DRTV

What a Forensic Analysis of 'Worst Voting Machine Ever' Turned Up
What a Forensic Analysis of 'Worst Voting Machine Ever' Turned Up
Dark Reading Videos  |  8/22/2018  | 
University of Copenhagen associate professor discusses what he found when he dug into some decommissioned WinVote voting machines.
Malicious Cryptomining & Other Shifting Threats
Malicious Cryptomining & Other Shifting Threats
Dark Reading Videos  |  8/17/2018  | 
Skybox Security CMO Michelle Johnson Cobb discloses research results that include a spike in malicious cryptomining during Bitcoins peak, a shift to outside-the-perimeter mobile threats, and more.
Using Threat Deception on Malicious Insiders
Using Threat Deception on Malicious Insiders
Dark Reading Videos  |  8/17/2018  | 
Illusive Networks CEO Ofer Israeli reveals how distributed deception technology can be as effective against insider threats as it is against outsiders, since it thwarts the lateral movement common to both.
Simplifying Endpoint Hardening, Defense & Response
Simplifying Endpoint Hardening, Defense & Response
Dark Reading Videos  |  8/17/2018  | 
Ziften CEO Mike Hamilton advocates taking complexity, time, and cost out of multi-faceted endpoint protection, with a single-agent solution for laptops, desktops, servers, and cloud VMs.
The Rise of Bespoke Ransomware
The Rise of Bespoke Ransomware
Dark Reading Videos  |  8/17/2018  | 
Drawing from a recent study by SophosLabs, Principal Research Scientist Chester Wisniewski highlights a shift to the rise of more targeted and sophisticated ransomware threats, such as SamSam.
Attacking Data Integrity & Hacking Radiation Monitoring Devices
Attacking Data Integrity & Hacking Radiation Monitoring Devices
Dark Reading Videos  |  9/8/2017  | 
Ruben Santamarta shows radio-based vulnerabilities and investigates how the integrity of critical data can be manipulated to simulate, complicate or exacerbate emergency situations.
Activists Beware: The Latest In 3G & 4G Spying
Activists Beware: The Latest In 3G & 4G Spying
Dark Reading Videos  |  9/5/2017  | 
Ravi Borgaonkar describes new 3G & 4G vulnerabilities that enable IMSI catchers to be smarter, stealthier snoopers.
The Active Directory Botnet
The Active Directory Botnet
Dark Reading Videos  |  8/30/2017  | 
It's a nightmare of an implementation error with no easy fix. Ty Miller and Paul Kalinin explain how and why an attacker could build an entire botnet inside your organization.
IoTCandyJar: A HoneyPot for any IoT Device
IoTCandyJar: A HoneyPot for any IoT Device
Dark Reading Videos  |  8/29/2017  | 
Palo Alto Networks researchers explain how they designed an affordable, behavior-based honeypot to detect attacks on an IoT device -- any kind of IoT device.
Turning Sound Into Keystrokes: Skype & Type
Turning Sound Into Keystrokes: Skype & Type
Dark Reading Videos  |  8/25/2017  | 
Don't let your fingers do the talking in a Skype session. The callers on the other end could know what you're writing, researcher Daniele Lain explains.
Why Most Security Awareness Training Fails (And What To Do About It)
Why Most Security Awareness Training Fails (And What To Do About It)
Dark Reading Videos  |  8/22/2017  | 
Arun Vishwanath discusses why awareness training shouldn't apply the same cure to every ailment then blame the patient when the treatment doesn't work.
ShieldFS Hits 'Rewind' on Ransomware
ShieldFS Hits 'Rewind' on Ransomware
Dark Reading Videos  |  8/18/2017  | 
Federico Maggi and Andrea Continella discuss a new tool to protect filesystems by disrupting and undoing ransomware's encryption activities.
How Bad Teachers Ruin Good Machine Learning
How Bad Teachers Ruin Good Machine Learning
Dark Reading Videos  |  8/18/2017  | 
Sophos data scientist Hillary Sanders explains how security suffers when good machine learning models are trained on bad testing data.
Preparing For Government Data Requests After Apple Vs. FBI
Preparing For Government Data Requests After Apple Vs. FBI
Dark Reading Videos  |  10/31/2016  | 
Jennifer Granick and Riana Pfefferkorn discuss lessons learned from the Apple-FBI case, and how security pros should be prepared if government data requests hit closer to home.
Making The Dark Web Less Scary
Making The Dark Web Less Scary
Dark Reading Videos  |  9/14/2016  | 
Lance James, chief scientist at Flashpoint, stops by the Dark Reading News Desk to share his thoughts about the Dark Web.
Yes, Your Database Can Be Breached Through A Coffee Pot
Yes, Your Database Can Be Breached Through A Coffee Pot
Dark Reading Videos  |  9/13/2016  | 
Aditya Gupta, CEO of Attify, talks about how to improve Internet of Things security and the very worst scenarios he's encountered in an IoT penetration test.
More Reasons To Drop The War On Encryption
More Reasons To Drop The War On Encryption
Dark Reading Videos  |  10/9/2015  | 
Rod Beckstrom, founding director of the US National Cybersecurity Center visits the Dark Reading News Desk at Black Hat to discuss cybercrime legislation, takedown operations, and why law enforcement should drop the war on encryption.
Pen Testing A Smart City
Pen Testing A Smart City
Dark Reading Videos  |  8/21/2015  | 
Black Hat speakers visit the Dark Reading News Desk to discuss the stunning complexity and many soft spots of a metropolis full of IoT devices.
Re-evaluating Ransomware, Without The Hype
Re-evaluating Ransomware, Without The Hype
Dark Reading Videos  |  8/18/2015  | 
Engin Kirda, chief architect of LastLine, joins the Dark Reading News Desk at Black Hat Aug. 5 to explain why most ransomware isn't as scary as we think.
An Apple Fanboi Writing Malware For Mac OSX
An Apple Fanboi Writing Malware For Mac OSX
Dark Reading Videos  |  8/18/2015  | 
Patrick Wardle, director of research for Synack, spoke about his "Writing [email protected]$$ Malware for OS X" session at the Dark Reading News Desk at Black Hat.
What Is The FIDO Alliance?
What Is The FIDO Alliance?
Dark Reading Videos  |  4/2/2014  | 
Phillip Dunkelberger of Nok Nok Labs explains why its proposed specifications will transform computing.
Richard Clarke: Snowden Should Be in Prison
Richard Clarke: Snowden Should Be in Prison
Dark Reading Videos  |  3/28/2014  | 
Former White House cybersecurity advisor says Edward Snowden has jeopardized the United States' national security.
Richard Clarke: Foreign Governments Not So Surprised by US Snooping
Richard Clarke: Foreign Governments Not So Surprised by US Snooping
Dark Reading Videos  |  3/27/2014  | 
Former White House cybersecurity advisor thinks foreign governments' outrage is largely an act.
Finally, Plug & Play Authentication!
Finally, Plug & Play Authentication!
Dark Reading Videos  |  3/26/2014  | 
FIDO Alliance technology will allow enterprises to replace passwords with plug-and-play multifactor authentication.
Why FIDO Alliance Standards Will Kill Passwords
Why FIDO Alliance Standards Will Kill Passwords
Dark Reading Videos  |  2/18/2014  | 
Phillip Dunkelberger of Nok Nok Labs tells why the time is finally ripe for a password-free computing experience.
How & Why Cloud Security Will Empower Users
How & Why Cloud Security Will Empower Users
Dark Reading Videos  |  1/27/2014  | 
Cloud computing growth means big changes for enterprises of all sizes and in all markets.


New Free Tool Scans for Chrome Extension Safety
Dark Reading Staff 2/21/2019
Making the Case for a Cybersecurity Moon Shot
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  2/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6485
PUBLISHED: 2019-02-22
Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller (ADC) 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5...
CVE-2019-9020
PUBLISHED: 2019-02-22
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in ext/xmlrpc/libxmlrpc...
CVE-2019-9021
PUBLISHED: 2019-02-22
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the file...
CVE-2019-9022
PUBLISHED: 2019-02-22
An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dns_get_record misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects php_parser...
CVE-2019-9023
PUBLISHED: 2019-02-22
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in ext/mbstring/oniguruma/regcom...