Attacks/Breaches
News & Commentary
Three Arrested For Cell Phone Hacking Scam
Dark Reading Staff, Quick Hits
Defendants accused of using stolen phone details to make international calls charged to victims’ accounts.
By Dark Reading Staff , 7/25/2016
Comment0 comments  |  Read  |  Post a Comment
7 Ways To Lock Down Your Privileged Accounts
Steve Zurier, Freelance Writer
Admin passwords contained within privileged accounts can open up the keys to the kingdom to determined attackers. Here's how to stop them.
By Steve Zurier Freelance Writer, 7/22/2016
Comment0 comments  |  Read  |  Post a Comment
Tools & Training To ‘Hack Yourself’ Into Better Security
Ofer Israeli, Founder & VP, R&D, illusive networksCommentary
How to teach your blue team to think like the red team when your network is under attack and time is your most valuable asset.
By Ofer Israeli Founder & VP, R&D, illusive networks, 7/21/2016
Comment3 comments  |  Read  |  Post a Comment
Majority Of Companies Say Trade Secrets Likely Compromised
Jai Vijayan, Freelance writerNews
About 60 percent of companies in a survey by Ponemon and Kilpatrick Townsend say at least some of their trade secrets are likely in the hands of rivals
By Jai Vijayan Freelance writer, 7/21/2016
Comment0 comments  |  Read  |  Post a Comment
Security Gets Political With Hacks, Darknet Sales
Terry Sweeney, News
As presidential campaigns get into full swing, neither party is immune to online chicanery -- and neither are voters
By Terry Sweeney , 7/21/2016
Comment0 comments  |  Read  |  Post a Comment
Improving Attribution & Malware Identification With Machine Learning
Sara Peters, Senior Editor at Dark ReadingNews
New technique may be able to predict not only whether unfamiliar, unknown code is malicious, but also what family it is and who it came from.
By Sara Peters Senior Editor at Dark Reading, 7/20/2016
Comment0 comments  |  Read  |  Post a Comment
5 ‘Mr. Robot’ Hacks That Could Happen in Real Life
Sarah Vonnegut, Application Security Community Specialist, CheckmarxCommentary
As season two of the popular TV series gets underway, we reality-check anti-hero Elliot’s hacking prowess against real-life security and attack scenarios.
By Sarah Vonnegut Application Security Community Specialist, Checkmarx, 7/20/2016
Comment0 comments  |  Read  |  Post a Comment
Ex-Cardinal Exec Jailed For Hacking Astros
Dark Reading Staff, Quick Hits
Christopher Correa gets 46 months for unlawful access of rival’s database and downloading confidential details.
By Dark Reading Staff , 7/20/2016
Comment0 comments  |  Read  |  Post a Comment
Deconstructing Connected Cars: A Hack Waiting To Happen
Cameron Camp, ESET Security ResearcherCommentary
Why your automobile’s simple and reliable Controller Area Network will put you at risk in the brave new world of connected and autonomous driving.
By Cameron Camp ESET Security Researcher, 7/19/2016
Comment0 comments  |  Read  |  Post a Comment
Hacker Jailed For Celebrity Swatting, Doxing
Dark Reading Staff, Quick Hits
New Yorker Mir Islam given a two-year jail term for online harassment of public figures.
By Dark Reading Staff , 7/19/2016
Comment0 comments  |  Read  |  Post a Comment
Ubuntu Forums Database Hacked
Dark Reading Staff, Quick Hits
Canonical probe reveals user account details of 2 million stolen, passwords safe.
By Dark Reading Staff , 7/19/2016
Comment0 comments  |  Read  |  Post a Comment
Ransomware Victims Rarely Pay The Full Ransom Price
Jai Vijayan, Freelance writerNews
The purveyors of cyber-extortion schemes often willing to negotiate their ransom fees, F-Secure study finds.
By Jai Vijayan Freelance writer, 7/18/2016
Comment2 comments  |  Read  |  Post a Comment
Locking Down Windows 10: 6 New Features
Rutrell Yasin, Business Technology Writer, Tech Writers Bureau
The latest version of Windows includes expanded identity and access controls, advanced Bitlocker encryption, and new malware protections.
By Rutrell Yasin Business Technology Writer, Tech Writers Bureau, 7/18/2016
Comment0 comments  |  Read  |  Post a Comment
UK Rail Hit By Four Cyberattacks In One Year
Dark Reading Staff, Quick Hits
No disruption to rail network caused, hackers appear to be nation-states, says cybersecurity firm Darktrace.
By Dark Reading Staff , 7/18/2016
Comment0 comments  |  Read  |  Post a Comment
Crooks Hack Taiwan ATMs With 'Smartphone,' No Bank Card, Steal Millions
Dark Reading Staff, Quick Hits
Police say Russian suspects operate ATM machines without bank card, make off with $2.2 million.
By Dark Reading Staff , 7/18/2016
Comment0 comments  |  Read  |  Post a Comment
Chinese Hacker Gets US Prison Term For Military Data Theft
Dark Reading Staff, Quick Hits
Su Bin worked alongside Chinese military officers to steal sensitive data from major US defense contractors.
By Dark Reading Staff , 7/15/2016
Comment0 comments  |  Read  |  Post a Comment
What SMBs Need To Know About Security But Are Afraid To Ask
Sean Martin, CISSP | President, imsmartin
A comprehensive set of new payment protection resources from the PCI Security Standards Council aims to help small- and medium-sized businesses make security a priority.
By Sean Martin CISSP | President, imsmartin, 7/14/2016
Comment1 Comment  |  Read  |  Post a Comment
72% of Black Hat Attendees Expect To Be Hit By 'Major' Data Breach Within A Year
Sara Peters, Senior Editor at Dark ReadingCommentary
End users are the biggest weakness, and we're not doing enough to address the problem.
By Sara Peters Senior Editor at Dark Reading, 7/14/2016
Comment1 Comment  |  Read  |  Post a Comment
Adobe Fixes 52 Vulnerabilities In Flash
Dark Reading Staff, Quick Hits
Updated version fixes CVEs that allowed remote code execution on affected machines.
By Dark Reading Staff , 7/13/2016
Comment0 comments  |  Read  |  Post a Comment
Fiat Chrysler Launches Bug Bounty Program
Dark Reading Staff, Quick Hits
Platform will be leveraged to identify and resolve security issues in automobile software.
By Dark Reading Staff , 7/13/2016
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by markstone
Current Conversations great post nice
In reply to: Re: Pending Review
Post Your Own Reply
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
DNS Threats: What Every Enterprise Should Know
Domain Name System exploits could put your data at risk. Here's some advice on how to avoid them.
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio

The cybersecurity profession struggles to retain women (figures range from 10 to 20 percent). It's particularly worrisome for an industry with a rapidly growing number of vacant positions.

So why does the shortage of women continue to be worse in security than in other IT sectors? How can men in infosec be better allies for women; and how can women be better allies for one another? What is the industry doing to fix the problem -- what's working, and what isn't?

Is this really a problem at all? Are the low numbers simply an indication that women do not want to be in cybersecurity, and is it possible that more women will never want to be in cybersecurity? How many women would we need to see in the industry to declare success?

Join Dark Reading senior editor Sara Peters and guests Angela Knox of Cloudmark, Barrett Sellers of Arbor Networks, Regina Wallace-Jones of Facebook, Steve Christey Coley of MITRE, and Chris Roosenraad of M3AAWG on Wednesday, July 13 at 1 p.m. Eastern Time to discuss all this and more.