Database Security
Authentication
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management

DRTV

A New Model for 'Mathematically Provable Security'
A New Model for 'Mathematically Provable Security'
Dark Reading Videos  |  9/14/2017  | 
Winn Schwartau, CEO of The Security Awareness Company, says we all know the old model of security is broken and it's time for a new one.
How Legendary Carder, Hacker Roman Seleznev Was Caught, Sentenced
How Legendary Carder, Hacker Roman Seleznev Was Caught, Sentenced
Dark Reading Videos  |  9/6/2017  | 
Assistant US Attorney Norman Barbosa visits the Dark Reading News Desk to discuss details of the credit card hacking case that led to an unprecedented 27-year prison sentence.
The Active Directory Botnet
The Active Directory Botnet
Dark Reading Videos  |  8/30/2017  | 
It's a nightmare of an implementation error with no easy fix. Ty Miller and Paul Kalinin explain how and why an attacker could build an entire botnet inside your organization.
Training Courses for Aspiring Cybercriminals Put Security Education To Shame
Training Courses for Aspiring Cybercriminals Put Security Education To Shame
Dark Reading Videos  |  8/29/2017  | 
Reasonably priced, module-based training courses and helpful forums will train a beginner in all the tools and techniques of the successful cybercriminal, Rick Holland of Digital Shadows explains.
The Benefits of Exploiting Attackers' Favorite Tools
The Benefits of Exploiting Attackers' Favorite Tools
Dark Reading Videos  |  8/22/2017  | 
Symantec senior threat researcher Waylon Grange explains that attackers write vulnerable code, too.
How Bad Teachers Ruin Good Machine Learning
How Bad Teachers Ruin Good Machine Learning
Dark Reading Videos  |  8/18/2017  | 
Sophos data scientist Hillary Sanders explains how security suffers when good machine learning models are trained on bad testing data.
The Shadow Brokers: How They Changed 'Cyber Fear'
The Shadow Brokers: How They Changed 'Cyber Fear'
Dark Reading Videos  |  8/17/2017  | 
At Black Hat USA, Matt Suiche, founder of Comae Technologies, describes what we know about the Shadow Brokers and how they have changed the business of cyber fear.
How to Handle Threats When Short-Staffed
How to Handle Threats When Short-Staffed
Dark Reading Videos  |  2/3/2017  | 
Skybox’s Michelle Cobb, VP of Worldwide Marketing, explains how automation and advanced analytics can give security teams the data they need when their teams are stretched
Threat Hunting: Going After The Big Game
Threat Hunting: Going After The Big Game
Dark Reading Videos  |  11/3/2016  | 
The Black Hat News Desk welcomes Jian Zhen from Endgame.
Partners In The Battle Against Cyberthreats
Partners In The Battle Against Cyberthreats
Dark Reading Videos  |  10/6/2016  | 
George Karidis of CompuCom and Rodel Alejo from Intel stop by the Dark Reading News Desk.
Cybercriminals' Superior Business Savvy Keeps Them Ahead
Cybercriminals' Superior Business Savvy Keeps Them Ahead
Dark Reading Videos  |  9/30/2016  | 
Rick Holland of Digital Shadows explains how the attackers' superior business agility, faster change management, specialized job force, lower barriers to entry and bulletproof hosting keeps them ahead of the good guys.
Rise Of Machine Learning: Advancing Security With ML
Rise Of Machine Learning: Advancing Security With ML
Dark Reading Videos  |  9/20/2016  | 
Hal Lonas of Webroot drops by the Dark Reading News Desk at Black Hat.
The Future Of AI-Based Cybersecurity: It's Here Now
The Future Of AI-Based Cybersecurity: It's Here Now
Dark Reading Videos  |  9/19/2016  | 
Stuart McClure, president and CEO of Cylance, stops by the Dark Reading News Desk at Black Hat.
Look The Other Way: DDoS Attacks As Diversions
Look The Other Way: DDoS Attacks As Diversions
Dark Reading Videos  |  9/7/2016  | 
Black Hat News Desk talks to Joe Loveless of Neustar.
Bad Boys, Whatcha Gonna Do When They Come For You?
Bad Boys, Whatcha Gonna Do When They Come For You?
Dark Reading Videos  |  9/7/2016  | 
A Black Hat News Desk discussion with Shehzad Merchant of Gigamon.
In Brief: The Unusual Suspects -- DeMystifying Attack Groups
In Brief: The Unusual Suspects -- DeMystifying Attack Groups
Dark Reading Videos  |  3/31/2016  | 
Your adversary is an imperfect human being. Use that knowledge to fight back.
The Threat Of Security Analytics Complexity
The Threat Of Security Analytics Complexity
Dark Reading Videos  |  3/23/2016  | 
Congratulations! You're protecting your organization with layered security...but now you're drowning in more security analytics data flows than you can handle.
In Brief: Transforming SOCs to SICs
In Brief: Transforming SOCs to SICs
Dark Reading Videos  |  3/22/2016  | 
SPONSORED: Greg Boison, director of homeland and cybersecurity for Lockheed Martin, talks to Brian Gillooly at the RSA Conference about how to transform a security operations center into a security intelligence center, and Lockheed Martin's approach. See the full interview here.
Using Offensive Security Mindset To Create Best Defense
Using Offensive Security Mindset To Create Best Defense
Dark Reading Videos  |  3/2/2016  | 
Carbon Black's CTO and chief security strategist talk about how their background in offensive security helps them think like attackers, and better defend against them.
Fidelis CSO Talks Insiders, Data Science, Encryption Backdoors, Kill Chain
Fidelis CSO Talks Insiders, Data Science, Encryption Backdoors, Kill Chain
Dark Reading Videos  |  3/2/2016  | 
The chief security officer of Fidelis Cybersecurity talks about managing insider risks, harnessing the power of metadata, and fending off attackers throughout the entire kill chain.
From SOC To SIC: Transforming Security Operations Centers
From SOC To SIC: Transforming Security Operations Centers
Dark Reading Videos  |  3/2/2016  | 
Lockheed Martin Director of Homeland and Cybersecurity Greg Boison talks about transforming the security operations center into the security intelligence center.
The Unusual Suspects: Demystifying Attack Groups Through Threat Intelligence
The Unusual Suspects: Demystifying Attack Groups Through Threat Intelligence
Dark Reading Videos  |  3/1/2016  | 
Colin McKinty, vice president of cybersecurity strategy, Americas, for BAE Systems talks about the importance of knowing your adversary.
Visual Analytics And Threat Intelligence With Raffael Marty
Visual Analytics And Threat Intelligence With Raffael Marty
Dark Reading Videos  |  9/29/2015  | 
Raffael Marty, founder and CEO of PixlCloud, stops by Dark Reading News Desk at Black Hat to discuss how to harness security data, visualize it, and put it to use, so it's more than just pretty pictures.
Attribution & The Nation-State Malware Market
Attribution & The Nation-State Malware Market
Dark Reading Videos  |  9/10/2015  | 
Malware researcher Marion Marschalek visits the Dark Reading News Desk at Black Hat to discuss attribution and the legitimate market for nation-states where "malware" is in the eyes of the beholder.
China's Great Cannon: The Great Firewall's More Aggressive Partner
China's Great Cannon: The Great Firewall's More Aggressive Partner
Dark Reading Videos  |  9/3/2015  | 
Crowdstrike researchers visit Dark Reading News Desk at Black Hat to describe how China went on the offensive and extended its Internet censorship efforts beyond Chinese borders.
Catching Attackers With A Security Delivery Platform
Catching Attackers With A Security Delivery Platform
Dark Reading Videos  |  8/27/2015  | 
Shehzad Merchant, CTO of Gigamon, visits the Dark Reading News Desk to discuss a platform for finding and containing attackers once they've broken through your perimeter defense.
Evolution Of The CISO And The Board: BAE Systems’ Jim Anderson Explains
Evolution Of The CISO And The Board: BAE Systems’ Jim Anderson Explains
Dark Reading Videos  |  8/27/2015  | 
President of the Americas for BAE Systems Applied Intelligence, Jim Anderson, joins the Dark Reading News Desk at Black Hat to explain how the CISO has to improve communications with the corporate board and better explain overall security strategy.
Richard Bejtlich Talks Business Security Strategy, US Security Policy
Richard Bejtlich Talks Business Security Strategy, US Security Policy
Dark Reading Videos  |  8/17/2015  | 
Chief security strategist of FireEye talks at the Dark Reading News Desk at Black Hat about attribution, the war on encryption, and what should drive your security department.
Former White House Advisor, Paul Kurtz, On Info Sharing & Government Action
Former White House Advisor, Paul Kurtz, On Info Sharing & Government Action
Dark Reading Videos  |  8/12/2015  | 
Former cybersecurity advisor to the White House talks to Sara Peters at Black Hat about information sharing, attribution, cybersecurity legislation, and his new start-up.


6 Ways Greed Has a Negative Effect on Cybersecurity
Joshua Goldfarb, Co-founder & Chief Product Officer, IDRRA ,  6/11/2018
Weaponizing IPv6 to Bypass IPv4 Security
John Anderson, Principal Security Consultant, Trustwave Spiderlabs,  6/12/2018
'Shift Left' & the Connected Car
Rohit Sethi, COO of Security Compass,  6/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12026
PUBLISHED: 2018-06-17
During the spawning of a malicious Passenger-managed application, SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows such applications to replace key files or directories in the spawning communication directory with symlinks. This then could result in arbitrary reads and writes, which in tur...
CVE-2018-12027
PUBLISHED: 2018-06-17
An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of said ...
CVE-2018-12028
PUBLISHED: 2018-06-17
An Incorrect Access Control vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows a Passenger-managed malicious application, upon spawning a child process, to report an arbitrary different PID back to Passenger's process manager. If the malicious application then generates an e...
CVE-2018-12029
PUBLISHED: 2018-06-17
A race condition in the nginx module in Phusion Passenger 3.x through 5.x before 5.3.2 allows local escalation of privileges when a non-standard passenger_instance_registry_dir with insufficiently strict permissions is configured. Replacing a file with a symlink after the file was created, but befor...
CVE-2018-12071
PUBLISHED: 2018-06-17
A Session Fixation issue exists in CodeIgniter before 3.1.9 because session.use_strict_mode in the Session Library was mishandled.