark Reading News Desk at Black Hat to discuss cybercrime legislation, takedown operations, and why law enforcement should drop the war on encryption.
Jeremiah Grossman's Tips For Black Hat Hopefuls & More
Jeremiah Grossman's Tips For Black Hat Hopefuls & More
Dark Reading Videos  |  9/4/2015  | 
Founder of WhiteHat Security visits the Dark Reading News Desk to dish on the Black Hat Briefings selection process, the state of Web security, the Wassenaar Arrangement, and Flash.
China's Great Cannon: The Great Firewall's More Aggressive Partner
China's Great Cannon: The Great Firewall's More Aggressive Partner
Dark Reading Videos  |  9/3/2015  | 
Crowdstrike researchers visit Dark Reading News Desk at Black Hat to describe how China went on the offensive and extended its Internet censorship efforts beyond Chinese borders.
A Virtual Tour of IBMs SOCs, With Roger Hellman
A Virtual Tour of IBMs SOCs, With Roger Hellman
Dark Reading Videos  |  8/27/2015  | 
IBM's Roger Hellman visits the Dark Reading News Desk to talk about how IBM recreated a unique security operations center experience at Black Hat.
Paul Vixie On DNS Security & Botnet Takedowns
Paul Vixie On DNS Security & Botnet Takedowns
Dark Reading Videos  |  8/24/2015  | 
Internet pioneer and CEO of Farsight Security joins the Dark Reading News Desk at Black Hat.
Cloud & The Security Skills Gap
Cloud & The Security Skills Gap
Dark Reading Videos  |  7/6/2015  | 
F5 Network security evangelist David Holmes tells how cloud outsourcing can help companies fill the talent gap in three critical areas of enterprise security.
The Failures of Internet Governance
The Failures of Internet Governance
Dark Reading Videos  |  4/28/2014  | 
Snooping and cybercrime exacerbate the problem of having a world without borders inside a world with many borders.
What Is The FIDO Alliance?
What Is The FIDO Alliance?
Dark Reading Videos  |  4/2/2014  | 
Phillip Dunkelberger of Nok Nok Labs explains why its proposed specifications will transform computing.
Finally, Plug & Play Authentication!
Finally, Plug & Play Authentication!
Dark Reading Videos  |  3/26/2014  | 
FIDO Alliance technology will allow enterprises to replace passwords with plug-and-play multifactor authentication.
How & Why Cloud Security Will Empower Users
How & Why Cloud Security Will Empower Users
Dark Reading Videos  |  1/27/2014  | 
Cloud computing growth means big changes for enterprises of all sizes and in all markets.
What Next-Gen Security Looks Like
What Next-Gen Security Looks Like
Dark Reading Videos  |  12/9/2013  | 
The nightmare of BYOD is giving rise to a new generation of intelligent, highly scalable security products and platforms.


New Free Tool Scans for Chrome Extension Safety
Dark Reading Staff 2/21/2019
Making the Case for a Cybersecurity Moon Shot
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  2/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6485
PUBLISHED: 2019-02-22
Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller (ADC) 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5...
CVE-2019-9020
PUBLISHED: 2019-02-22
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in ext/xmlrpc/libxmlrpc...
CVE-2019-9021
PUBLISHED: 2019-02-22
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the file...
CVE-2019-9022
PUBLISHED: 2019-02-22
An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dns_get_record misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects php_parser...
CVE-2019-9023
PUBLISHED: 2019-02-22
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in ext/mbstring/oniguruma/regcom...